Jump to content


Photo

Trojan


  • Please log in to reply
1 reply to this topic

#1 i hate win me

i hate win me

    Member

  • Members
  • 227 posts
  • Location:Channel tunnel UK


Posted 02 July 2008 - 02:32 PM

Hi,

My pc was acting strange so i conducted a virus scan as my son had been on pc and he has a habit of down loading C$*p.

It found nothing so i tried to do a House call scan, it would not run and i.e windows kepted poping up so conducted a on line sacn using Kaspersky, it found trojan and other, downloaded trail version, and it sorted virus out, however every time i turn pc off and restart it says their is more virus,
This is wot is in the detected folder after every restart and scan

deleted: adware not-a-virus:AdWare.Win32.Virtumonde.zji File: C:\Users\Dad\AppData\Local\Temp\cqkrdqhp.dll

deleted: Trojan program Trojan.Win32.Monderc.gen File: c:\windows\system32\ssqogvlb.dll

deleted: Trojan program Trojan.Win32.Monderc.gen File: c:\users\dad\appdata\local\temp\byxyqooe.dll

deleted: Trojan program Trojan.Win32.Monderc.a File: c:\users\dad\appdata\local\temp\gtrqtdra.dll

detected: riskware Hidden data sending Running process: C:\Program Files\Internet Explorer\iexplore.exe

detected: Trojan program Trojan.Win32.Obfuscated.auw URL: http://62.4.83.205/k...mp;affid=156878

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Temp\efwmmrad.dll

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Temp\siceojot.dll

deleted: Trojan program Trojan.Win32.Monderc.a File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VEKFXW7S\kb671231[2]

deleted: Trojan program Trojan.Win32.Obfuscated.auw File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VUKSHCB0\kb111653[1]

detected: new threat Hidden.Object (modification) File: C:\sccfg.sys

deleted: Trojan program Trojan.Win32.Monder.wl File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92X87L3Z\css4[1]

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92X87L3Z\css4[2]

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92X87L3Z\kb456456[1]

deleted: Trojan program Trojan.Win32.Monder.ahv File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SDI5VAN0\kb456456[1]

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SDI5VAN0\kb671231[1]

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SDI5VAN0\kb767887[1]

deleted: Trojan program Trojan.Win32.Obfuscated.auw File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VEKFXW7S\kb111653[1]

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VEKFXW7S\kb456456[1]

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VEKFXW7S\kb671231[1]

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VEKFXW7S\kb767887[1]

deleted: Trojan program Trojan-Downloader.Win32.Small.wxl File: C:\Users\Dad\AppData\Local\Temp\Downloader.exe

deleted: Trojan program Trojan.Win32.Obfuscated.auw File: C:\Users\Dad\AppData\Local\Temp\efcksxgp.dll

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Temp\pgjxavyu.dll

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Temp\rqRKCrRL.dll

deleted: Trojan program Trojan-Downloader.Win32.VB.eyc File: C:\Users\Dad\AppData\Local\Temp\snpp.exe//data0006

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Temp\stgaftmx.dll

deleted: adware not-a-virus:AdWare.Win32.WebHancer.423 File: C:\Users\Dad\AppData\Local\Temp\syswcc32.exe/whAgent.exe

deleted: adware not-a-virus:AdWare.Win32.WebHancer.390 File: C:\Users\Dad\AppData\Local\Temp\syswcc32.exe/whInstaller.exe

deleted: adware not-a-virus:AdWare.Win32.WebHancer.390 File: C:\Users\Dad\AppData\Local\Temp\syswcc32.exe/webhdll.dll

deleted: adware not-a-virus:AdWare.Win32.WebHancer.390 File: C:\Users\Dad\AppData\Local\Temp\syswcc32.exe/whiehlpr.dll

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Temp\tmp00027a75

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Temp\tmp0016e832

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Users\Dad\AppData\Local\Temp\xxyYppMf.dll

detected: riskware Hidden data sending Running process: C:\Windows\Explorer.EXE

deleted: Trojan program Trojan.Win32.Monderc.gen File: C:\Windows\System32\awtuuVMg.dll

deleted: Trojan program Rootkit.Win32.Clbd.cy File: C:\Windows\System32\clbdll.dll

deleted: Trojan program Trojan-Downloader.Win32.VB.eyc File: C:\Windows\System32\netrax06\netrax061083.exe


This is wot is in quartine

Possibly infected: new threat Hidden.Object (modification) C:\sccfg.sys 20 bytes 01/07/2008 20:10:43

so any help will great be apprciated.

Thanks

Edited by i hate win me, 02 July 2008 - 02:34 PM.


#2 law9933

law9933

    Advanced Member

  • Advanced Member
  • 1,524 posts

Posted 02 July 2008 - 09:12 PM

a-squared & SUPERAntispyware are great free programs & free. Run them & what else you have in Safe Mode. The nasties maybe hiding in system restore (clear it & after cleaning make a new restore point.) You probably should just post a HJT log in the subform HJT Logs.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users