1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Followed 8 step virus removal for 'iamfamous.dll'. Are my logs clean?

By RabiNiz ยท 9 replies
Jan 11, 2009
  1. Hi everybody,

    I accidentally opened a file that immediately showed up on my Symantec Antivirus as 'iamfamous.dll'. It could not delete the file. I have read that iamfamous.dll can log keystrokes and steal important information.

    Also, my google searches were being redirected, and there were ads on sites that would not normally have them. The system has also been somewhat slower, but not cripplingly so.

    Symantec started acting funny too. It kept asking for me to reboot, even after rebooting multiple times. 'Autoprotect' would also shut off automatically.

    iamfamous.dll later disappeared from its folder, and and the internet ads and redirection stopped. (I don't know exactly why).

    To be safe, I went through the updated 8 steps, and uninstalled Symantec, which I intend to reinstall soon.(University policy)

    I am worried that the virus (and others) may still be hidden away somewhere, logging my keystrokes. At this time, the only symptom I have is that the computer is a bit slow, though it may be because of all the new antiviruses that were installed during the 8 steps.

    I would really appreciate it If anyone could please look over my logs, and give me some advice on whether or not to format my hard drive.

    Thankyou very much!

    Attached Files:

  2. RabiNiz

    RabiNiz TS Rookie Topic Starter

    I forgot to add,

    Another symptom is that a game, GTA 3 is suddenly not working. Nothing happens when I click on its icon.

    So far, its the only program I have noticed that is not working.

    Please help!
    Should I format my drive?
  3. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Worst policy ever ! I'd say never re-install it (try Avira in the guide, way better ad it's free :) )

    uTorrent installed - well that's where my support stops :suspiciou
  4. RabiNiz

    RabiNiz TS Rookie Topic Starter

    It is a bad policy indeed. But we cannot access the campus wireless network without Symantec on our system!

    uTorrent is a bad idea too, though I`m *very* careful with it. I have never had any issues with it.
    This virus episode actually came from a random site that I am still kicking myself for trusting!

    So are the logs clean? Should I format my computer?

    Thankyou for your help!
  5. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    You're definitely not clean
    And I think you should ask again about that policy, it's definitely not right
  6. RabiNiz

    RabiNiz TS Rookie Topic Starter

    Could you please be a little more specific about what is definitely not clean?
    So the 8 steps failed.. where should I turn to now?

  7. SpiritWind

    SpiritWind TS Rookie Posts: 164

    P2P program(s)

    Hi :

    P2P programs form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P program is not configured correctly you may be sharing more files than you realise. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.

    When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Many of these Downloads are targeted to carry infections.

    Therefore, more and more Malware-Removal Forums will NOT help someone
    UNLESS the P2P program is completely REMOVED; University Policy does NOT
    include a ban on the use of such programs !?
  8. RabiNiz

    RabiNiz TS Rookie Topic Starter

    University policy is never straight on anything! I guess they have a contract with Symantec.

    I really appreciate the advice on P2P. I did not know that. I`ll look into understanding the configuration, or delete it if I cannot.

    More importantly, I am seeking advice on what to do about the infections that are -already- present on my computer.
    I actually have to run an important Global Climate Model soon. It needs all the processing power I can get!
    Please help :(
  9. SpiritWind

    SpiritWind TS Rookie Posts: 164

    Adobe Reader

    Hi :

    The only thing I will add at this time is that your HijackThis log implies you have the
    malware-prone Adobe Reader on your computer !? Recently, Researchers found a new hackertoolkit that uses nothing but Adobe securityleaks in order to infect systems. "PDF Xploit Pack" ( http://www.trustedsource.org/blog/153/Rise-Of-The-PDF-Exploits )adds all kind of exploits to PDF-files. When a certain exploit has successfully infected the OS, the IP address is sent to the attackers, so they need to try again. This to reduce the time it takes to manage the bots.

    Use of PDF-files is becoming more and more popular among malcreants, this because other toolkits also have PDF exploits now. A year ago only 3% of the exploits were PDF directed.

    So it is recommended that your uninstall this program and "replace" it with a
    safer program, such as the FREE "Foxit Reader" or "CutePDF" .
  10. RabiNiz

    RabiNiz TS Rookie Topic Starter

    I really appreciate the advice to prevent future infections.

    BUT, I am really looking for advice on what to do right now, in the present, while I already have malware issues

    What do my log files suggest? And what is the best course of action to deal with the problems?
    More tips on prevention are appreciated too, but I need some direct advice on how to deal with this first.

    Thank you all for all the help so far!
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...