Hello everyone,
Recently I came in some sort of website and downloaded *.exe type self-extracting winrar archive. I usually don't use any antivirus software because I feel confident with my experience using internet and pc for many years. I only use kaspersky website for online file scaning if I suspect that file might be infected. But this time I made a mistake. I thought that self-extracting archive can't do any harm, just to extract files but it's wrong. There were 4 files in the archive containing 3 *.exe files and 1 readme.bat file. Archive contained a comment which is: setup=readme.bat . The bat files executes these 3 exe files which were infected with trojans. Kaspersky online file scanner identifies these as:
1) not-a-virus:AdWare.Win32.Virtumonde.jp
2) Trojan-Downloader.Win32.LoadAdv.gen
3) Trojan.Win32.Dialer.qn
I installed NOD32 but it doesn't seem to eliminate these trojans. I've noticed strange behaviour in IE and FF browsers after infection. NOD32 (IMON) detected Win32/Spy.VBStat.J and offered to terminate it. I did so but I still experience unexpected opening of some URLs in IE although I only use FF.
I need instructions for cleaning these trojans completely.
Hijackthis log attached. (Ran in safe mode).
Thank you for your help.
P.S. As I as writing I noticed that Browse button stopped working in FF so I tried uploading the log with IE and it worked but IE opened some other website and NOD32 (IMON) reported a threat which is Win32/Adware.WinFixer application.
Recently I came in some sort of website and downloaded *.exe type self-extracting winrar archive. I usually don't use any antivirus software because I feel confident with my experience using internet and pc for many years. I only use kaspersky website for online file scaning if I suspect that file might be infected. But this time I made a mistake. I thought that self-extracting archive can't do any harm, just to extract files but it's wrong. There were 4 files in the archive containing 3 *.exe files and 1 readme.bat file. Archive contained a comment which is: setup=readme.bat . The bat files executes these 3 exe files which were infected with trojans. Kaspersky online file scanner identifies these as:
1) not-a-virus:AdWare.Win32.Virtumonde.jp
2) Trojan-Downloader.Win32.LoadAdv.gen
3) Trojan.Win32.Dialer.qn
I installed NOD32 but it doesn't seem to eliminate these trojans. I've noticed strange behaviour in IE and FF browsers after infection. NOD32 (IMON) detected Win32/Spy.VBStat.J and offered to terminate it. I did so but I still experience unexpected opening of some URLs in IE although I only use FF.
I need instructions for cleaning these trojans completely.
Hijackthis log attached. (Ran in safe mode).
Thank you for your help.
P.S. As I as writing I noticed that Browse button stopped working in FF so I tried uploading the log with IE and it worked but IE opened some other website and NOD32 (IMON) reported a threat which is Win32/Adware.WinFixer application.