My computer is attacked by pro internet explorer virus...

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by gothichero, Sep 29, 2007.

  1. gothichero

    gothichero Private E-2

    Everytime i use opera or mozilla i get msg like "USE INTERNET EXPLORER U DOPE. I DNT HATE MOZILLA BUT USE IE OR ELSE..."
    "ORKUT IS BANNED. Orkut is banned you fool, The administrators didnt write this program guess who did?? MUHAHAHA!!"
    "youtube IS BANNED. youtube is banned you fool, The administrators didnt write this program guess who did?? MUHAHAHA!!"

    I"m tired of it. I even uninstalled firefox and now not even able to install it again. :cry I had been to a cyber cafe yesterday where I used my mp3 player cum pen drive. I think tat is infected. Can i heal my computer as well as my mp3 player. I recently bought the mp3 player so i don wanna throw it. pl help me out. Can someone suggest a free anti malware for all these problems to fix. I use avg free but it looks like its of no use.
     
    gothichero, Sep 29, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, renaming, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy - only for Windows XP, 2K, & NT users
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    chaslang, Sep 29, 2007
    #2
  3. gothichero

    gothichero Private E-2

    Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

    This thread is closed :-(
     
    gothichero, Sep 29, 2007
    #3
  4. gothichero

    gothichero Private E-2

    oh it opened..
     
    gothichero, Sep 29, 2007
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes it is supposed to be closed. It is the instructions that you need to follow and you are not supposed to post in the READ & RUN ME thread. You are supposed to post this thread you are reading now. ;)
     
    chaslang, Sep 29, 2007
    #5
  6. gothichero

    gothichero Private E-2

    I went through all the procedures on read and run me first. The problem seems to be fixed. I also came to know which virus attacked my system and the link to that virus' information is here: http://www1.freewebs.com/mgsujith/worm/remove.html

    I also tried to go through the procedures which was given on that website but I could not do the first procedures. and also, to manually remove the worm I went through the procedure given on that website but when search for scvhost.exe in windows i still find four files. I do not know how to remove them. And bitdefender did not work. In the middle of the scanning the computer would restart. I also had problems installing hijack this in the right folder. The log was not found in the hijackthis folder but in temp folder. I did rename it to analyse.exe. Though now the computer seems to be workin fine I have a feeling the virus are still hidden somewhere. how do I purge everything. and most of these anti virus programs are not free and I do not have access to a credit card. Last but not the least... How do I remove the virus which is on my mp3 player cum pen drive. The model is transcend T.sonic 610. In the user manual they have warned against formatting in windows. I did not understand what they meant by saying that. And please help me understan how to keep my computer safe and immune. and check for malware.
     

    Attached Files:

    gothichero, Oct 1, 2007
    #6
  7. gothichero

    gothichero Private E-2

    Here is the rest of the files you wanted. bitdefender did not work. Thanks. Do tell me what I gotta do next and how I can remove the virus from my T.sonic 610 as I have been advised not to format on windows.
     

    Attached Files:

    gothichero, Oct 1, 2007
    #7
  8. gothichero

    gothichero Private E-2

    pl reply...
     
    gothichero, Oct 1, 2007
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Oct 1, 2007
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You will have to be more specific and tell us exactly what files you are referring to and exactly in what folder you are seeing them.

    You did not install it as requested and you did not rename it. Or you are not running the one you renamed. Your log shows this:

    C:\Documents and Settings\Jaiyant\Local Settings\Temp\HijackThis.exe

    You should have downloaded and installed HijackThis from the link given in the READ ME and it would have been much easier because it defaults to installing it properly. And then all you have to do is rename it.


    You will have to speak the the people who created your MP3 player. We can only work on removing malware from the Windows OS. All I could say is delete all files on your MP3 player.


    The only problems I see from your logs are these:
    1. You did not do step 2 of the READ ME properly and thus may not be able to find and delete files mentioned below if they are hidden.
    2. You have a load of junk tmp files on your Desktop that should not be there. You should delete them or move them somewhere else if you need these files.
    3. You also have more of the same junk tmp files in your My Documents folder.
    4. You need to delete the below files picked up by the scans. The last one could be what caused your infection.
      • C:\heap41a\offspring\MicrosoftPowerPoint.exe
      • D:\New Software\3wPlayer-1.5.0.0-setup-0593.exe
     
    chaslang, Oct 1, 2007
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds