Stuck in the middle of Iraq with trojan problems

Status
Not open for further replies.
Two days ago, everything was running fine. Then the programs and folders started closing on there own or end up "Not Responding". Finally the computer became so slow that it was impossible to work on. To open a folder would take several minutes.

I was able to boot to SafeMode and run AVG and a few other things to get some of my problem cleared up and I can again boot normally and somewhat work. I still get the occasional "Not Responding" and Windows Media Player and My Computer always end up that way. They are both unusable. Since the only thing I have to do in this country while not working is watch movies....This is a big problem. I still manage to get to files and folders via putting the file path in IE.

I found many things on scans. Some go away permantly and some come back. Some of the more painful ones were.... Virtumonde, Winzzc32.dll, tuvvutq.dll, ddabx.dll, trojan.dialer.qn and downloader.loadadv.

I am in need of serious help here. I have limited resources and horrible internet speeds.

AVG Anti-Spyware
 
i might be wrong but you shouldn't go to website that you shouldn't be going, those are virus/spy wares haven.

Its nice to hear soldiers from Iraq, but i wanna suggest to you that if you're off duty, you should go and visit Iraq family and children to give them comfort, bring a translator and hear their story in the green zone area. That was the whole purpose you went into Iraq in the first place right? to help those people?
 
Hi Syty and welcome to techspot. =)

Please do not copy and paste your logs in the future as they are against the rules of this forum. Instead, attach your .log or .txt files.

Important: Please read this thread HERE before you decide whether to clean or reformat your system.

Should you decide to clean your computer, do the following.

Run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {0777FDE1-50AB-4E2F-8DC8-23548E111F93} - (no file)
O2 - BHO: (no name) - {0DD38911-D155-47DF-BF67-CF1F31B83B8C} - (no file)
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\Ram\LOCALS~1\Temp\20075296720_mcappins.exe /v=3 /cleanup
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\Ram\LOCALS~1\Temp\2007529670_mcinfo.exe /insfin
O20 - Winlogon Notify: ddabx - C:\WINDOWS\system32\ddabx.dll (file missing)
O20 - Winlogon Notify: tuvvutq - tuvvutq.dll (file missing)
O20 - Winlogon Notify: winzzc32 - winzzc32.dll (file missing)

Close HJT.

Reboot into normal mode and rehide your protected OS files.

After that, please continue to Viruses/Spyware/Malware, preliminary removal instructions and follow the steps given. These are a comprehensive mix of steps to remove common malware, as well as provide us logs of your system to look at so we can further remove any tricky nasties.
Do follow all the instructions exactly.

Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread. Do not copy and paste if not it will be ignored and/or removed.

Also, please let me know the results of the AVG Antirootkit scan


Regards,
Your friendly momok =)

This thread is for the use of Syty only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Condor said:
i might be wrong but you shouldn't go to website that you shouldn't be going, those are virus/spy wares haven.
JEEZE MAN!
Keep your politics out of here -- PLEASE! Syty has enough going on w/o your
opinion on what/why he's overseas. Contribute to the topic or just read some
other thread.
 
Status
Not open for further replies.
Back