IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Cannot get rid of adware/trojans
Nanny
post 6.05.2007 01:13
Post #1


Member
**

Group: Members
Posts: 26
Joined: 5.05.2007




I have done several scans with Kaspersky and the problems keep coming back. I disabled my system recover and booted into safe mode and ran a scan. It only found and deleted one object. I restarted my computer and the same things keep happening. I get lots of alerts from Kaspersky and when I'm on the internet, pages keep popping up that I don't ask for. I also have Spy Bot which found Smitfraud-C.toobar888. I deleted it but it comes back. I have Adaware SE PLUS and it doesn't solve the problem either.

Here is a copy of my detected items in Kaspersky:

detected: riskware Invader Running process: C:\WINDOWS\system32\winlogon.exe
detected: riskware Invader Running process: C:\WINDOWS\system32\rundll32.exe
deleted: adware not-a-virus:AdWare.Win32.Virtumonde.ir File: c:\windows\system32\edyehkbt.dll
detected: adware not-a-virus:AdWare.Win32.Virtumonde.hb URL:
detected: adware not-a-virus:AdWare.Win32.Virtumonde.ir URL:
deleted: adware not-a-virus:AdWare.Win32.Virtumonde.ir File: C:\System Volume Information\_restore{A1B7EF41-FEF0-45A3-961C-94F744650990}\RP120\A0015513.dll
deleted: adware not-a-virus:AdWare.Win32.NewDotNet File: G:\System Volume Information\_restore{A1B7EF41-FEF0-45A3-961C-94F744650990}\RP45\A0006313.exe//WiseSFX Dropper//WISE0017.BIN
deleted: adware not-a-virus:AdWare.Win32.Relevant.a File: G:\System Volume Information\_restore{A1B7EF41-FEF0-45A3-961C-94F744650990}\RP45\A0006313.exe//WiseSFX Dropper//WISE0024.BIN
deleted: Trojan program Trojan-Spy.Win32.VBStat.h File: C:\WINDOWS\system32\kgjhvvpw.dll
deleted: Trojan program Trojan-Dropper.Win32.Agent.bhc File: C:\WINDOWS\system32\WinFlyer32.dll
deleted: adware not-a-virus:AdWare.Win32.WinAD.a File: G:\My Documents G\Overnet Incoming\incoming\incoming\Cinema Craft Encoder (CCE-SP) v2.62.ShareReactor.rar/cce225.zip/cctsp_patch.exe//UPX
detected: riskware Invader Running process: C:\Program Files\Spyware Doctor\swdsvc.exe
detected: riskware Invader Running process: C:\Documents and Settings\Administrator\Local Settings\Temp\is-URJTC.tmp\is-U6A21.tmp
detected: riskware Invader Running process: C:\WINDOWS\system32\cmd.exe
detected: riskware Invader Running process: C:\WINDOWS\system32\net.exe
detected: riskware Invader Running process: C:\WINDOWS\system32\services.exe
detected: riskware Invader Running process: C:\WINDOWS\Explorer.EXE
detected: riskware Invader Running process: C:\Program Files\Spyware Doctor\SDTrayApp.exe
detected: riskware Invader Running process: C:\Program Files\Spyware Doctor\sdloader.exe
detected: riskware Invader Running process: C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
detected: riskware Invader Running process: C:\Program Files\Spyware Doctor\swdoctor.exe
detected: riskware Invader Running process: C:\WINDOWS\system32\nvsvc32.exe
detected: riskware Invader Running process: C:\WINDOWS\system32\svchost.exe
detected: riskware Invader Running process: C:\WINDOWS\System32\svchost.exe
detected: riskware Invader Running process: C:\Program Files\Spyware Doctor\unins000.exe
detected: riskware Invader Running process: C:\Documents and Settings\Administrator\Local Settings\Temp\_iu14D2N.tmp
detected: Trojan program Trojan-Spy.Win32.VBStat.h
detected: virus Packed.Win32.Klone.j URL:
deleted: adware not-a-virus:AdWare.Win32.Virtumonde.ir File: C:\WINDOWS\system32\lrviwuye.dll


Would someone please help me?

Thanks,
Nanny

This post has been edited by lucianbara: 7.05.2007 13:47
Go to the top of the page
 
+Quote Post
Lucian Bara
post 6.05.2007 01:17
Post #2


Are You Kidding?
*****************

Group: Gold beta testers
Posts: 56947
Joined: 28.01.2006
From: Timisoara, Romania




hello
invader with spyware doctor is normal. (IMO you should drop spyware doctor and use something like superantispyware)
for the virtumonde problem use vundofix: http://www.atribune.org/content/view/24/2/
(follwo the steps on that page).
when you are done perform a scan with superantispyware: http://www.superantispyware.com/
Go to the top of the page
 
+Quote Post
Nanny
post 6.05.2007 01:30
Post #3


Member
**

Group: Members
Posts: 26
Joined: 5.05.2007




Thank You Lucianbara for your quick reply I uninstalled Spydoctor and bought the Lavasoft Adaware SE PLUS. I never did buy the Spydoctor just tried it and didn't like it so I uninstalled it right away. My problems started before I downloaded Spydoctor though. Should I download the other programs you suggest even though I have Spy Bot and Adaware?

I will try the virtumonde to fix the other problem.

QUOTE(lucianbara @ 5.05.2007 15:17)
hello
invader with spyware doctor is normal. (IMO you should drop spyware doctor and use something like superantispyware)
for the virtumonde problem use vundofix: http://www.atribune.org/content/view/24/2/
(follwo the steps on that page).
when you are done perform a scan with superantispyware: http://www.superantispyware.com/
*
Go to the top of the page
 
+Quote Post
Baz^^
post 6.05.2007 01:32
Post #4


Wrestling Champion
**************

Group: Gold beta testers
Posts: 8799
Joined: 10.03.2007




Yes, do download SUPERantispyware, it is much better that Adaware and spybot (in my humble opinion). wink.gif

This post has been edited by MAPKOBKA^^: 6.05.2007 01:50


--------------------
Kind Regards,

Baz (volunteer moderator/beta testing lead -- I don't work for Kaspersky
)
Go to the top of the page
 
+Quote Post
Nanny
post 6.05.2007 01:42
Post #5


Member
**

Group: Members
Posts: 26
Joined: 5.05.2007




Thank You MAPKOBKA!

I ran the vundofix and fixed that problem. I will download the SUPERantispyware and run it. I really appreciate all the help you people give me.

Thanks again to all of you.

Nanny

QUOTE(MAPKOBKA^^ @ 5.05.2007 15:32)
Yes, do download SUPERantispyware, it is much better that Adaware and spybot (in my humble opinion). wink.gif
*
Go to the top of the page
 
+Quote Post
Baz^^
post 6.05.2007 02:07
Post #6


Wrestling Champion
**************

Group: Gold beta testers
Posts: 8799
Joined: 10.03.2007




Let us know how it goes, if you are still having problems be sure to tell us!

I use SUPERantispyware myself, and I have used it when disinfecting machines infected with all sorts of nasty malware, I can honestly say it is one of the better apps I have used in conjunction with Kaspersky Anti Virus.


--------------------
Kind Regards,

Baz (volunteer moderator/beta testing lead -- I don't work for Kaspersky
)
Go to the top of the page
 
+Quote Post
Nanny
post 6.05.2007 03:35
Post #7


Member
**

Group: Members
Posts: 26
Joined: 5.05.2007




Hi MAPKOBKA,

Thanks for worrying about me. I had to run the vundofix 4 times and the SUPERantispyware 3. I ran my Kaspkersky and my Adaware too! LOL My machine is finally clean! WooHoo. I guess one has to be stubborn and keep trying but it works!

This forum is excellent! I appreciate the quick and knowledgable responses I got. I wrote on several different forums and you were the only one that answered fast and actually helped me.

Thank You...Thank You...Thank You!

Hope you have a Fantastic Weekend! biggrin.gif

Nanny

BTW, Nice Rig you've got there. Love the
QUOTE
20GB HDD and a hampster in a wheel to power it.
and liquid cooled! You must be a big gamer!?! biggrin.gif


QUOTE(MAPKOBKA^^ @ 5.05.2007 16:07)
Let us know how it goes, if you are still having problems be sure to tell us!

I use SUPERantispyware myself, and I have used it when disinfecting machines infected with all sorts of nasty malware, I can honestly say it is one of the better apps I have used in conjunction with Kaspersky Anti Virus.
*


This post has been edited by Nanny: 6.05.2007 03:46
Go to the top of the page
 
+Quote Post
Baz^^
post 6.05.2007 03:37
Post #8


Wrestling Champion
**************

Group: Gold beta testers
Posts: 8799
Joined: 10.03.2007




Good to hear you sorted out your problem wink.gif

You have yourself a good weekend too!


--------------------
Kind Regards,

Baz (volunteer moderator/beta testing lead -- I don't work for Kaspersky
)
Go to the top of the page
 
+Quote Post
Baz^^
post 6.05.2007 03:57
Post #9


Wrestling Champion
**************

Group: Gold beta testers
Posts: 8799
Joined: 10.03.2007




Oh yes Nanny, I am a big gamer wink.gif

I think that hampster is the best psu I have ever had so far. Beats the one in my main desktop- it is very quiet, except it has an annoying squeak every time the wheel turns tongue.gif


--------------------
Kind Regards,

Baz (volunteer moderator/beta testing lead -- I don't work for Kaspersky
)
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



Lo-Fi Version Time is now: 16.09.2014 19:27