I just joined after reading all night through your helpful solutions you have provided many, many other folks. I just hope you can walk me through this before the computer just stops functioning.
I have Windows Vista, and first noticed being redirected to other sites when doing an internet search. Then, it's progressed to the lovely black "Warning!" screen....Now, I am panicked. I am not able to update Malwarebytes, or Windows Defender for some reason. But, my Kapersky scan tonight indicated three trojans:
Trojan.Win32.Monder.cgym
Trojan.Win32.Monderb.asqi
Trojan-Downloader.WMA.GetCodec.u
Below is the latest Malwarebytes scan log and the Kapersky results. Whatever you might be able to do would be great. THANK YOU!
Kapersky:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Thursday, June 18, 2009
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Wednesday, June 17, 2009 23:26:31
Records in database: 2358581
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan statistics:
Files scanned: 117454
Threat name: 7
Infected objects: 58
Suspicious objects: 0
Duration of the scan: 01:09:33
File name / Threat name / Threats count
C:\Users\terrellisaiah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E386M0HQ\form[1] Infected: Trojan.Win32.Monder.cgym 1
C:\Users\terrellisaiah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OMP8KEZ3\form[1] Infected: Trojan.Win32.Monder.cgym 1
C:\Users\terrellisaiah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OMP8KEZ3\form[2] Infected: Trojan.Win32.Monder.cgym 1
C:\Users\terrellisaiah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UI8YNBAP\form[1] Infected: Trojan.Win32.Monder.cgym 1
C:\Users\terrellisaiah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UI8YNBAP\form[2] Infected: Trojan.Win32.Monder.cgym 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0000dee9 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0000e501 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0000e619 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0000e973 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0000ecae Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0000ed1b Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0000fe1c Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0001005d Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0001031b Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp00013745 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp00014b51 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp00016354 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp000183a0 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0001c82e Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0001f42d Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0001f4aa Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp00032589 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp00080260 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp000979a1 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp000a39d4 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp000cc38c Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp000cfa17 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0021621c Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp002e73e8 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp00414b62 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0045a94a Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0047078f Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp005191c5 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp00971834 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp01330321 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp01aa2dad Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp04f8f14a Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp05944b2f Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\tmp0aab44c4 Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\AppData\Local\Temp\vtULcYop.dll Infected: Trojan.Win32.Monderb.asqi 1
C:\Users\terrellisaiah\Desktop\Incomplete\Preview-T-5109030-saving private ryan captain [club mix].mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\terrellisaiah\Desktop\Incomplete\Preview-T-5872441-saving private ryan captain extended version.mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\terrellisaiah\Desktop\Incomplete\Preview-T-5872441-saving private ryan on lcv original studio version.mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\terrellisaiah\Desktop\Incomplete\Preview-T-5905209-dog green sector omaha beach.mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\terrellisaiah\Desktop\Incomplete\T-3545425-fordigner.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Users\terrellisaiah\Desktop\Incomplete\T-3545425-los angelos.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Users\terrellisaiah\Desktop\Incomplete\T-5109030-saving private ryan captain [club mix].mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\terrellisaiah\Desktop\Incomplete\T-5745425-abc muder [unreleased rare track].mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\terrellisaiah\Desktop\Incomplete\T-5872441-saving private ryan captain extended version.mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\terrellisaiah\Desktop\Limewire Stuff\airbourne plane sound effects (unreleased live record).mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\terrellisaiah\Desktop\Limewire Stuff\laser sounds.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Users\terrellisaiah\Desktop\Limewire Stuff\mos eisley cantina song.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Users\terrellisaiah\Desktop\Limewire Stuff\saving private ryan omaha tom original studio version.mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\terrellisaiah\Desktop\Limewire Stuff\saving private ryan on lcv original studio version.mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\terrellisaiah\Desktop\Limewire Stuff\soul town.mpg Infected: Trojan-Downloader.WMA.GetCodec.x 1
C:\Users\terrellisaiah\Desktop\Limewire Stuff\sound effects.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Users\terrellisaiah\Desktop\Limewire Stuff\starwars cantina song.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\ybnmhokr.exe Infected: Trojan-Downloader.Win32.FraudLoad.wblj 1
The selected area was scanned.
MALWAREBYTES:
Malwarebytes' Anti-Malware 1.37
Database version: 2265
Windows 6.0.6001 Service Pack 1
17/6/2009 9:24:58 Efifie
mbam-log-2009-06-17 (21-24-58).txt
Scan type: Full Scan (C:\|)
Objects scanned: 217200
Time elapsed: 31 minute(s), 36 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\terrellisaiah\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\31OXMIPE\nkyyzfs[1].htm (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\Users\terrellisaiah\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\31OXMIPE\syymmdrivw[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\terrellisaiah\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\31OXMIPE\xuhuvzder[1].htm (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\terrellisaiah\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\E386M0HQ\eoopz[1].htm (Trojan.Winwebsec) -> Quarantined and deleted successfully.
c:\Users\terrellisaiah\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\E386M0HQ\ibcpduuv[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\terrellisaiah\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\OMP8KEZ3\nkyyzfs[1].htm (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\Users\terrellisaiah\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\OMP8KEZ3\pzzmne[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.