Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Going round and round in Trojan purgatory-Help Me

  • This topic is locked This topic is locked
1 reply to this topic

#1 Jmurra21


  • Members
  • 39 posts
  • Local time:09:15 AM

Posted 16 March 2011 - 10:29 AM

First off, let me explain. IO have never had to get outside help for removing malware of any kind before. Although I have often used this site for reference. Now I have a bit of a situation.

I have been struggling with a couple different trojans on my computer. One is Win32/Themida in several locations, One is Trojan.GEn in one location, and two instances of PWS-SpyEye!env.a in two different locations, and a corrupted executable in the following address:

<systemroot> \Users\Josh\AppData\Local\Mozilla\Firefox\Profiles\xmsyhwut.default\Cache\E0CAB40Bd01

I have made multiple attempt to fight this.

I started out running AVG and it found seven instances of that listed above
I then ran SASW in safe mode, after making sure I updated it in normal mode first
I then did a sweep with Malwarebytes Antimalware in safe mode after updating in normal mode first
I then ran Malwarebytes in normal mode after updating the definitions again

I then ran Hijack This to produce a log (which I have posted under the logs forums a couple days ago, yet haven't received a response) and I hope this is because I didn't explain myself first.

I ran all of these and each scan came up with 7 infections reflecting those named above with the exception of the last Malwarebytes scan that said I was clean.

Finally I scanned with AVG this morning, and these infections came back.

Guys, I have no clue what themida is(other than a trojan/backdoor), but I do know that PWS is password stealer. I cant log into college, my business website, my banking or anything until I get this resolved. I posted my original HijackThis log , in the appropriate forum three days ago and have yet to receive an answer. Some one, PLEASE help me.

I will be more than happy to start at square one with you in the removal process if that is what it takes, but please help. I have yet to see one reply at all to my HijackThis log I posted two days ago asking for help, so I am hoping this is the way to go.


BC AdBot (Login to Remove)


#2 Blade


    Strong in the Bleepforce

  • Site Admin
  • 12,735 posts
  • Gender:Male
  • Location:US
  • Local time:08:15 AM

Posted 25 March 2011 - 09:26 PM

Topic Closed. See http://www.bleepingcomputer.com/forums/topic385002.html

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users