Help with malware

Discussion in 'Malware Help (A Specialist Will Reply)' started by Jeffw96, Sep 10, 2006.

  1. Jeffw96

    Jeffw96 Private E-2

    Hello, earlier today i downloaded something i shouldn't have, and as a result I have a huge malware infestation and i've been trying all day to fix it and it still does not fix the problem. The problem being I have popups for different registry and spyware cleaners. I have downloaded and tried bitdefender, Ewido, Spybot Search and Destroy, Ad-aware SE, Spysweeper, and Smitfraudfix. Everything is fully updated though I do not have a virus scanner or a full version of any of those anti-spyware programs. I also tried to install AVG and it faults out every time I try. I have a HJT log of my current system processes if you would like to view. Please help!

    PC Stats: AMD Athlon 3200+ with 1.7 Gigs of DDR
    OS: Windows XP Home Operating System service pack 2 fully updated
     
    Jeffw96, Sep 10, 2006
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Hi and Welcome to Majorgeeks!

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Downloading, Installing, and Running HijackThis

    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.


    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:

      • [*]runkeys.txt - the log from GetRunKey.bat
        [*]newfiles.txt - the log from ShowNew.bat
      • CounterSpy - ONLY IF you were not able to run Windows Defender
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • HijackThis

    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    DavidGP, Sep 10, 2006
    #2
  3. Jeffw96

    Jeffw96 Private E-2

    I did the above scans except for panda (which I'm running now) I was not however able to run these scanners in safe mode. I have a wireless connection on my PC and it still didn't work when I ran safe mode with Networking. Bitdefender wasn't able to clean out two of the Trojans it found. As soon as panda finishes the scan I will post the results and the HJT log. (I made sure all my scanners were fully updated and did everything in the instructions so far except run the online scanners in safe mode.)
     

    Attached Files:

    Jeffw96, Sep 11, 2006
    #3
  4. Jeffw96

    Jeffw96 Private E-2

    Ok, Just finished Panda and HJT, I'm adding the attachments. Panda found alot of malware. Now what can I do to get rid of all these? every scanner I have doesn't seem to get rid of them.
     

    Attached Files:

    Jeffw96, Sep 11, 2006
    #4
  5. Jeffw96

    Jeffw96 Private E-2

    ugh...I also downloaded VundoFix and used that...but it couldn't remove it a .dll
    heres the log....
     

    Attached Files:

    Jeffw96, Sep 11, 2006
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Are you copies of Spy Sweeper and Ewido the free trials or paid versions?
    If free, uninstall them now to avoid conflicts and excessive use of system resources.

    You have a multiple infections which make them harder to remove and that is why VundoFix does not work. You have Virtumonde and also a winlogonhook infection.

    In my next message I will post a fix after going thru all of your logs. Note you did not follow the directions in step 6 for creating a Bitdefender log and as a result what you posted is not helpful.

    [EDIT] You did not follow the directions for using GetRunKey and ShowNew. You MUST EXTRACT all the files from the ZIP file and then run the .bat files from OUTSIDE of the ZIP file. Please follow the directions and attach new logs. I cannot post a fix without the proper logs.
     
    Last edited: Sep 12, 2006
    chaslang, Sep 12, 2006
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds