Home > General > Trojan-Downloader.Win32.PurityScan.dx

Trojan-Downloader.Win32.PurityScan.dx

It often comes bundling with some free software which you can always get from online websites easily. o It will open in your default text editor (such as Notepad/Wordpad). User: MSHOME\RYAN1$, computer: localhost.9/29/2007 8:51:59 PM Security threats have been detected. You are advised to perform a full scan as soon as possible.9/28/2007 6:29:28 PM Protection of your computer started.9/28/2007 6:31:25 PM File C:\DOCUME~1\RYANWE~1\LOCALS~1\Temp\UE.exe//PE_Patch.UPX//UPX: detected adware 'not-a-virus:AdWare.Win32.PurityScan.fk'. navigate here

Complete scanning result of "ddabb.dll", received in VirusTotal at 06.17.2007, 00:39:12 (CET). Here is whats detected:detected: Trojan program Trojan-Downloader.Win32.PurityScan.dx URL: //update2.outerinfo.com/!update-4395.0000//PE_Patch.PECompact//PecBundle//PECompact]http://update2.outerinfo.com/!update-4...ndle//PECompact[/url]detected: riskware not-a-virus:Downloader.Win32.WinFixer.l URL: //cdn.downloadcontrol.com/files/installers/cab/Install-Errorprotector-Free.cab/UERT_0001_D19M2109NetInstaller.exe]http://cdn.downloadcontrol.com/files/insta...etInstaller.exe[/url]detected: riskware not-a-virus:Downloader.Win32.WinFixer.l URL: //cdn.downloadcontrol.com/files/installers/Install-Errorprotector-Free.exe]http://cdn.downloadcontrol.com/files/insta...tector-Free.exe[/url]detected: adware not-a-virus:AdWare.Win32.PurityScan.fk URL: //www.outerinfo.com/OiUninstaller.exe//data0002//PE_Patch.UPX//UPX]http://www.outerinfo.com/OiUninstaller.exe..._Patch.UPX//UPX[/url]detected: adware not-a-virus:AdWare.Win32.PurityScan.bu URL: //www.outerinfo.com/OiUninstaller.exe//data0003]http://www.outerinfo.com/OiUninstaller.exe//data0003[/url]not found: adware not-a-virus:AdWare.Win32.PurityScan.bu File: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WSu.exenot found: Please post the contents of C:\vundofix.txt, a fresh HiJackThis log. Step 4: Delete all the files associated with Trojan-Downloader.Win32.PurityScan.eg from your computer.

Volume Serial Number is BCFB-2313 Directory of C:\WINDOWS\tasks 06/07/2007 11:16 PM 6 SA.DAT Directory of C:\WINDOWS\temp 06/07/2007 11:16 PM 409 WGANotify.settings 06/07/2007 11:16 PM 255 WGAErrLog.txt 06/05/2004 12:13 AM 16,384 Perflib_Perfdata_bd4.dat Method 1: Manually Remove the Trojan Horse by Following the Guide. C:\WINDOWS\system32\nqq.dllC:\WINDOWS\system32\ukqchusa.dllC:\WINDOWS\system32\kmqvvlpw.dllC:\WINDOWS\system32\diqhkknw.dllC:\WINDOWS\system32\abbgdien.dllC:\WINDOWS\system32\ddabb.dll C:\WINDOWS\system32\wtsicomsv32.exeC:\WINDOWS\system32\FNTS~1\dexplore.exeC:\DOCUME~1\Matthew\LOCALS~1\Temp\WinAntiVirusPro2007FreeInstall.exeC:\DOCUME~1\Matthew\LOCALS~1\Temp\YazzleBundle-1281.exeC:\DOCUME~1\Matthew\LOCALS~1\Temp\Tam01065.exeC:\DOCUME~1\Matthew\LOCALS~1\Temp\!update.exeC:\WINDOWS\retadpu1000106.exe You may want to make us know all about the results of the scans including name, MD5 and SHA1 by copy&paste.

I'm still missing this ---> Zitat von Runa At first please load down this version of HijackThis: HijackThis-selfinstall Please make me see the new HijackThis Logfile of HijackThis v1.99.1 (not Logfile bck Kaspersky Lab Forum > English User Forum > Virus-related issues ryioon 1.10.2007 07:44 I am having a similar issue with the above mentioned virus. Step 2: Launch Windows Task Manager by pressing CTRL + Shift + ESC keys simultaneously to or right-clicking on the taskbar and selecting the "Task Manager". Beginning removal...

Performing Repairs to the registry. More How to Remove rivertrail.kim Completely and Safely ¨C Removal Guide

How to Remove Trojan.Win32.Buzus.dzbq Quickly and Easily

How To Remove Trojan-Downloader.Win32.Zlob.dad - Quickly Remove Trojan-Downloader.Win32.Zlob.dad From Your Computer

Useful Tips to Remove Bin.Auto.BMN Thanks for the heads up. Everyone else please begin a New Topic Please make a donation so I can keep helping people just like you.Every little bit helps!

User: MSHOME\RYAN1$, computer: localhost.9/29/2007 8:44:20 PM Security threats have been detected. You are advised to neutralize them immediately.9/28/2007 6:07:48 PM File C:\WINDOWS\system32\iifdbya.dll: detected adware 'not-a-virus:AdWare.Win32.Virtumonde.jp'.9/28/2007 6:07:51 PM File C:\WINDOWS\system32\iifdbya.dll will be deleted on system restart.9/28/2007 6:08:05 PM Startup object HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iifdbya\iifdbya: deleted.9/28/2007 Yes, that's what i want to see - nearly.... User: MSHOME\RYAN1$, computer: localhost.9/29/2007 8:53:45 PM Security threats have been detected.

Antivirus Version Update Result AhnLab-V3 2007.6.16.0 06.15.2007 Win-Trojan/Purityscan.72704.D AntiVir 7.4.0.32 06.16.2007 TR/Dldr.PurityScan.AF.12 Authentium 4.93.8 06.16.2007 W32/Downloader2.DBR Avast 4.7.997.0 06.16.2007 Win32:Purityscan-Q AVG 7.5.0.467 06.16.2007 Downloader.Generic4.IRF BitDefender 7.2 06.16.2007 no virus found CAT-QuickHeal This applies only to the original topic starter. User: RYAN1\Ryan Wells, computer: localhost.9/28/2007 6:31:25 PM Security threats have been detected. Join our site today to ask your question.

In this case, you need to find out other methods to deal with the Trojan horse. check over here Then, run the downloaded file and proceed to download the SpyHunter installer. Should I go ahead and try to delete them? Antivirus Version Update Result AhnLab-V3 2007.6.16.0 06.15.2007 no virus found AntiVir 7.4.0.32 06.16.2007 ADSPY/Virtumonde.KB Authentium 4.93.8 06.16.2007 W32/Backdoor.ARKO Avast 4.7.997.0 06.16.2007 no virus found AVG 7.5.0.467 06.16.2007 Adware Generic2.CME BitDefender 7.2

You are advised to neutralize them immediately.9/30/2007 9:42:59 AM File C:\Documents and Settings\Ryan Wells\Local Settings\Temporary Internet Files\Content.IE5\3WIIORJB\valera[1]: deleted.9/30/2007 9:43:02 AM Malicious HTTP object : detected Trojan program 'Trojan.Win32.Agent.bck'.9/30/2007 9:43:02 AM Malicious Also we need more information of some important folders, therefore follow the instructions: Please load down the filelist.zip to your desktop. (FAQ)Unzip this file to your desktop. (free Zip-Tools) Restart your Click the "Finish" button and you will see the home page of SpyHunter. his comment is here Step 3: Select the Start menu and open Control Panel.

You are advised to neutralize them immediately.9/29/2007 12:38:50 PM Update completed successfully9/29/2007 2:58:40 PM Update completed successfully9/29/2007 5:07:33 PM File C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP1238\A0076436.exe: deleted.9/29/2007 5:18:58 PM Update completed successfully9/29/2007 5:28:58 PM It looks like these three files are bad news. You are advised to neutralize them immediately.9/29/2007 9:06:43 PM Malicious HTTP object : detected Trojan program 'Trojan.Win32.Agent.bck'.9/29/2007 9:06:43 PM Malicious HTTP object : access denied.9/29/2007 9:06:46 PM File C:\Documents and Settings\Ryan

Thank you for your help, Runo.

User: MSHOME\RYAN1$, computer: localhost.9/29/2007 8:44:18 PM File C:\DOCUME~1\RYANWE~1\LOCALS~1\TEMP\!UPDATE.EXE//PE_Patch.PECompact//PecBundle//PECompact: detected Trojan program 'Trojan-Downloader.Win32.PurityScan.dx'. You are advised to resume protection.9/29/2007 9:32:54 PM Protection of your computer started.9/29/2007 9:53:57 PM Update completed successfully9/29/2007 9:59:16 PM File C:\DOCUME~1\RYANWE~1\LOCALS~1\TEMP\!UPDATE.EXE//PE_Patch.PECompact//PecBundle//PECompact: detected Trojan program 'Trojan-Downloader.Win32.PurityScan.dx'. Trojan-Downloader.Win32.PurityScan.eg not only slips into computers secretly but also does great harm to it as soon as it has been installed. Antivirus Version Update Result AhnLab-V3 2007.6.16.0 06.15.2007 Win-Trojan/Klone.131604.K AntiVir 7.4.0.32 06.16.2007 TR/Dldr.ConHook.Gen Authentium 4.93.8 06.16.2007 no virus found Avast 4.7.997.0 06.16.2007 no virus found AVG 7.5.0.467 06.16.2007 Generic4.RMZ BitDefender 7.2 06.16.2007

and I hate Best Buy. Log in or Sign up Tech Support Guy Home Forums > Software & Hardware > All Other Software > Computer problem? Thank you! -- Complete scanning result of "nqq.dll", received in VirusTotal at 06.17.2007, 00:36:08 (CET). weblink again, i'm desperate.....your help is very much apppreciated... 30.05.2007,05:38 #3 Runa Ehrenmitglied Registriert seit 31.01.2006 Beiträge 1.171 AW: hijackthis logfile -- please help!

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. Attempting to delete C:\WINDOWS\system32\qremdqjt.dll C:\WINDOWS\system32\qremdqjt.dll Has been deleted! User: MSHOME\RYAN1$, computer: localhost.9/29/2007 5:33:47 PM Security threats have been detected. To use the tool follow the instructions below. * Please download Atribune's VundoFix.exe to your desktop. * Double-click VundoFix.exe to run it. * When VundoFix re-opens, click the Scan for Vundo

Advertisement Tech Support Guy Home Forums > Software & Hardware > All Other Software > Home Forums Forums Quick Links Search Forums Recent Posts Members Members Quick Links Notable Members Current User: MSHOME\RYAN1$, computer: localhost.9/28/2007 6:21:28 PM File c:\program files\insider\insider.exe: detected Trojan program 'Trojan.Win32.Agent.bnd'.9/28/2007 6:21:28 PM File c:\program files\insider\insider.exe: is still infected, postponed.9/28/2007 6:21:29 PM File c:\documents and settings\ryan wells\application data\microsoft\windows\rayiou.exe//UPX: detected All rights reserved. Done!

As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged You are advised to resume protection.9/30/2007 10:15:32 PM Protection of your computer started.9/30/2007 10:16:31 PM Malicious HTTP object : detected Trojan program 'Trojan.Win32.Agent.bck'.9/30/2007 10:16:31 PM Malicious HTTP object : access denied.9/30/2007 Manually spyware removal guides Menu Home SiteMap dll-SiteMap exe-SiteMap How to Remove Trojan-Downloader.Win32.PurityScan.eg Quickly and Easily Removing a Trojan horse virus from your PC does not have to be a difficult o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

You are advised to neutralize them immediately.9/28/2007 9:06:02 PM File C:\Program Files\TTC.dll: is still infected, postponed.9/28/2007 10:10:32 PM File C:\Program Files\Insider\UnInstall.exe: detected Trojan program 'Trojan.Win32.Agent.bnd'.9/28/2007 10:10:32 PM File C:\Program Files\Insider\UnInstall.exe: is