Browsermodifier win32/fotomoto yikes!

Status
Not open for further replies.
I

ineedsomehelp

Posts: 20   +0
i just recently started having a major pop up issue with the internet and my computer is also running slow, so i downloaded windows defender and i get this popup every 30 seconds saying BrowserModifier:Win32/Fotomoto wants to harm my computer. i am really bad with computers and need some serious help
 
Hello and welcome to TechSpot.

Very important: Malware infections can lead to identity theft, credit card misuse, loss of funds from bank accounts, etc. Therefore, I strongly suggest that you read this thread before deciding whether to clean or reformat your computer.

If you decide to clean your system after reading the above thread, please do the following.

Go and read the Viruses/spyware/malware preliminary removal instructions. Follow all the instructions exactly.

Post fresh HijackThis, ComboFix, and AVG Anti-Spyware logs as attachments, only after doing the above.

Please post the results of the Panda Anti-rootkit scan as well.

Regards :)

This thread is for the use of ineedsomehelp only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
 
thanks for replying!
before i decide what actions to take i would like to ask something. will there still be a high possibility that these viruses can take credit card information even after removing them? i don't have any serious information on my computer at the moment, but i plan on using this computer for business in the future.
 
If you haven't used your computer for business, online banking, or storing sensitive information, then I'd recommend cleaning. If you do any of the activities mentioned, it would probably be a good idea to reformat.

After the malware is removed from your computer, you can use your computer for business, as long as you have good antispyware, antivirus, and firewall software (and keep it updated).

Regards :)
 
on step 7 i accidently forgot to make sure the Teatimer protection was disabled during installation, how do i get rid of this?
 
You can find information on disabling Teatimer protection here (scroll down to the "To de-activate ( disable ) Tea timer" section).
 
finally finished, here's the panda results:

Panda Anti-Rootkit v1.08.0 scan and cleaning results:
no rootkits have been found
Items scanned: 5551
rootkits detected: 0
known rootkits: 0
unknown rootkits: 0
rootkits removed: 0
rootkits sent to panda: 0

the combofix, avg antispyware log and hijackthis log have been attached
 
Sorry about the delay.

Go into Add/Remove Programs in your control panel and remove anything relating to SpywareBot. This is a rogue program.

1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

2. Download the attached avengerscript.txt and save it to your desktop

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by double clicking on its icon on your desktop.

Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please attach the content of c:\avenger.txt into your reply.

Regards :)
 
thanks for helping me out even on the holidays =D
i couldn't find any SpywareBot programs on my list of programs. here's the avenger results, i don't think it went well.
 
That looks fine. If it couldn't find the files, that probably means they were deleted by one of your anti-virus or anti-spyware programs.

Please post a fresh HJT and ComboFix log. Hopefully your system is clean now.

Regards :)
 
I'm just a little concerned about these 2 entries in ComboFix:

C:\WINDOWS\system32\drivers\ehkkrat^.sys
C:\WINDOWS\system32\vbzip10.dll

I'd delete them though.
 
thanks, the fomoto problem is gone though, i just need someone to see if all my problems are gone and i think there's something used for getting rid of all these programs i used
 
Status
Not open for further replies.

Similar threads

orangeshadow
Games lag and freeze in 15-20 minute intervals.
Replies
0
Views
469
orangeshadow
orangeshadow
learninmypc
Help with iTunes
Replies
0
Views
876
learninmypc
learninmypc
Cal Jeffrey
ChatGPT achieves the pinnacle of human intelligence, laziness, and developers are baffled
2
Replies
26
Views
658
godrilla
godrilla

Latest posts

Back