Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 2 of 2 Posts

· Registered
Joined
·
1 Posts
Discussion Starter · #1 ·
Hi!My name is Electra and I have a problem with my pc(Windows XP)and it's called win32.trojandownloader.newmedia and it really makes me nervous!!:( I tried many ways(like Adaware,panda-my antivirus,and some more) to fix this but unfortunately I couldn't!I finally thought about forums of genius people:p to help me with my problem!I read about another cases with this virus and I end up with the solution of "cybertech" to install the "SDFix"!I did it actually and since then(about 10 minutes)I haven't watched any prob yet!But I'm scared in the idea of appering this virus again into my pc!So I need help!!!
I 'll post now the report...

SDFix: Version 1.112

Run by electra on ƒœ¬ 29/10/2007 at 11:50 ££

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\DOCUME~1\ELECTRA\Desktop\y\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default HomePage Value
Restoring Default Desktop Components Value

Rebooting...

Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\bxsbang.dll - Deleted
C:\WINDOWS\kthemup.exe - Deleted
C:\WINDOWS\movctrlknq.dll - Deleted
C:\WINDOWS\nssfrch.dll - Deleted
C:\WINDOWS\ocgrep.dll - Deleted

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
 

· Registered
Joined
·
1,164 Posts
Howdy electraland,

Welcome to TSG. Very chancy move just applying any of the specialty tools in use in this forum without specific knowledge of the outcomes they might produce. Infection was surely located in that scan, but let's get some more basic diagnostic looks first here.

Download HijackThis from Here. Click on the downloaded file to install HijackThis. Then open HijackThis and select Do a system scan and save logfile. Use copy/paste and post that log.

Also go Here and download Silent Runners to your desktop. Run it, and post back here the log it creates. If your AV queries the script, allow it to run. It's not malicious. It will create a file named Startup Programs, and will notify when the scan is complete. Copy the log from the Startup Programs file here, along with the HijackThis log please.
 
1 - 2 of 2 Posts
Status
Not open for further replies.
Top