win32/winwebsec

I have some kind of a trojan on my laptop and I could really use some help. I read the removal of malware instructions but after removing Java and reinstalling I can no longer access the internet. An error message appears stating windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item. I am using my daughters computer to contact you. It took numerous attempts to install Super Antispyware but I did eventually get it installed but nothing happens when I click the executable file. I renamed the file to SAS.exe as you instructed but nothing happens when I click on it. I was able to run it in Safe Mode but the laptop shuts down in the middle of the scan. I am running Avast and Windows Defender. Avast found win32:malware-gen in file c:\ncylnewm.exe. Adaware found win32.backdoor.bredavi in file c:\grce.exe which was placed into quarantine. Windows Defender found trojan: win32/winwebsec. I ran Adaware and Avast in Safe Mode and they removed the infected files but as soon as I rebooted in normal mode the trojan is still present. I cannot open system restore and I was unable to get into Msconfig per your instructions. I downloaded all of the files you recommended to a USB drive but after I was unable to use Super antispyware in normal mode I figured I better ask for some help. I am unsure at this point what I can do if I cannot use the software tools you recommended which means I am also unable to attach the reports you need. Please advise me on what would be my next step. I hope you are able to help. Thanks for your time in advance.

 

I forgot to mention earlier that something called Security Tool is continually popping up on my screen and it is taking forever for my machine to reboot.

 

I purchased Spyware Doctor online which slowed down the Security Tools pop up. I noticed under Task Manager that a file with all numbers was running under processes. When I clicked end process this stopped Security Tools from running which then allowed me to install the tools and run the scans that you instructed. I was unable to run Root Appeal however. I received a message stating Root appeal could not initialize driver. Please contact the author. I tried downloading the file again and reinstalling but I receive the same error twice upon running.

My laptop seems to be starting up much quicker after running all of the scans. I now have internet connection as well. If you could review the logs and let me know what my next step would be, I would truly appreciate it.

 

Hi,

Thanks for responding. I ran Avenger and am attaching avenger.txt file. I ran the MGtools\GetLogs.bat file but I cannot seem to find the MGLogs.zip folder. I searched everywhere and am unable to find it, so I cannot attach the file you requested. More help with this would be appreciated.

I've noticed a few things happening. I ran an Avast virus scan this morning before you you replied to me and it found 2 things. win32malware-gen and win32malob-t [crypt]. I also ran Malwarebytes and it found c:\windows\system32\yozugifi.exe.

Also, I have been having problems with my America Online program. My address book is empty. I used AOL live help and they could not help me. I deleted AOL 9.0VR from my computer and installed an updated version 9.5. Each time I reboot, I lose my address book. Not sure if you know why this is.

Another thing I've been having problems with is Adobe Flash Player Version 10. When I play games on facebook it keeps telling me I need to upgrade my flash player which I have done numerous times. It seems like once the computer reboots files are missing again.

Windows is blocking Malwarebytes from starting up. I am receiving notification in the bottom right area of my screen.

Start up seems slower than usual.

Can I ask you a question? Is it safe to continue using my online banking. I just want to be sure that my machine has not been compromised with everything that has been happening.

I will await your response.

Thank you!!!

 

Hi,

I figured out what I did wrong. UAC was enabled when I tried to run the MGtools scan before. I am attaching the log file. I apologize, I am not familiar with programs.

Please let me know what else you need me to do.

Thanks Again.

 

Viewpoint media player is used by the America Online program. I originally deleted it but that is when I started having problems with my AOL address book which I am still having problems with even after uninstalling and reinstalling. Is it really necessary to remove Viewpoint Media player?

 

Here are the logs that you requested. I will wait to hear back from you.

Thanks Again for your help.

 

Hi,

The only issues I am having is with Flash player having to be reinstalled each time computer is rebooted and I also have to keep uninstalling and reinstalling America Online because my address book keeps disappearing upon reboot. I think one of the scans that I was requested to run must have deleted some registry keys. They were both working fine up until then. Kind of a bummer that I can't figure out how to fix it and real PITA having to reinstall. Other than that...my laptop seems to running good. Any suggestions on flash player and AOL problem? I searched software forum couldn't seem to find anything.