PDA

View Full Version : Lurking Malware after virus and slow internet



harold711
2008-03-14, 22:33
Hey everyone,
Here's my prob: I just had a whopper of a virus that I cleaned out of my desktop comp (it was the "braviax" virus--had to use Combofix and about 4 other AV software to flush it out) The big stuff is finally gone but now my internet connection, which is run by an ethernet cable the provider being SBC, is slow as heck. I used WinsockxpFix and LSPFix and still nothing. As soon as the comp logs on to the net, I have about a minute of the old time connection speed.

Now, I ran PCPitstop Exterminate and the following entries came up:
WhenU SaveNow (Malware) 4 threats
ProcKill (Misc Tool) 1 threat

I've ran SpyBot Search and Destroy and the one virus entry that keeps coming up is Win32.tiny.abk and the file is:
WINDOWS/TEMP/7CF28762C38CA0D4.TMP
WINDOWS/TEMP/AE8AB41F91F72503.TMP

For some reason SpyBot won't delete this permanently, even when TeaTimer and the 'Help' options are unchecked.

I ran AVG, but that scan comes up clean for some reason..

Another scan, SpyHunter, gave 2 entries for NetPumper which I had to delete manually since that program is not freeware.

Is there some scan/fix I can run that will delete the above viruses permanently?

The only keys I have in my HJT log are:
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1171902887049
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

My system is virtually clean of junk...not sure what else I can do to get rid of this. Please help!

tashi
2008-03-15, 10:13
Hello.

Please see the stickied procedure for this forum: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Then start a new topic, and I will close this one as helpers look for zero response. ;)

Regards.