I ran my Avast tonight and it said that I had 3 win32 Trojan.gen

It asked me what to do and I picked to quarantine it. I also noticed that whenever I tried to search something in yahoo it wouldn’t allow me to search but instead would always take me to this other website.

After I quarantined it with avast, I restarted the computer and ran the scan again and it came up with nothing. However the search engine problem still existed.

I downloaded Spybot and ran that but it came up with no problems.

I looked on here and saw some people recommended SuperAntiSpyware so I downloaded it.

This is where it gets even worse. I ran the scan and it came up with a Trojan Virus. Again I quarantined it and restarted my computer as prompted.

When I ran the scan again this time it gave me 5 Trojan Viruses but 3 of them had different names and were Trojan.unknown Avast still has not turned anything up after the first time. Once I quarantined these 5 and restarted my problem then I got an even bigger problem.

Now my internet will not load up at all. When I run the scan it says I have no viruses for any of the 3 scans. I am able to get on here on my other computer. I don’t know if the computer is still running in safe mode even though I picked to start in normally or what is going on.

Please help me, I have no idea what to do.

Here are the actual names of the viruses I’ve found.

Avast Search : jopaxx_1237410615.exe Virus Type is win32:Trojan-gen Location:C:\Users\ddkay27\AppData\Local\Temp

trz3C1E.tmp Virus Type: same as above Location: C:\Program Files\websrvx

websrvx.exe Virus Type: same as above Location: c:\program files/websrvx

SuperAntiSpyware Quarantined Items Trojan.Dropper/Win-NV Location : HKLM\Software\Microsoft\Windows\CurrentVersion\Run(sysldtray - c:\windows\d02.exe)

2nd search for superantispyware

Trojan.Dropper/Win-NV Location: C:\WINDOWS\LD02.EXE
Same Name Location : C:\Windows\Prefetch\LD02.EXE-719BAB84.pf

Trojan.Unknown Origin Location: C:\WINDOWS\SYSTEM32\DLL32.DLL
same name Same Location
Number 3: Same Name Location: HKUS\S-1-5-21-1235594767-156515733-2245494932-1000\Software\Microsoft\Windows\CurrentVersion\Run (dll-rundll32 dll32,sm)

Please help me thanks.

Welcome to the forum.

Try downloading MBAM with your other computer to a flash drive. http://www.malwarebytes.org/mbam.php
Transfer the file to the sick computer, and run it to install the program.
(If unable to install or run it, post back.)
Once installed, try to update it.
(If unable, install it also to the good computer, update it on that computer, and post back for how to transfer the updated database.)
Run a full scan. Quarantine anything found. If prompted for a restart to remove some files, do so promptly.

MBAM is another very good antimalware scanner also recommended by many.
From what I read, this malware is fairly new. If MBAM doesn’t fully get rid of it, there will be some more involved steps to perform, that the more skilled malware fighters here can guide you through.

If a virus is replicant (coming and coming again), you could follow the general cleaning procedure:

1. Clean your temporary files. You can use CleanUp or CCleaner for that.

2. Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot. Other option is scanning in SafeMode (repeatedly press F8 while booting).
   If avast does not detect it, you can try DrWeb CureIT! instead.

3. It will be good if you download, install, update and run SUPERantispyware, MBAM or SpywareTerminator.
   If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
   About legit antispyware applications or the bad ones see here.

4. If you still detecting any strange behavior or even you’re sure you’re not clean, maybe it will be good to test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster for XP/Vista. For XP only: Panda.

5. Also, if you still detecting strange behaviors or you want to be sure you’re clean, maybe making a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.

6. After you’re clean, disable System Restore on Windows ME, XP or Vista. System Restore is not available in Windows 9x and 2k. After disabling you can enable it again.

7. Use the immunization of SpywareBlaster.

8. Finally, when you’re clean, check for insecure applications with Secunia Software Inspector to update insecure applications and avoid reinfection.

Thank you guys for the help. Its seems that the problem is fixed now. Not getting any virus on any of the scans and the internet is back to working. I have Vista and I’m not sure about the system restore. Do I need to clear this off?

If you’re clean, let it running.
But, if you disable, enable again, and then create a clean restore point, you will delete all old restore points and infected ones (if any).