1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Move Networks Media Player Malware Question

Discussion in 'Virus & Other Malware Removal' started by dood1emom, Sep 5, 2009.

Thread Status:
Not open for further replies.
  1. dood1emom

    dood1emom Thread Starter

    Joined:
    Jul 7, 2009
    Messages:
    6
    Hi, Live many others I've been hit badly by the recent wave of nasty trojans et al very recently. AVG Free (primary antivirus) disabled, installed but now SAS is disabled, MalwareBytes installed but disabled, already had HJT installed but it's been killed too ... will come back for more specific help when I am ready to move on --

    But here's a question: checking the Add/Remove Program lists shows something called Move Networks Media Player (everything ese looks kosher) - is it legit or something along the lines of the Viewpoint Player foistware?

    thank you
     
  2. dood1emom

    dood1emom Thread Starter

    Joined:
    Jul 7, 2009
    Messages:
    6
    Hi, got hit while on the web the other day. AVG squawked, but was disabled just after I ran scan. Virus Vault inacessable, but was able to find a list of initial infections called Trojan horse Small.AU, Win32Heur, Agent2.QLS, SHeur2.BAYE,BAYZ,BAYL,BAXZ,BAXZ, Pakes.EAM
    Some infected files were:
    pvewnn.exe
    qbuf.exe
    tujfbtrj.exe
    osps.exe
    enurmyv.exe
    emxtqjit.exe

    Have a listing I can post if needed. I also noticed immediately upon hit that a hpbyv and an xhue on my c:. Still have weird "155480941" that was generated at time of attack in c: Also have strange settings.dat 0 byte file on desktop that seems to generated after running some things.

    Also found at some point were a thru e.exe's and a mbam.exe.

    I need to get the system up and running for hubby to jobhut, kids to do homework. This is what we've done and a HJT log. Sorry if post too long, but thought info would help.

    Ran CCleaner, was able to eventually run SuperAntiSpyware, Combofix, never got Malwarebytes to run, ran RootReveal and MGtools. Think I have logs to get to you if needed. System better, no longer getting missing dlls at bootup, but I know it's not clean. Bootex's were being dumped to removeable drives - that seems cleaned up, but whenever I access the HP_Administrator Docs & Settings area I get "Feature unavailable while... need to connect online" (System has been pulled from DSL) so I know something is still trying to access things, and as noted above I seem to be getting strange files generated. Windows Update was turned off by virus, seems to be accessible now.

    Anyways, here's the HJT Log. Thanks for any help
     

    Attached Files:

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/858542

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice