1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

TrojanDownloader:JS Nemucod.P

Discussion in 'Virus & Other Malware Removal' started by nicebooks2, May 14, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. nicebooks2

    nicebooks2 Thread Starter

    Joined:
    Dec 28, 2008
    Messages:
    21
    Perhaps I'm just paranoid, but my taskbar (Solve PC issues) has alerted me to a detected threat

    TrojanDownloader:JS Nemucod.P

    It wants me to click to "Clean infection" but I don't trust it.


    I've "un-hidden" files and I have run Superantispyware and Malwarebytes and both come up with clean scans (on first run Malwarebytes removed a lot of ConduitTP files). The warnings still come up on the microsoft icon on task bar. Any advice?

    Susan


    Below is my SysInfo and the last Malwarebytes log

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: AMD FX(tm)-6100 Six-Core Processor, AMD64 Family 21 Model 1 Stepping 2
    Processor Count: 6
    RAM: 12031 Mb
    Graphics Card: ATI Radeon 3000 Graphics, 256 Mb
    Hard Drives: C: Total - 1907627 MB, Free - 1526456 MB;
    Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD, 760GM-E51(MS-7596)
    Antivirus: Norton Internet Security, Disabled

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 5/14/2015
    Scan Time: 1:43:47 PM
    Logfile:
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.05.14.04
    Rootkit Database: v2015.04.21.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: candee

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 351973
    Time Elapsed: 13 min, 7 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
     
  2. nicebooks2

    nicebooks2 Thread Starter

    Joined:
    Dec 28, 2008
    Messages:
    21
    :confused: Still worried about potential threat described below (no responses). Today a hidden file Desktop.ini appeared on my desktop. Wondering if this is a problem or not. Thanks for any advice.

    Desktop.ini contents:

    [.ShellClassInfo]
    [email protected]%SystemRoot%\system32\shell32.dll,-21769
    IconResource=%SystemRoot%\system32\imageres.dll,-183



     
  3. nicebooks2

    nicebooks2 Thread Starter

    Joined:
    Dec 28, 2008
    Messages:
    21
    PLEASE advise. I know you folks are busy, but I'm still getting alerts from Windows on every boot up that potential threat identified
    TrojanDownloader:JS Nemucod.P

    It wants me to click to "Clean infection" but I don't know if I can trust the window or the link. Common sense says "don't!"


    Superantispyware and malwarebytes scans continue to be clean, but I'm afraid to access many of my more sensitive sites (e.g. banking/credit).
     
  4. nicebooks2

    nicebooks2 Thread Starter

    Joined:
    Dec 28, 2008
    Messages:
    21
    Now there are yellow and blue shields appearing on more and more programs - Malwarebytes, Zone Alarm, User Accounts/Parental Control, ATF Cleaner, Device Manager and Allow Access in Control Panel.

    I fear I'm on the verge of losing control entirely. PLEASE ADVISE!!:eek:
     
  5. nicebooks2

    nicebooks2 Thread Starter

    Joined:
    Dec 28, 2008
    Messages:
    21
    I've muddled thru on my own and seem to have cleaned it out with adwareCleaner, Minitoolbox , JRT and a Microsoft malware program.
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1148240

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice