help help help and help me some more!!!

Discussion in 'Malware Help (A Specialist Will Reply)' started by Dunk122, Aug 13, 2008.

  1. Dunk122

    Dunk122 Private E-2

    tried downloading a codec last night and ended up in a whole world of s**t :cry

    seems every time i do a scan i end up with another virus

    Fake Anti Spyware.VirusRemover2008 Registry Value hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\internet settings\user agent\post platform\"antivirxp08" Scan

    Trojan.Alemod Fix: Registry Data hkey_users\s-1-5-21-3167541043-491345469-1485416765-500\software\microsoft\windows\currentversion\policies\system\nodispbackgroundpage\"1" | 0 Scan

    FakeAntiSpyware.AntiVirus2008 Registry Data hkey_current_user\control panel\desktop\wallpaper\:c:\windows\system32\phc9nkj0etcv.bmp Scan

    FakeAntiSpyware.AntiVirus2008 Registry Data hkey_current_user\control panel\desktop\originalwallpaper\:c:\windows\system32\phc9nkj0etcv.bmp Scan

    FakeAntiSpyware.AntiVirus2008 Registry Data hkey_current_user\control panel\desktop\convertedwallpaper\:c:\windows\system32\phc9nkj0etcv.bmp

    Win32:Agent-ZXU [Trj]

    is there anyway to get this stuff off my PC, ive tried using virus removers like super antispyware (free version) and spyware detector (subscribed version) and nothing seems to be working

    im on XP64 with SP2
     
    Dunk122, Aug 13, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions.
    • If something does not run, write down the info to explain to us later but keep on going.
    • Do not assume that because one step does not work that they all will not.
    Notes:

    1. If you run into problems trying to run theREAD & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
     
    chaslang, Aug 13, 2008
    #2
  3. Dunk122

    Dunk122 Private E-2

    its ok, just decided to bite the bullet and go straight into format mode, all sorted now :)
     
    Dunk122, Aug 14, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Aug 14, 2008
    #4
  5. Dunk122

    Dunk122 Private E-2

    will do :), for any of you looking in i picked this virus up described as a codec, if any of you are looking for codecs just now scan em all before opening!!

    if i ever get my hands on the little sh!ts who make these viruses we will see just how clever they actually are in real life! :***
     
    Dunk122, Aug 14, 2008
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The majority of people who come here with these rogue tool infections (aka SmitFraud infections) got their infections the same way. ;)

    See the 3rd bullet item in step 10 of the How to protect yourself link.
     
    chaslang, Aug 14, 2008
    #6
  7. Dunk122

    Dunk122 Private E-2

    anyway which AV would you recommend? im using Nod32 right now and dont think too much of it, would the likes of Avast be a better replacement for it? :)
     
    Dunk122, Aug 14, 2008
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    A paid version of NOD32 is better than free Avast. And Avast is more prone to false positives. Also note that you can still get infection from malware like this no matter what antivirus program you have installed. Most of them will not detect this. Some realtime antispyware programs will possible help but an antivirus does not detect this kind of malware. Also note that security starts with you. ;)
     
    chaslang, Aug 14, 2008
    #8
  9. Dunk122

    Dunk122 Private E-2

    think i might as well stay with Nod32 then, no point paying twice :-D

    on the subject of anti spyware ive got spyware detector (subscribed) how do you rate this against other anti spyware programs?
     
    Dunk122, Aug 14, 2008
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    In a word..... POOR.
     
    chaslang, Aug 15, 2008
    #10
  11. Dunk122

    Dunk122 Private E-2

    damn it, ive paid for this as well :eek:

    ok another question comming up then, what is the best one to purchase then?
     
    Dunk122, Aug 16, 2008
    #11
  12. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    SUPERAntiSpyware is doing very well lately and is worth the money.
     
    chaslang, Aug 16, 2008
    #12
  13. Dunk122

    Dunk122 Private E-2

    will look into subscription for this then :)

    thanks alot for the info m8 :cool
     
    Dunk122, Aug 16, 2008
    #13
  14. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, Aug 16, 2008
    #14

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds