My new (to me) computer is swamped with virus/trojan/adware/spyware and I am at a loss to what to do next.
It is a Dell Dimension 3000 running XP ver 5.2.25 with 2MB memory.
I have done/run the folloing steps.
1. Dell's diagnostic hardware check - ok
2. Had to boot in Dell's Diagnostic mode because the system hung up after displaying the wallpaper in a normal boot
3. System Restore is on
4. Tried to run Trend's HouseCall - IE re-directed, or shut down over & over
.
5. Safe Boot, then was able to run HouseCall - quick scan. Found 3 problems:
gamevanceli Threat ADW GAMEVANCE, Spyware, Risk High Fixed
gvtl.dll ADW GAMEVANCE Spyware, Risk High, Fixed
asr_emon.dll BKDR URSNIF.Q trojan High, fixed at restart
.
6. Run Housecall - complete scan. Found 4 problems
Trojan horse - File: upgrad~1.cab Threat: TROJ gen.MZ40P8, Risk Medium
Trojan horse - File: 0000522c.tmp Threat: TROJ Gen.MZ40Q4 Risk Medium
Spyware GAMEVA~1.exe Threat: High ADW GAMEVANCE
Spywaregvun.exe Threat: High ADW GAMEVANCE
.
7. Re-booted Normal mode
8. Ran Malwarebytes. Found 38 adware 2 disabled security items (registrykey), 1 walware & 1 trojan - fixed all
.
9. Tried to run Windows Updates - stopped during install with error file c:\windows\system32\drivers\atapi.sys is open or in use by another application.
10. Don't have the 2 programs Windows suggested might be locking the files
.
11. Uninstall Network Magic
12. Ran Panda Active Scan: Found 19 threats, was unable to disinfect the following items:
adware/zwangi (has wyeke in dll)
try/genetic.ge - generic trojans
adware/onestep
trj/lineage.LG virus
.
13. Downloaded & installed Panda PandaCloud Antivirus
14. When I tried to run it, it said it needed to repair the installation. After repairing, needed to re-boot the computer. When I tried to run it again, I got message : Unexpected error code (1)
.
15. Ran SuperAntiSpyWare. found 2 register items were suspicious, but software didn't want to delete them.
.
16. Microsoftws Safety Scanner (OneCare) 3 issues found, 33 items detected, 2 issues & 3 items already cleaned
.
17. Ran MalwareBytes again. Found wyeke items, says was able to delete them
.
18. Installed & ran AVG antivirus. Found 1 item, but when I run IE it is still re-directed.
.
I give. Thanks for your help.
I forgot to tell you - I saved all the logs from the scans and I have these logs hijackthis, DDS, ActiveScan, Attach, Ark, Uninstall_list if you would like to see them
Edited by dathorpes, 07 June 2010 - 02:32 PM.