Jump to content
smiling111

New Malware.j and Vundo amoung others! Help!

Recommended Posts

I just recently solved a problem with cp1041.nls (thank you fatduck) now I am getting viruses popping up like "New Malware.j" and "Vundo" amoung others. Web pages are popping up at random and everything on my computer is very slow. Takes forever to get to an address and most the time it forwards me three web pages ahead of what I typed in to advertizements. I am not sure if this is related but all the sudden in my startup box these items were magically checked.

NEWDOT~2

_A00F1D28E9.exe

_A00F1D28E9.exe

And others that start with _A00F. Could be unrelated. I can barly stay on a page long enough to write this thread. I have run Adaware Professional in safe mode and dont' know what to do. I am actully freezing up as I type this. Hope someone can help. I will try to check the thread from a different computer thanks.

P.

Share this post


Link to post
Share on other sites
I just recently solved a problem with cp1041.nls (thank you fatduck) now I am getting viruses popping up like "New Malware.j" and "Vundo" amoung others. Web pages are popping up at random and everything on my computer is very slow. Takes forever to get to an address and most the time it forwards me three web pages ahead of what I typed in to advertizements. I am not sure if this is related but all the sudden in my startup box these items were magically checked.

NEWDOT~2

_A00F1D28E9.exe

_A00F1D28E9.exe

And others that start with _A00F. Could be unrelated. I can barly stay on a page long enough to write this thread. I have run Adaware Professional in safe mode and dont' know what to do. I am actully freezing up as I type this. Hope someone can help. I will try to check the thread from a different computer thanks.

P.

Have you scanned with SUPERAntiSpyware? If not, please do so now and post your scan log here.

Share this post


Link to post
Share on other sites

Think this is it.

Generated 05/01/2007 at 03:02 AM

Application Version : 3.7.1018

Core Rules Database Version : 3227

Trace Rules Database Version: 1238

Scan type : Quick Scan

Total Scan Time : 00:47:21

Memory items scanned : 383

Memory threats detected : 4

Registry items scanned : 730

Registry threats detected : 111

File items scanned : 14876

File threats detected : 114

Trojan.WinFixer

C:\WINDOWS\SYSTEM32\FCCYA.DLL

C:\WINDOWS\SYSTEM32\FCCYA.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DCE30ADF-5F83-4EDA-8F06-35BC49D248F2}

HKCR\CLSID\{DCE30ADF-5F83-4EDA-8F06-35BC49D248F2}

HKCR\CLSID\{DCE30ADF-5F83-4EDA-8F06-35BC49D248F2}\InprocServer32

HKCR\CLSID\{DCE30ADF-5F83-4EDA-8F06-35BC49D248F2}\InprocServer32#ThreadingModel

Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\fccya

Trojan.Downloader-Gen/HardFall

C:\WINDOWS\SYSTEM32\HGGHIGG.DLL

C:\WINDOWS\SYSTEM32\HGGHIGG.DLL

Trojan.NewDotNet-Installer

C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL

C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL

Trojan.Update-Mcboo/Resident

C:\WINDOWS\RETADPU2000219.EXE

C:\WINDOWS\RETADPU2000219.EXE

C:\WINDOWS\Prefetch\RETADPU2000219.EXE-1FEB3BAA.pf

Adware.Vundo Variant

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FFCE6B5-809F-4E00-93D7-4E9B7C26CC4A}

HKCR\CLSID\{0FFCE6B5-809F-4E00-93D7-4E9B7C26CC4A}

HKCR\CLSID\{0FFCE6B5-809F-4E00-93D7-4E9B7C26CC4A}\InprocServer32

HKCR\CLSID\{0FFCE6B5-809F-4E00-93D7-4E9B7C26CC4A}\InprocServer32#ThreadingModel

C:\WINDOWS\SYSTEM32\DDCYW.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F9D0C61-737D-44D1-BD80-91AF857061CC}

HKCR\CLSID\{3F9D0C61-737D-44D1-BD80-91AF857061CC}

HKCR\CLSID\{3F9D0C61-737D-44D1-BD80-91AF857061CC}\InprocServer32

HKCR\CLSID\{3F9D0C61-737D-44D1-BD80-91AF857061CC}\InprocServer32#ThreadingModel

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D651AFF4-9590-424d-BD1E-8E33E090DFB3}

HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3}

HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3}\InprocServer32

HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3}\InprocServer32#ThreadingModel

C:\WINDOWS\SYSTEM32\RAEKBENT.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{3F9D0C61-737D-44D1-BD80-91AF857061CC}

Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\hgghigg

HKCR\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4}

HKCR\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4}\InprocServer32

HKCR\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4}\InprocServer32#ThreadingModel

HKCR\CLSID\{3F9D0C61-737D-44D1-BD80-91AF857061CC}

HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3}

C:\WINDOWS\SYSTEM32\PMNKIJI.DLL

C:\WINDOWS\SYSTEM32\PMNKLMM.DLL

C:\WINDOWS\SYSTEM32\VTUUVWW.DLL

C:\WINDOWS\SYSTEM32\TUVSTQO.DLL

Trojan.NewDotNet

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}

HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}

HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}

HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32

HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32#ThreadingModel

HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\ProgID

HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\Programmable

HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\TypeLib

HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\VersionIndependentProgID

C:\PROGRAM FILES\NEWDOTNET\NEWDOTNET7_48.DLL

HKCR\Tldctl2.URLLink

HKCR\Tldctl2.URLLink\CLSID

HKCR\Tldctl2.URLLink\CurVer

HKCR\Tldctl2.URLLink.1

HKCR\Tldctl2.URLLink.1\CLSID

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#DisplayName

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#UninstallString

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#DisplayIcon

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#DisplayVersion

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#Publisher

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#URLInfoAbout

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#HelpLink

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#URLUpdateInfo

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#VersionMajor

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#VersionMinor

HKU\.DEFAULT\Software\New.net

HKU\S-1-5-21-861567501-789336058-1708537768-1003\Software\New.net

HKU\S-1-5-18\Software\New.net

HKLM\Software\New.net

HKLM\Software\New.net#InstalledVersion

HKLM\Software\New.net#InstalledPath

HKLM\Software\New.net#Tag

HKLM\Software\New.net#DiscardTag

HKLM\Software\New.net#FirstTime

HKLM\Software\New.net#Source

HKLM\Software\New.net#Prt

HKLM\Software\New.net#LSPStatus

HKLM\Software\New.net#NextUpgradeHi

HKLM\Software\New.net#NextUpgradeLo

HKLM\Software\New.net#UpgradeCounter

HKLM\Software\New.net#Search

HKLM\Software\New.net#Activity

HKLM\Software\New.net#Complete

HKLM\Software\New.net#XpiDone

C:\Program Files\NewDotNet\uninstall6_38.exe

C:\Program Files\NewDotNet\readme.html

C:\Program Files\NewDotNet\uninstall7_48.exe

C:\Program Files\NewDotNet

C:\WINDOWS\NDNUNINSTALL6_38.EXE

C:\WINDOWS\NDNUNINSTALL6_98.EXE

C:\WINDOWS\NDNUNINSTALL7_48.EXE

Adware.Tracking Cookie

C:\Documents and Settings\paulriccio\Cookies\paulriccio@adopt.specificclick[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@interclick[5].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@specificclick[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@indiads[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@anad.tacoda[3].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@server.iad.liveperson[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@ctxtad[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@entrepreneur.122.2o7[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@tacoda[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@atdmt[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@adlegend[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@zedo[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@ad.firstadsolution[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@ads.addynamix[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@pro-market[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@sxload[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@winantispyware[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@questionmarket[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@metist[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@mediaplex[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@overture[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@winantivirus[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@count4.exitexchange[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@www.winantispyware[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@count1.exitexchange[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@findwhat[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@angleinteractive.directtrack[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@hitbox[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@tremor.adbureau[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@88270523[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@www.amaena[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@ad.yieldmanager[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@doubleclick[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@exitexchange[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@trafficmp[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@divx.adbureau[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@cpvfeed[3].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@tribalfusion[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@fastclick[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@sec1.liveperson[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@directtrack[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@ehg-pcsecurityshield.hitbox[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@www.onlineemedia[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@count3.exitexchange[2].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@entrepreneur[1].txt

C:\Documents and Settings\paulriccio\Cookies\paulriccio@redorbit[2].txt

C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@www.burstbeacon[2].txt

C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@offeroptimizer[1].txt

C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@ads.ah-ha[1].txt

C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@www.alltracksgone[1].txt

C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@atwola[2].txt

C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@ar.atwola[1].txt

C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@m1.webstats4u[1].txt

C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@www.xctrk[2].txt

Registry Cleaner Trial

C:\Program Files\Registry Cleaner Trial\unins000.dat

C:\Program Files\Registry Cleaner Trial\unins000.exe

C:\Program Files\Registry Cleaner Trial\Regclean.exe

C:\Program Files\Registry Cleaner Trial\EULA_REGCLEAN.rtf

C:\Program Files\Registry Cleaner Trial\regclean.dll

C:\Program Files\Registry Cleaner Trial\Registry Cleaner.chm

C:\Program Files\Registry Cleaner Trial\soref.dll

C:\Program Files\Registry Cleaner Trial\RCUninstall.exe

C:\Program Files\Registry Cleaner Trial\uninstall.hta

C:\Program Files\Registry Cleaner Trial\EmailAddressCapture.hta

C:\Program Files\Registry Cleaner Trial\RCBanner.jpg

C:\Program Files\Registry Cleaner Trial\NoSpam.jpg

C:\Program Files\Registry Cleaner Trial

C:\Documents and Settings\paulriccio\Application Data\Registry Cleaner\Regclean.ini

C:\Documents and Settings\paulriccio\Application Data\Registry Cleaner\Backups

C:\Documents and Settings\paulriccio\Application Data\Registry Cleaner

C:\WINDOWS\Prefetch\REGCLEAN.EXE-0ACF4C57.pf

Trojan.NetMon/DNSChange

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR#NextInstance

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Service

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Legacy

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ConfigFlags

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Class

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ClassGUID

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#DeviceDesc

Trojan.cmdService

HKLM\SYSTEM\CurrentControlSet\Services\cmdService

HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum

HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#0

HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#Count

HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#NextInstance

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE#NextInstance

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Service

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Legacy

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#ConfigFlags

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Class

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#ClassGUID

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#DeviceDesc

Adware.Toolbar888

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\888Bar

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\888Bar#DisplayName

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\888Bar#UninstallString

Adware.ClickSpring/Yazzle

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#DisplayName

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#UninstallString

C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\YAZZLEBUNDLE-1281.EXE

Adware.ClickSpring/Outer Info Network

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#Publisher

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayName

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#UninstallString

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#HelpLink

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#InstallLocation

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoModify

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoRepair

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayVersion

Adware.Web Buying

HKU\.DEFAULT\Software\WebBuying

HKU\S-1-5-18\Software\WebBuying

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebBuying

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebBuying#DisplayName

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebBuying#UninstallString

Trojan.Downloader-Gen/Win

C:\WINDOWS\SYSTEM32\SVCP.CSV

C:\WINDOWS\SYSTEM32\UNSVCHOSTS.LZMA

Trojan.Downloader-Gen

C:\WINDOWS\SYSTEM32\WINSUB.XML

Worm.Sdbot Variant

C:\WINDOWS\SYSTEM32\SMPI1\WIN.EXE

Adware.UCMore/The Search Accelerator

C:\WINDOWS\SYSTEM32\SMPI1\WIN66.EXE

Trojan.,Downloader-UpdateMC

C:\WINDOWS\UPDATER.EXE

Trojan.Downloader-Gen/Installer

C:\WINDOWS\B104.EXE

C:\WINDOWS\B103.EXE

C:\WINDOWS\B136.EXE

C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\B103.EXE

Trojan.Unknown Origin

C:\WINDOWS\AM9OBIBZBWL0AA\UA6CV21WVQ5XUE.VBS

C:\WINDOWS\UNINSTALL_NMON.VBS

C:\WINDOWS\B129.EXE

BearShare File Sharing Client

C:\PROGRAM FILES\BEARSHARE\BEARSHARE.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\BEARSHARE.LNK

C:\DOCUMENTS AND SETTINGS\PAULRICCIO\DESKTOP\SHORTCUTS\BEARSHARE.LNK

Trojan.Freeprod

C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\ZE.EXE

Adware.BetterInternet

C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\DRTEMP\THIN-139-1-X-X.EXE

Unclassified.Unknown Origin/System

C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\B116.EXE

C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\B122.EXE

Trojan.Spam-RUCrzy

C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\39E.TMP

Adware.webHancer

C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\TEMP.FR593D\PROGRAMS\WEBHDLL.DLL

Trojan.Downloader-UDL2

C:\28379252.EXE

Hope someone can help

Share this post


Link to post
Share on other sites

After you rebooted, you still have problems? It looks like we detected quite a bit of spyware on your system.

Share this post


Link to post
Share on other sites

FYI:

This log is typical of how most malware enters a system: Trojan Horses.

These are programs that look legitamate, but contain an Adware/Spyware payload which is the Trojan Horse.

Word of warning: When you're surfing the web and a popup that comes up that is similar to the following, then keep your distance:

"Your computer is infected with spyware! Click here to download "such and such".

"We've detected that your registry contains errors. Click here to download..."

Also, many of those fancy screensavers and pointers are also Trojan Horses.

Share this post


Link to post
Share on other sites

Well still getting web pages opening up by themselves. Think it is a little better. I will try running it again and rebooting right after I run it......or even run it in safe mode. I should have rebooted right after but got sidetracked. The problem usually gets worse the longer the computer is on. I will let you know.

Share this post


Link to post
Share on other sites

Still getting MANY web pages opening with advertisements. Usually about three pages in one window ie. if you click the back button there are three pages there. Woke up this morning and there were 40 microsoft explorer windows open. Grrr I hate my computer.

Share this post


Link to post
Share on other sites
Still getting MANY web pages opening with advertisements. Usually about three pages in one window ie. if you click the back button there are three pages there. Woke up this morning and there were 40 microsoft explorer windows open. Grrr I hate my computer.

Did you scan in Safe Mode and immediately reboot?

Share this post


Link to post
Share on other sites

smiling111, that is quite a scary log. :shock: I do hope you get it cleaned.

If you are happy to provide the feedback I would be interested in knowing what sort of real-time defences you have in place. No other reason other than my own curiosity.

Share this post


Link to post
Share on other sites

I rebooted from safe mode and it seems pertty cool now except! When I rebooted the first time my desktop woudl not load. It was just the wallpaper and nothing else....not even a tab on the bottom. I Ctrl/alt/ del and restarted that way. That was very odd....should I be concerned? Popups seem to be ok now knock on wood.

To answer sunniebear. I don't have anything real time. What do you recomend. Superantispyware seemed to do a great job cleaning the computer does it also protect while it runs?

Share this post


Link to post
Share on other sites
I rebooted from safe mode and it seems pertty cool now except! When I rebooted the first time my desktop woudl not load. It was just the wallpaper and nothing else....not even a tab on the bottom. I Ctrl/alt/ del and restarted that way. That was very odd....should I be concerned? Popups seem to be ok now knock on wood.

To answer sunniebear. I don't have anything real time. What do you recomend. Superantispyware seemed to do a great job cleaning the computer does it also protect while it runs?

Sometimes malware messes with things upon removal, you can now boot correctly right? SUPERAntiSpyware Professional will help protect your system with our real-time protection.

Share this post


Link to post
Share on other sites

I just rebooted again and all seems fine for now. That is a great program just had my mom do the same thing.

When the little bug is next to my time does that mean it is protecting?

Thanks againl.

Share this post


Link to post
Share on other sites
I just rebooted again and all seems fine for now. That is a great program just had my mom do the same thing.

When the little bug is next to my time does that mean it is protecting?

Thanks againl.

If you are running the Professional version - yes, then it is protecting - if not, buy the Professional version - obviously it works :)

Share this post


Link to post
Share on other sites
I rebooted from safe mode and it seems pertty cool now except! When I rebooted the first time my desktop woudl not load. It was just the wallpaper and nothing else....not even a tab on the bottom. I Ctrl/alt/ del and restarted that way. That was very odd....should I be concerned? Popups seem to be ok now knock on wood.

To answer sunniebear. I don't have anything real time. What do you recomend. Superantispyware seemed to do a great job cleaning the computer does it also protect while it runs?

Do you have an AV installed? If you don't why not try the SAS Pro version, with maybe AVG Free anti-virus and see the difference it will make to the number of infections actually getting into your system. :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...