[ask/help]malware and trojan OnlineGame and VertuMundo, plz help me...im desperate...

Discussion in 'ESET NOD32 Antivirus' started by SETAN13, May 3, 2008.

Thread Status:
Not open for further replies.
  1. SETAN13

    SETAN13 Registered Member

    Joined:
    May 2, 2008
    Posts:
    4
    hi there guys,

    i try to formated my pc and its gone..

    but another thing come in again..with trojan OnlineGame..

    i dunno what to do...and im kinda newbie in this area...i try everything in my power of knowledge that i think i met the dead end..so plz help me..

    this is log from HJT and ESET online scanner which help to see diagnose my problem

    ~HiJack This log removed per Policy.~

    and this from ESET online scanner
    Code:
    # version=4
    # OnlineScanner.ocx=1.0.0.635
    # OnlineScannerDLLA.dll=1, 0, 0, 79
    # OnlineScannerDLLW.dll=1, 0, 0, 78
    # OnlineScannerUninstaller.exe=1, 0, 0, 49
    # vers_standard_module=3072 (20080503)
    # vers_arch_module=1.064 (20080214)
    # vers_adv_heur_module=1.064 (20070717)
    # EOSSerial=3f77c039b3326d44a6b0cfac014bb69b
    # end=finished
    # remove_checked=true
    # unwanted_checked=true
    # utc_time=2008-05-03 06:05:43
    # local_time=2008-05-03 06:05:43 (+1200, New Zealand Standard Time)
    # country="United States"
    # osver=5.1.2600 NT Service Pack 2
    # scanned=441277
    # found=11
    # scan_time=2699
    # nod_component=V3 Build:0x30000000 ()
    C:\WINDOWS\system32\fool0.dll	Win32/Pacex.Gen virus (unable to clean - deleted (after the next restart))	00000000000000000000000000000000
    C:\WINDOWS\system32\ieso0.dll	Win32/Pacex.Gen virus (unable to clean - deleted)	00000000000000000000000000000000
    D:\Windows killer\wga killer.rar	probably a variant of Win32/TrojanDownloader.Agent trojan (deleted)	00000000000000000000000000000000
    D:\Windows killer\wga killer.rar »RAR »wga killer\Windows XP Keygen.exe	probably a variant of Win32/TrojanDownloader.Agent trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object)	00000000000000000000000000000000
    D:\Windows killer\WGA_Permanent_PatcherP5575987.rar	probably a variant of Win32/TrojanDownloader.Agent trojan (deleted)	00000000000000000000000000000000
    D:\Windows killer\WGA_Permanent_PatcherP5575987.rar »RAR »Windows XP Keygen.exe	probably a variant of Win32/TrojanDownloader.Agent trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object)	00000000000000000000000000000000
    D:\Windows killer\Windows_XP_Professional_by_Unknown.zip	probably a variant of Win32/TrojanDownloader.Agent trojan (deleted)	00000000000000000000000000000000
    D:\Windows killer\Windows_XP_Professional_by_Unknown.zip »ZIP »KeyGen.exe	probably a variant of Win32/TrojanDownloader.Agent trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object)	00000000000000000000000000000000
    E:\Programs\Atari Act of war high Treason 1.0.rar	multiple infiltrations (deleted)	00000000000000000000000000000000
    E:\Programs\Atari Act of war high Treason 1.0.rar »RAR »keygen.exe	Win32/Adware.Virtumonde application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object)	00000000000000000000000000000000
    E:\Programs\Atari Act of war high Treason 1.0.rar »RAR »crack.exe	Win32/Dialer.NER trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object)	00000000000000000000000000000000
    this is some pic that might help u to analyze my prob

    http://i20.photobucket.com/albums/b209/jinzo13/virus/abisdiklik.jpg
    this when i open my computer

    http://i20.photobucket.com/albums/b209/jinzo13/virus/trusjadibegini.jpg
    after i click one of my partition it open to a new window and the threat notice pop up..

    i hope the information is enough to help u guys identify everything of my probx..

    and i hope it can fix soon with THE POWER OF WILDERSSECURITY :p

    cheers

    P.S i forgot to mention taht i use NOD32 v3 smart security and spyware doctor

    i hope i can fix my own Y_Y

    plz heelp me..

    cheers again :p
     
    Last edited by a moderator: May 3, 2008
  2. ASpace

    ASpace Guest

    Hello!

    First , Wilders doesn't provide malware cleaning services . Second , is your NOD32 even legal ? Is your Windows genuie ? I doubt .

    ESET Online scanner detected trojans in keygen , which are used to "make illegal Windows legal"

     
  3. SETAN13

    SETAN13 Registered Member

    Joined:
    May 2, 2008
    Posts:
    4
    yup i know that...

    dun angry at me im just an international student Y_Y

    i already erase taht one...

    so is there any chance to fix everything up..??

    and sorry for misunderstanding that i am not asking for malware cleaning services if u u guys can show me the steps to fix my PC that will be great...^^

    i will do the cleaning ^^ i am asking for the guidance

    thank you
     
    Last edited: May 3, 2008
  4. ASpace

    ASpace Guest

    Hi!

    The best thing would be to create a back-up , completely format the hard drive and do a clean install of an OS .

    The best would be to buy Windows and all the softwares you need (including antivirus software , back-up software , office suit , etc ...) . This guarantees you quality and support . You have fallen victim of the cracks you have used but there is no free lunch .

    If you can't afford buying Windows and other software , order or download Linux . Linux is free operating system which comes bundled with pretty much things . You can have a lot free programs to use on it. On Linux most likely you won't need an antivirus software . Search in Google for different Linux distros - such as Suse , Ubunto , etc....
     
  5. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hi, here is example of this threat => http://secit.sk/?q=node/214

    As you can see, it creates DLL, which is loaded in process explorer.exe. You have to find that, stop explorer.exe and remove DLL and values in Registry. But this variant can do something different (when I see .sys in Temp directory).

    If you want, you can PM me and we solve it. ;)
     
  6. SETAN13

    SETAN13 Registered Member

    Joined:
    May 2, 2008
    Posts:
    4
    thank you very much...i really needed man..

    but i dun think i can PM u coz when i tried just now PM has been disable..

    so is there any probability for us to solve my problem in this thread..??

    i will very much appreciated..

    cheers
     
  7. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
Thread Status:
Not open for further replies.