ssims4 Posted November 5, 2009 Report Share Posted November 5, 2009 My computer has a trojan that will not allow me to run spybot, hijackthis or antivirus. I downloaded a2free to memory stick and below is the scan. a2free will delete the trojan,but it comes back when I reboot. Any help you can give would be appreciated. Thanks a-squared Free - Version 4.5 Last update: 11/4/2009 8:34:19 PM Scan settings: Scan type: Deep Scan Objects: Memory, Traces, Cookies, C:\ Scan archives: On Heuristics: Off ADS Scan: On Scan start: 11/4/2009 9:47:47 PM C:\WINDOWS\system32\mseun3er8.dll detected: Trojan.Generic.IS!IK c:\program files\enigma software group detected: Trace.Directory.SpyHunter!A2 c:\program files\enigma software group\spyhunter\esgrkchk.exe detected: Trace.File.SpyHunter!A2 c:\program files\enigma software group\spyhunter\hosts.bak detected: Trace.File.SpyHunter!A2 c:\program files\enigma software group\spyhunter\install.log detected: Trace.File.SpyHunter!A2 c:\program files\enigma software group\spyhunter\purl.dat detected: Trace.File.SpyHunter!A2 c:\program files\enigma software group\spyhunter\spyhunter.log detected: Trace.File.SpyHunter!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig --> ConfirmTransfers detected: Trace.Registry.SpyHunter!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig --> Homepage_choosed detected: Trace.Registry.SpyHunter!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig --> Homepage_flags detected: Trace.Registry.SpyHunter!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig --> Hosts_flags detected: Trace.Registry.SpyHunter!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig --> IE_Homepage detected: Trace.Registry.SpyHunter!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig --> PromptActiveDesktop detected: Trace.Registry.SpyHunter!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig --> PromptWindowsComponents detected: Trace.Registry.SpyHunter!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig --> SmartScanOn detected: Trace.Registry.SpyHunter!A2 c:\program files\regcure\ detected: Trace.Directory.RegCure!A2 Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE detected: Trace.Registry.Funwebproducts!A2 Scanned Files: 151290 Traces: 439636 Cookies: 12 Processes: 41 Found Files: 17 Traces: 16 Cookies: 0 Processes: 0 Registry keys: 0 Scan end: 11/4/2009 10:40:30 PM Scan time: 0:52:43 Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted November 5, 2009 Report Share Posted November 5, 2009 Hello and welcome to the EMSI Software support forums. All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread Traduction anglais-français: http://translate.google.com/translate?js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fsupport.emsisoft.com%2Findex.php%3F%2Fforum-6%2Fannouncement-2-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread%2F&sl=en&tl=fr&history_state0= Englisch > Deutsch Übersetzung: http://translate.google.com/translate?hl=en&sl=en&tl=de&u=http%3A%2F%2Fsupport.emsisoft.com%2Findex.php%3F%2Fforum-6%2Fannouncement-2-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread%2F Inglese Traduzione italiana: http://translate.google.com/translate?hl=en&sl=en&tl=it&u=http%3A%2F%2Fsupport.emsisoft.com%2Findex.php%3F%2Fforum-6%2Fannouncement-2-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread%2F Traducción del Inglés al Español: http://translate.google.com/translate?hl=en&sl=en&tl=es&u=http%3A%2F%2Fsupport.emsisoft.com%2Findex.php%3F%2Fforum-6%2Fannouncement-2-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread%2F Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted November 9, 2009 Report Share Posted November 9, 2009 Thread Closed Reason: Lack of Response PM either ShadowPuterDude or Lynx to have this thread reopened. The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist. All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread Link to comment Share on other sites More sharing options...
Recommended Posts