Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

win32/dynamer!dtc

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: win32/dynamer!dtc

Unread postby chi_man » November 15th, 2010, 6:13 pm

How can I update malwarebytes, when i try to update it says there is no internet connection or malwarebyte is blocked by firewall? I allowed malwarebyte.exe at zonealarm but it still doesn't work.

I'll probably do ESET scan tomorrow since it take some time to scan.
chi_man
Regular Member
 
Posts: 34
Joined: October 30th, 2006, 1:33 pm
Advertisement
Register to Remove

Re: win32/dynamer!dtc

Unread postby deltalima » November 15th, 2010, 6:17 pm

Hi chi_man,

How can I update malwarebytes, when i try to update it says there is no internet connection or malwarebyte is blocked by firewall?


mbam-rules.exe

Download the latest Malwarebytes offline database from Here
Then just double-click on mbam-rules.exe to install them.
Alternatively, you can update the MBAM's interface from a clean computer, then copy the definitions (rules.ref) located in C: > Documents and Settings > All Users > Application Data > Malwarebytes > Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: win32/dynamer!dtc

Unread postby chi_man » November 15th, 2010, 6:24 pm

after installing mbam-rules malwarebytes won't even start. It gives me the error code 730 (0, 0)
chi_man
Regular Member
 
Posts: 34
Joined: October 30th, 2006, 1:33 pm

Re: win32/dynamer!dtc

Unread postby deltalima » November 15th, 2010, 6:29 pm

That error is
Error 730: Unable to load the database. Please reinstall the application.


Please uninstall Mawarebytes, reboot and then download and install the latest version.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: win32/dynamer!dtc

Unread postby chi_man » November 16th, 2010, 9:21 am

I've done the scans. A question, it seems that malwarebytes is a better scanner than spybot S&D. If I keep using malwarebytes in the future, is there a need to use spybot S&D (since I've removed spybot S&D now) or do you recommend using both of them?

Here are the logs:
ESET:
E:\Program Files\Hide Files and Folders\hide.files.and.folders.v2.7-patch.exe a variant of Win32/HackTool.Patcher.A application
G:\Files\sibelius3.rar probably a variant of Win32/Agent.FDPFUWD trojan
G:\Files\Hide.Files.and.Folders.v2.7.WinALL-CHiCNCREAM\cnchol8a.zip a variant of Win32/HackTool.Patcher.A application
G:\Files\Nero-7.8.5.0 eng\Nero-7.8.5.0 eng.exe Win32/Toolbar.AskSBar application
G:\Setups\Adobe_Illustrator_CS3.zip probably a variant of Win32/Agent.QFUDPV trojan

Malwarebytes:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5127

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

16-11-2010 14:20:48
mbam-log-2010-11-16 (14-20-48).txt

Scan type: Quick scan
Objects scanned: 157411
Time elapsed: 4 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{964bf54a-a147-4b3f-9540-6c40cc6b9d8c} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RESSDT (Spyware.OnlineGames.Agent) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> No action taken.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
chi_man
Regular Member
 
Posts: 34
Joined: October 30th, 2006, 1:33 pm

Re: win32/dynamer!dtc

Unread postby deltalima » November 16th, 2010, 9:31 am

Hi chi_man,

it seems that malwarebytes is a better scanner than spybot S&D. If I keep using malwarebytes in the future, is there a need to use spybot S&D


I would recommend that you keep Malwarebytes and not reinstall SpyBot.

Please delete the following files.

E:\Program Files\Hide Files and Folders\hide.files.and.folders.v2.7-patch.exe
G:\Files\sibelius3.rar
G:\Files\Hide.Files.and.Folders.v2.7.WinALL-CHiCNCREAM\cnchol8a.zip
G:\Files\Nero-7.8.5.0 eng\Nero-7.8.5.0 eng.exe
G:\Setups\Adobe_Illustrator_CS3.zip

Now please run another scan with Malwarebytes and remove any infections found then post the log in your next reply.

Please let me know if the warnings for win32/dynamer!dtc have now stopped and how the computer is running.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: win32/dynamer!dtc

Unread postby chi_man » November 16th, 2010, 9:57 am

The warnings for win32/dynamer!dtc have stopped a while ago when I ran a full scan with microsoft security essential and rebooted my pc.

The computer is running normal apart from the slow startup (in the past it took 10-15 sec for everything to load and I could use it. Now it takes almost a minute for everything to load.) and internet ALWAYS freezes for about 10-15 seconds for the first minute. After that is runs smoothly.

Removed the files and here's the log for malwarebyes:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5127

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

16-11-2010 14:39:57
mbam-log-2010-11-16 (14-39-57).txt

Scan type: Quick scan
Objects scanned: 157411
Time elapsed: 4 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{964bf54a-a147-4b3f-9540-6c40cc6b9d8c} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RESSDT (Spyware.OnlineGames.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
chi_man
Regular Member
 
Posts: 34
Joined: October 30th, 2006, 1:33 pm

Re: win32/dynamer!dtc

Unread postby deltalima » November 16th, 2010, 10:00 am

Hi chi_man,

Now that you are clean, please follow these steps in order to keep your computer clean and secure.

Remove GMER

Delete the GMER icon from your desktop.

Clean up with OTL

  • Double-click OTL.exe to start the program. This will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.


Create a new, clean System Restore point which you can use in case of future system problems:
  • Press Start >> All Programs >> Accessories >>System Tools >> System Restore
  • Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
  • Now remove old, infected System Restore points:
  • Next click Start >> Run and type cleanmgr in the box and press OK
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
  • Press OK and Yes to confirm

Update your AntiVirus Software and keep your other programs up-to-date
Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Security Updates for Windows, Internet Explorer & Microsoft Office
Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.


Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

A tutorial on installing & using this product can be found here:

Using SpywareBlaster to protect your computer from Spyware and Malware


Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.Follow this list and your potential for being infected again will reduce dramatically.

Here are some additional utilities that will enhance your safety


Also, please read this great article by Tony Klein So How Did I Get Infected In First Place

Happy surfing and stay clean!
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: win32/dynamer!dtc

Unread postby chi_man » November 16th, 2010, 10:29 am

Thanks, I've done the steps you've posted.
chi_man
Regular Member
 
Posts: 34
Joined: October 30th, 2006, 1:33 pm

Re: win32/dynamer!dtc

Unread postby deltalima » November 16th, 2010, 10:30 am

You're welcome!

Glad we could help.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: win32/dynamer!dtc

Unread postby Gary R » November 16th, 2010, 10:49 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 402 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware