Results 1 to 2 of 2

Thread: Redirects, Worms, Trojans, Unknown Possible Virus'...

  1. #1
    Junior Member
    Join Date
    Jun 2009
    Posts
    3

    Talking Redirects, Worms, Trojans, Unknown Possible Virus'...

    So.. My little Prince of a computer has long been known to be clogged with sadists little love-joy's, recently it began to express vast wrongness in it its browser orientation. Constant redirects between Google of the Mozilla variety and its searches were common between ave99.com, shopica.com, toseeka.com, etc etc.

    This problem was not fixed by Malware-Bytes... it was not fixed by Spyware Doctor..Spybot effectively searched... and its destruction took forever but eventually a virtumonde.dll/sci/dat/blah blah blah was remove.. amongst others. Alas, the redirections were still occurring.. FixVundu.. which I used before Spybot.. did not find a vundu... and yet spybot.. were certain there was one.. Iffy, potentially!


    Now a while back I ran RegCure... which apparently you say is reduced in practicality ideal thing action to make... so that could have done something...

    CCleaner.. removed a million and a half cookies.. but that was about all...and SpywareBlaster did nothing.. at all..

    ESET something or other Online Scanner... produced this... txt file:

    C:\Spyware Doctor 3.2.2.417 for Windows.zip multiple threats deleted - quarantined
    C:\Documents and Settings\Jes\Application Data\Google\Local Search History\fbabj0 probably a variant of Win32/TrojanDownloader.Agent trojan cleaned by deleting - quarantined
    C:\Documents and Settings\Jes\Application Data\Google\Local Search History\ptnmsn64 a variant of Win32/TrojanDownloader.FakeAlert.YR trojan cleaned by deleting - quarantined
    C:\Documents and Settings\Jes\Desktop\frostwire-4.17.0.windows.exe a variant of Win32/AdInstaller application deleted - quarantined
    C:\Documents and Settings\Jes\Desktop\HexalotSetup-dm.exe Win32/Adware.Trymedia application cleaned by deleting - quarantined
    C:\Downloads\PrimeSuspectsGENSetup-dm[1].exe Win32/Adware.Trymedia application cleaned by deleting - quarantined
    C:\Program Files\AMT\AmtSetup.exe probably a variant of Win32/Spy.Agent trojan cleaned by deleting - quarantined
    C:\Program Files\Mozilla Firefox\a.exe a variant of Win32/Kryptik.OG trojan cleaned by deleting - quarantined
    C:\Program Files\MyEmoticons\uninstall.exe probably a variant of Win32/VB trojan cleaned by deleting - quarantined
    C:\Program Files\podmena\podmena.dll Win32/Tinxy.AF trojan cleaned by deleting (after the next restart) - quarantined
    C:\Program Files\podmena\podmena.sys Win32/Tinxy.AF trojan cleaned by deleting - quarantined
    C:\Spyware Doctor 3.2.2.417 for Windows\Spyware Doctor 3.2.2.417 for Windows\Crack\swdoctor.exe probably unknown NewHeur_PE virus deleted - quarantined
    C:\WINDOWS\freddy46.exe probably a variant of Win32/Koobface.NBG worm cleaned by deleting - quarantined
    C:\WINDOWS\ld09.exe a variant of Win32/Koobface.NBQ worm cleaned by deleting - quarantined
    C:\WINDOWS\mstre19.exe a variant of Win32/Koobface.NBQ worm cleaned by deleting - quarantined
    C:\WINDOWS\SYSTEM32\zedozugu.exe a variant of Win32/Koobface.NBQ worm cleaned by deleting - quarantined


    and apparently it claims that have removed my whore status as a PC User.. but I am not tech-savvy and do not know what to do next..as I did not run anything in safe mode.. and was web surfing at the same time the scan was going on for... I have not made a new system restore point.. nor deleting old one's with disc cleanup.


    Also I recently upgrade AVG 8.5 and have no idea how to run it.. or how to scan my music files to see if they contain virus'.. as I always turn off my firewall because it stop downloading all together...



    PLEASE RECOVER MY MESS WITH ME!
    http://forums.spybot.info/showthread.php?t=49386
    Last edited by tashi; 2009-06-16 at 05:52. Reason: Added link to new topic

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,445

    Default

    Hello Ridacumondo,

    Please follow the instructions in this link to produce a HJT log: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)
    Then start a new topic, copy paste the log into it and one of our volunteer analysts will advise you as soon as available.

    Regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •