Trojan Virus

Computing.Net > Forums > Security and Virus > Trojan Virus

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

Trojan Virus

Name: Ravcmykids
Date: May 25, 2009 at 10:31:57 Pacific
OS: Microsoft Windows Vista Home Premium
CPU/Ram: 1.795 GHz / 3062 MB
Product: Gateway / Gt5622
Subcategory: Viruses

Comment:

I am unable to do anything online with this computer unless it is in safe mode. Every time I attampt to open a website, it blocks it with a "personal antivirus" dark red box, saying that the site is potentially dangerous to the computer, and urges me to install the software. I never installed a "personal antivirus" so i am thinking that it is the virus, but I am not savvy on viruses so i need some help. Please, walk me through how to get rid of this thing, so I can get back online?

Sponsored Link

Ads by Google

Response Number 1

Name: jdk (by neoark)
Date: May 25, 2009 at 10:51:37 Pacific

Reply:

Download and run Kaspersky AVP tool:
http://devbuilds.kaspersky-labs.com...
Once you download and start the tool select all the objects/places to be scanned and hit Scan. Fix what it detects and at the end of the scan post screen shot/log of detected items that is fixed and which it could not fix. Once you post the log we will continue with further steps from there.
--------------------------------------------
To Private Message me Click Here

Response Number 2

Name: jdk (by neoark)
Date: May 25, 2009 at 11:35:02 Pacific

Reply:

Can you please post your AVZ log:
Note: Run AVZ in windows normal mode. If avz.exe doesn't start, then try to rename the file avz.exe to something else and try to run it again.
1) To create the logfile, download AVZ by clicking HERE. Please save this file to your desktop or "My Documents" folder.
2) Next, unpack the file to a new folder using the Compressed (zipped) folders wizard built into Windows XP/Vista, or a zip utility of your choice.
3) Once you have unpacked the contents of the zip archive, please launch the file AVZ.exe by double clicking on it or right clicking and selecting Open.
Note: If you are running Windows vista launch AVZ.exe by right clicking and selecting Run as Administrator
You should now see the main window of the AVZ utility. Please navigate to File->Custom Scripts. Copy the script below by using the keyboard shortcut CTRL+C or the corresponding option via right click.
begin
ExecuteStdScr(3);
RebootWindows(true);
end.
Paste the script into the execution window by using CTRL+V keyboard shortcut, or the "paste" option via the right click menu. Click on Run to run the script, the PC will reboot. After the reboot the LOG subfolder is created in the folder with AVZ, with a file called virusinfo_syscure.zip inside. Upload that file to rapidshare.com and paste the link here.
Image Tutorial
--------------------------------------------
To Private Message me Click Here

Response Number 3

Name: Ravcmykids
Date: May 25, 2009 at 17:58:01 Pacific

Reply:

5/25/2009 12:18:41 PM File: C:\Users\Rhiannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6Z2U6R9Y\file[1].exe detected Trojan program 'Trojan.Win32.TDSS.adrc'
5/25/2009 12:18:41 PM File: C:\Users\Rhiannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6Z2U6R9Y\file[1].exe not disinfected postponed
5/25/2009 12:19:58 PM File: C:\Users\Rhiannon\AppData\Local\Temp\UACaf8.tmp detected Trojan program 'Packed.Win32.Tdss.m'
5/25/2009 12:19:58 PM File: C:\Users\Rhiannon\AppData\Local\Temp\UACaf8.tmp not disinfected postponed
5/25/2009 12:19:58 PM File: C:\Users\Rhiannon\AppData\Local\Temp\UACdb6.tmp detected Trojan program 'Trojan.Win32.TDSS.adrc'
5/25/2009 12:19:58 PM File: C:\Users\Rhiannon\AppData\Local\Temp\UACdb6.tmp not disinfected postponed
5/25/2009 1:23:52 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/agntcons.vbs password protected
5/25/2009 1:23:52 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/agntlang.vbs password protected
5/25/2009 1:23:52 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/comctl.lpk password protected
5/25/2009 1:23:52 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/config.ini password protected
5/25/2009 1:23:52 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/pbar.vbs password protected
5/25/2009 1:23:52 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/UnInsStr.vbs password protected
5/25/2009 1:23:52 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/uninst.vbs password protected
5/25/2009 1:23:52 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/uninstall.htm password protected
5/25/2009 2:27:52 PM File: C:\Users\Rhiannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6Z2U6R9Y\file[1].exe detected Trojan program 'Trojan.Win32.TDSS.adrc'
5/25/2009 2:27:52 PM File: C:\Users\Rhiannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6Z2U6R9Y\file[1].exe not disinfected postponed
5/25/2009 2:29:10 PM File: C:\Users\Rhiannon\AppData\Local\Temp\UACaf8.tmp detected Trojan program 'Packed.Win32.Tdss.m'
5/25/2009 2:29:10 PM File: C:\Users\Rhiannon\AppData\Local\Temp\UACaf8.tmp not disinfected postponed
5/25/2009 2:29:10 PM File: C:\Users\Rhiannon\AppData\Local\Temp\UACdb6.tmp detected Trojan program 'Trojan.Win32.TDSS.adrc'
5/25/2009 2:29:10 PM File: C:\Users\Rhiannon\AppData\Local\Temp\UACdb6.tmp not disinfected postponed
5/25/2009 5:07:27 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/agntcons.vbs password protected
5/25/2009 5:07:27 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/agntlang.vbs password protected
5/25/2009 5:07:27 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/comctl.lpk password protected
5/25/2009 5:07:27 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/config.ini password protected
5/25/2009 5:07:27 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/pbar.vbs password protected
5/25/2009 5:07:27 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/UnInsStr.vbs password protected
5/25/2009 5:07:27 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/uninst.vbs password protected
5/25/2009 5:07:27 PM File: D:\i386\Apps\App001465\Apps\MSC\msclgmis.cab/screm.ui/uninstall.htm password protected
5/25/2009 5:27:37 PM File: c:\users\rhiannon\appdata\local\microsoft\windows\temporary internet files\content.ie5\6z2u6r9y\file[1].exe detected Trojan program 'Trojan.Win32.TDSS.adrc'
5/25/2009 5:44:34 PM File: c:\users\rhiannon\appdata\local\microsoft\windows\temporary internet files\content.ie5\6z2u6r9y\file[1].exe deleted
5/25/2009 5:44:34 PM File: c:\users\rhiannon\appdata\local\temp\uacaf8.tmp detected Trojan program 'Packed.Win32.Tdss.m'
5/25/2009 5:44:54 PM File: c:\users\rhiannon\appdata\local\temp\uacaf8.tmp not disinfected cannot be disinfected
5/25/2009 5:44:54 PM File: c:\users\rhiannon\appdata\local\temp\uacaf8.tmp deleted
5/25/2009 5:44:55 PM File: c:\users\rhiannon\appdata\local\temp\uacdb6.tmp detected Trojan program 'Trojan.Win32.TDSS.adrc'
5/25/2009 5:44:55 PM File: c:\users\rhiannon\appdata\local\temp\uacdb6.tmp deleted

Response Number 4

Name: jdk (by neoark)
Date: May 25, 2009 at 18:02:25 Pacific

Reply:

Attach the whole log (upload it to rapidshare.com).
--------------------------------------------
To Private Message me Click Here

Sponsored Link

Ads by Google

uninstall trendmicro password comctl vbs password popup vbs password warcraft 3 windowed mode vista win32/rustock.m tdss virus blocking websites Win32.Trojan.Tdss win32.tdss.rtk	uninstall officescan password Trojan.Win32.Generic!BT win32.tdss trojan-agent-tdss trojan.tdss devbuilds.kasperskylabs.com/devbuilds/avptool packed.win32.tdss!IK win32.tdss TROJAN.WIN32.QHOST.MCF Trojan.Win32.Autoit
See More

imac osx 10.4.11 i think

AVG says no active compon...

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Sponsored links

Ads by Google

Results for: Trojan Virus

Trojan Virus in MIRC

Summary

www.computing.net/answers/security/trojan-virus-in-mirc/5762.html

backdoor trojan virus..help needed

Summary

www.computing.net/answers/security/backdoor-trojan-virushelp-needed/4851.html

Some Trojan Virus Help Needed

Summary

www.computing.net/answers/security/some-trojan-virus-help-needed/3558.html

From the Geek Dictionary
Virgin - some one who has never had sex. They usually gather daily in a massive crow...

Ask a Question!

Weekly Poll
Did you go shopping on Black Friday?

Yes (190)
No (208)
Are you crazy? (277)

Poll Finished
Discuss in The Lounge
Poll History

Recent Posts
la multifunzione epson px810fw funz.con win7

Need DOS cleanup batch program

problem w/ connection (PPPoE Problem)

dvd burner

Do I need Security Center AND Viruscan?

All Awaiting Reply

Tom's News
Verizon: iPhone is Digitally Clueless Beauty Queen

Analysts Predict Influx of Apps in 2010

2010 World Cup Will Be Screened in 3D

Google Launches Free Public DNS Service

UK Street May Be Named After Lara Croft

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE