Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Re-Direct I.E. Wyeke, Gamevance & Others


  • Please log in to reply
1 reply to this topic

#1 dathorpes

dathorpes

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arizona: but it's a dry heat
  • Local time:09:06 PM

Posted 07 June 2010 - 12:01 PM

Hi great computer wizards in the sky. I am in need of your expertise.

My new (to me) computer is swamped with virus/trojan/adware/spyware and I am at a loss to what to do next.
It is a Dell Dimension 3000 running XP ver 5.2.25 with 2MB memory.

I have done/run the folloing steps.

1. Dell's diagnostic hardware check - ok
2. Had to boot in Dell's Diagnostic mode because the system hung up after displaying the wallpaper in a normal boot
3. System Restore is on
4. Tried to run Trend's HouseCall - IE re-directed, or shut down over & over
.
5. Safe Boot, then was able to run HouseCall - quick scan. Found 3 problems:
gamevanceli Threat ADW GAMEVANCE, Spyware, Risk High Fixed
gvtl.dll ADW GAMEVANCE Spyware, Risk High, Fixed
asr_emon.dll BKDR URSNIF.Q trojan High, fixed at restart
.
6. Run Housecall - complete scan. Found 4 problems
Trojan horse - File: upgrad~1.cab Threat: TROJ gen.MZ40P8, Risk Medium
Trojan horse - File: 0000522c.tmp Threat: TROJ Gen.MZ40Q4 Risk Medium
Spyware GAMEVA~1.exe Threat: High ADW GAMEVANCE
Spywaregvun.exe Threat: High ADW GAMEVANCE
.
7. Re-booted Normal mode
8. Ran Malwarebytes. Found 38 adware 2 disabled security items (registrykey), 1 walware & 1 trojan - fixed all
.
9. Tried to run Windows Updates - stopped during install with error file c:\windows\system32\drivers\atapi.sys is open or in use by another application.
10. Don't have the 2 programs Windows suggested might be locking the files
.
11. Uninstall Network Magic
12. Ran Panda Active Scan: Found 19 threats, was unable to disinfect the following items:
adware/zwangi (has wyeke in dll)
try/genetic.ge - generic trojans
adware/onestep
trj/lineage.LG virus
.
13. Downloaded & installed Panda PandaCloud Antivirus
14. When I tried to run it, it said it needed to repair the installation. After repairing, needed to re-boot the computer. When I tried to run it again, I got message : Unexpected error code (1)
.
15. Ran SuperAntiSpyWare. found 2 register items were suspicious, but software didn't want to delete them.
.
16. Microsoftws Safety Scanner (OneCare) 3 issues found, 33 items detected, 2 issues & 3 items already cleaned
.
17. Ran MalwareBytes again. Found wyeke items, says was able to delete them
.
18. Installed & ran AVG antivirus. Found 1 item, but when I run IE it is still re-directed.
.
I give. Thanks for your help.

I forgot to tell you - I saved all the logs from the scans and I have these logs hijackthis, DDS, ActiveScan, Attach, Ark, Uninstall_list if you would like to see them

Edited by dathorpes, 07 June 2010 - 02:32 PM.


BC AdBot (Login to Remove)

 


#2 dathorpes

dathorpes
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arizona: but it's a dry heat
  • Local time:09:06 PM

Posted 07 June 2010 - 03:32 PM

I read the directions on posting messages, (this is my first post) I am worried, I posted it in the wrong place. Should I have posted it in Security > Virus, Trojan, Spyware, and Walware Removal Logs?

Sorry for the confusion, and thanks for the help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users