TechSpot

Help with iamfamous.dll removal

By bigsal2k9
Feb 15, 2009
  1. hey all first post for me:)

    well here's the problem ive just scanned my laptop and apparently using symantec anti virus i have got 'iamfamous.dll' and another by the name of 's-2-1-87-100004873-100022991-100021377-9969.com'

    and for maybe the past week or so firefox hasnt been running properly and google has been redirecting me to completely random sites.

    most updates for any software i have dont seem to be working, i think these 2 virus' are stopping them from connecting to their servers or w/e it is they connect to....

    umm the iamfamous.dll is in the mozilla firefox components folder and the 9969.com is in the 'RECYCLER' folder

    another big problem is that recently my laptop has been crashing at the windows log in screen once ive entered my password...

    and another problem is that right click wont work on the start menu, but works elsewhere.

    since this is pretty much my first virus' and im not really clued in on programming and what not i am pretty much sh****** my pants:)

    if anyone has had the same problem or if anyone knows what to do please help!

    if you are gunna help and please leave a guide on how to do it otherwise i will not have clue of whatever you said:p

    thanks
     
  2. mflynn

    mflynn TS Rookie Posts: 2,793

    Do the TechSpot 8 steps: http://www.techspot.com/vb/topic58138.html

    Skip no steps (do not install another virus scanner if you already have one, ask me before installing a Firewall).

    Most importantly update MalwareBytes and SuperAntiSpyware!

    Mike
     
  3. bigsal2k9

    bigsal2k9 TS Rookie Topic Starter Posts: 21

    ..... i kinda already had symantec and a mate told me to install a new free one called avast, when i performed a new scan on this 1 it found 8 virus' and 1 is in the windows folder so i dont want to remove incase it screws my system up. and the other apparently does not exist....

    so im about to take the steps in the link you sent me

    thanks and will get back to u asap

    that malware link takes me to the site but when i click download apparently firefox cannot connect to the malware server? is that the virus on my laptop doing that or is that a genuine problem?
     
  4. mflynn

    mflynn TS Rookie Posts: 2,793

    Reboot to Safe Mode Networking and try from there!

    Mike
     
  5. bigsal2k9

    bigsal2k9 TS Rookie Topic Starter Posts: 21

    ill give that a bash tomorw, i have been trying to get rid of this for about 4 hours now

    and not too sure on how to boot in safe mode, im letting avast do a thorough virus scan overnight and then ill see if connecting the malware server has been solved.

    thanks, but just cba faffin on with this anymore today
     
  6. mflynn

    mflynn TS Rookie Posts: 2,793

  7. bigsal2k9

    bigsal2k9 TS Rookie Topic Starter Posts: 21

    thanks and just curious, but if i was to system restore, would that fix the whole probelm?

    however avast did find that the trojan i have has infected some of the system restore files and those have now been deleted..
     
  8. mflynn

    mflynn TS Rookie Posts: 2,793

    You answered your own question. No!

    Go to safe Mode networking and proceed. We will clean SR later.

    Mike
     
  9. bigsal2k9

    bigsal2k9 TS Rookie Topic Starter Posts: 21

    wow thanks a million lol

    i didnt expect anyone to care so much about 1 persons problems:)

    you now have an admirer xd

    nah just messin with u, my system is still being scanned but will give safemode a go first thing in the morning and will upload those text files asap

    thanks

    right ive completed all of the steps in the link you sent me for the preliminary removal..

    ill add all the logs requested and hopefully we can do something from there

    thanks.

    and btw i found another problem, earlier i mentioned that 9669.com virus which has been quarantined by avast, now i cant access c drive as it says recycler then that virus file name does not exist....
     
  10. mflynn

    mflynn TS Rookie Posts: 2,793

    OK good job.

    The Recycler should go after all the below!

    The MBAM found and remove many BAD items.

    So another run indicated!

    OK there were found/removed items in MBAM so we need to run again as the first run likely exposed things that were not even seen the first time.

    So another run Quick Scan will likely find more. So UPDATE and run gain attach the new log.

    Then do this...

    Download SDFix to Desktop.

    http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

    On Desktop run SDdFix It will run (install) then close.

    Then reboot into Safe Mode

    As the computer starts up, tap the F8 key several times.

    On the Boot menu Choose Safe Mode.

    Click thu all the prompts to get to desktop.

    At Desktop
    My Computer C: drive. Double-click to open.

    Look for a folder called SD Fix. Double-click to enter SD Fix.

    Double-click to RunThis.bat. Type Y to begin.

    SD Fix does its job.

    When prompted hit the enter key to restart the computer

    Your computer will reboot.

    On normal restart the Fixtool will run again and complete the removal process then say Finished,
    Hit the Enter key to end the script and load your desktop icons.

    Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
    Attach the Report.txt file to your next post.
    =========================================
    Download ComboFix

    NOTE: If you have had ComboFix more than a few days old delete and re-download.

    Get it here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Or here: http://subs.geekstogo.com/ComboFix.exe

    Double click combofix.exe follow the prompts.

    Install Recovery Console if connected to the Internet!

    When finished, it will open a log.
    Attach the log and a new HJT log in your next reply.

    Note: Do not click combofix's window while its running. That may cause it to stall.

    Mike
     
  11. bigsal2k9

    bigsal2k9 TS Rookie Topic Starter Posts: 21

    thanks mike, ill giv the MBAM another run and have just updated it, so when thats done ill save the log and do the rest u asked me to

    cheers
     
     
  12. mflynn

    mflynn TS Rookie Posts: 2,793

    OK I will be here another 15-20 minutes then I have meeting that may be until 3-4 hours but I will check in as soon as I get back.

    Just get then sent.

    Mike
     
  13. bigsal2k9

    bigsal2k9 TS Rookie Topic Starter Posts: 21

    ahhh mike big problem!!

    after running the MBAM again, it found another infected file trojan which was boot.ini or sumthin along those lines

    then i installed that next software u gave and restarted my laptop

    now on my laptop is says "windows could not start because the following file is missing or corrupt:
    <windows root>\system32\hal.dll

    and i dont have a copy of windows anywhere..... so is there somewebsite i can get a copy of that file from then boot from floppy or sumthing?

    what do i do?!?!?!?!
     
  14. mflynn

    mflynn TS Rookie Posts: 2,793

    First this is recoverable so do not do anything drastic we can fix it!

    Did you get to Combofix, and if so did you add the Recovery console?

    We may need a windows cd even if you have to borrow one.

    Also this is not the fault of MBAM but indicates you definitely had something that was large and in charge!

    If you installed the recovery console then boot to it and skip down to At the prompt and continue from there down.

    If you did not install the recovery console then do the below to get it!
    On another computer..

    Download RC.ISO (Bootable Recovery Consle) from Here:

    http://www.thecomputerparamedic.com...

    Now burn this ISO image to a CD
    Once the CD is created, place it in the problem computer

    Then reboot that CD in the CD-ROM drive.
    Make sure the PC is set to boot from the CD as the primary boot device.

    When the PC boots, it will boot from the CD...after the first several screens load, you will be given a choice to choose R for Recovery Console.

    You will be asked to log in.

    At the prompt
    type
    bootcfg /rebuild
    Hit the Enter key
    then
    type
    exit

    This will reboot the computer hopefully into windows if not there can be other steps.

    Mike
     
  15. bigsal2k9

    bigsal2k9 TS Rookie Topic Starter Posts: 21

    thanks mike, i paniced

    luckily my dad is a bit of a computer wiz and he managed to fix it, took him several hours though and the virus is gone

    thanks for all your help
     
  16. mflynn

    mflynn TS Rookie Posts: 2,793

    Roger that!

    Mike
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.