Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

170+ viruses(i deleted most)


  • Please log in to reply
13 replies to this topic

#1 Juturnas

Juturnas

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 04 January 2009 - 11:39 PM

Hey everybody, i got a bunch of viruses on my computer that i dont use, so i decided to do a scan(finally) with malwarebytes. Well, what do ya know? i get 170 something viruses and some couldn't be deleted so i decided to come here and post my problem to see who could tackle it. Currently, the malwarebytes log cannot open because of the viruses(i think) and only my internet browser can start. I didn't get a good look at the viruses that i have to delete, so sorry if i'm giving everybody a hard time with my lack of information. I'll appreciate any help i can get!! Thanks.
EDIT: I forgot to add that i didn't do the malwarebytes scan in safe mode.

*If you want my log, i'll be more than happy to upload it(even though i don't know how)*

I am currently running..
Windows XP SP2

Programs I have downloaded
  • SUPERantispyware
  • Malwarebytes(latest version)
  • StartUp Lite
  • ATF cleaner

Edited by Juturnas, 05 January 2009 - 11:34 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:17 AM

Posted 04 January 2009 - 11:48 PM

i got a bunch of viruses on my computer that i dont use

Well nobody really uses their viruses any more like the good ole days :thumbsup: Just kidding.

Yes please post that log.

Reboot then run ATF and Super from safe mode.

Edited by boopme, 04 January 2009 - 11:49 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Juturnas

Juturnas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 04 January 2009 - 11:55 PM

hey boopme, thanks for the fast reply. Anyways, do you want me to upload it via an uploading site, or is there a button i didn't see :thumbsup: oh btw nice joke(not being sarcastic) it made me laugh. It's meant to say that i don't use the computer.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:17 AM

Posted 05 January 2009 - 12:02 AM

I know that's why I kiddded with ya.
Actually it's best to just copy/paste the logs into your next reply. I'll be back to look in the morning.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Juturnas

Juturnas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 05 January 2009 - 12:14 AM

hey boopme, i can't open the log so I guess i'll try again tomorrow at around 5 or 6. Thanks for the reply.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:17 AM

Posted 05 January 2009 - 12:00 PM

OK thats fine.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Juturnas

Juturnas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 05 January 2009 - 11:15 PM

hey boopme, i am on the infected computer right now and it is redirecting me from BC to some search website..and some virus has disabled my firefox. Anyway, here are my logs for MalwareBytes(Yesterday and today). Oh look, something has closed both of them <.< Oh btw I cannot delete the 3 viruses from the 1/5/2009 scan.

here's yesterday's FULL SCAN

Malwarebytes' Anti-Malware 1.31
Database version: 1456
Windows 5.1.2600 Service Pack 2

1/4/2009 7:32:34 PM
mbam-log-2009-01-04 (19-32-19).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 137796
Time elapsed: 1 hour(s), 46 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 4
Registry Keys Infected: 62
Registry Values Infected: 11
Registry Data Items Infected: 3
Folders Infected: 10
Files Infected: 53

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
D:\WINDOWS\system32\ssttu.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\iucsmams.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\ssqnmlk.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\eoiyivve.dll (Trojan.Vundo.H) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d903885-d32d-4823-a2c7-c6b197973148} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0d903885-d32d-4823-a2c7-c6b197973148} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79b3844b-6dac-4b78-b0b8-c99d8bbdcd50} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqnmlk (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{79b3844b-6dac-4b78-b0b8-c99d8bbdcd50} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a95b2816-1d7e-4561-a202-68c0de02353a} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a95b2816-1d7e-4561-a202-68c0de02353a} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iucsmams (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3740d55-abbd-499d-9c95-be8eb43b13f4} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e3740d55-abbd-499d-9c95-be8eb43b13f4} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{11a69ae4-fbed-4832-a2bf-45af82825583} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11a69ae4-fbed-4832-a2bf-45af82825583} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a95b2816-1d7e-4561-a202-68c0de02353a} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{79b3844b-6dac-4b78-b0b8-c99d8bbdcd50} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e3740d55-abbd-499d-9c95-be8eb43b13f4} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0d903885-d32d-4823-a2c7-c6b197973148} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\bho.incredifindbho (Trojan.KeenValue) -> No action taken.
HKEY_CLASSES_ROOT\bho.incredifindbho.1 (Trojan.KeenValue) -> No action taken.
HKEY_CLASSES_ROOT\bidll.bidllobj.1 (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\vx2.vx2obj (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8b8f6968-2f24-41e3-b653-e9613226f14d} (Trojan.KeenValue) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{837b45d6-bf85-457d-aabf-6d2e7815f791} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{837b45d6-bf85-457d-aabf-6d2e7815f791} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{000006b1-19b5-414a-849f-2a3c64ae6939} (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5d60ff48-95be-4956-b4c6-6bb168a70310} (Trojan.KeenValue) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{de289bfa-737b-4abb-a4ec-f8753551b875} (Trojan.KeenValue) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{000006b1-19b5-414a-849f-2a3c64ae6939} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5d60ff48-95be-4956-b4c6-6bb168a70310} (Trojan.KeenValue) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8c54fa4e-30e6-48d3-ba54-480a5753d224} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8c54fa4e-30e6-48d3-ba54-480a5753d224} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wincnw32 (Dialer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Web Rebates (Adware.WebRebates) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MsSC2 (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\aldd (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MalwareAlarm (Rogue.Malware.Alarm) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MalwareAlarm (Rogue.Malware.Alarm) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DomainService (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DomainService (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xpdx (Rootkit.Rustock) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\14112093 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{11a69ae4-fbed-4832-a2bf-45af82825583} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{11a69ae4-fbed-4832-a2bf-45af82825583} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{79b3844b-6dac-4b78-b0b8-c99d8bbdcd50} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lijkxqjk (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mpstsvav (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update loader (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CTDrive (Trojan.Dialer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ADP (Rogue.Multiple) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: d:\windows\system32\ssttu.dll -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: d:\windows\system32\ssttu.dll -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceActiveDesktopOn (Hijack.Desktop) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
D:\Program Files\dynamic toolbar (Adware.2020search) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2 (Adware.2020search) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2\Cache (Adware.2020search) -> No action taken.
D:\WINDOWS\system32\wsnpoem (Trojan.Agent) -> No action taken.
D:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
D:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
D:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
D:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
D:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> No action taken.
D:\Program Files\SecCenter (Trojan.Downloader) -> No action taken.

Files Infected:
D:\WINDOWS\system32\eoiyivve.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\ssqnmlk.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\iucsmams.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\iucsmams.dllbox (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\ssttu.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\uttss.bak1 (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\uttss.bak2 (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\uttss.ini (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\uttss.ini2 (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\ddaby.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\ybadd.bak1 (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\ybadd.ini (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\qhadlxcd.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\dcxldahq.ini (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\seonorof.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\foronoes.ini (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\vhnlstkr.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\rktslnhv.ini (Trojan.Vundo.H) -> No action taken.
D:\Program Files\gdwbcjmr\wtubmjaf.dll (Trojan.Zlob) -> No action taken.
D:\WINDOWS\system32\hggdcda.dll (Trojan.Vundo) -> No action taken.
D:\Program Files\install.exe (Virus.Virut) -> No action taken.
D:\System Volume Information\_restore{928B1E1A-E41B-4F05-BABC-9D6C2253697C}\RP478\A0235200.exe (Virus.Virut) -> No action taken.
D:\System Volume Information\_restore{928B1E1A-E41B-4F05-BABC-9D6C2253697C}\RP479\A0239278.exe (Virus.Virut) -> No action taken.
D:\WINDOWS\system32\bsccangp.dll (Trojan.Vundo.H) -> No action taken.
D:\WINDOWS\system32\ljjiiji.dll (Trojan.Obfuscated) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2\Cache\2020SEARCH2TB0200.cfg (Adware.2020search) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2\Cache\ErrorLog.txt (Adware.2020search) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2\Cache\highlight.bmp (Adware.2020search) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2\Cache\home.bmp (Adware.2020search) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2\Cache\logo.bmp (Adware.2020search) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2\Cache\pop_on.bmp (Adware.2020search) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2\Cache\search.bmp (Adware.2020search) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2\Cache\spamarrest.bmp (Adware.2020search) -> No action taken.
D:\Program Files\dynamic toolbar\2020SEARCH2\Cache\tools.bmp (Adware.2020search) -> No action taken.
D:\WINDOWS\system32\wsnpoem\audio.dll (Trojan.Agent) -> No action taken.
D:\WINDOWS\system32\wsnpoem\video.dll (Trojan.Agent) -> No action taken.
D:\Program Files\MyWebSearch\bar\History\search (Adware.MyWebSearch) -> No action taken.
D:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> No action taken.
D:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak (Adware.MyWebSearch) -> No action taken.
D:\Program Files\MyWebSearch\bar\Settings\settings.htm (Adware.MyWebSearch) -> No action taken.
D:\Program Files\MyWebSearch\bar\Settings\settings.htm.bak (Adware.MyWebSearch) -> No action taken.
D:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
D:\Program Files\SecCenter\scprot4.exe (Trojan.Downloader) -> No action taken.
D:\WINDOWS\system32\wincnw32.dll (Dialer) -> No action taken.
D:\Documents and Settings\All Users\Application Data\mpstsvav.dll (Trojan.Agent) -> No action taken.
D:\WINDOWS\system32\iexplore.exe (Backdoor.Bot) -> No action taken.
D:\WINDOWS\system32\lssas.exe (Backdoor.Bot) -> No action taken.
D:\WINDOWS\system32\drvsul.dll (Trojan.Dialer) -> No action taken.
D:\WINDOWS\system32\Isass.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
D:\WINDOWS\system32\pmnoljg.dll (Trojan.Vundo) -> No action taken.
D:\WINDOWS\system32\algs.exe (Backdoor.Bot) -> No action taken.
D:\Documents and Settings\All Users\Start Menu\Online Security Guide.lnk (Rogue.Link) -> No action taken.
D:\WINDOWS\system32\winamp.exe (Backdoor.Bot) -> No action taken.

and here's today's QUICK SCAN

Malwarebytes' Anti-Malware 1.31
Database version: 1456
Windows 5.1.2600 Service Pack 2

1/5/2009 8:02:45 PM
mbam-log-2009-01-05 (20-02-32).txt

Scan type: Quick Scan
Objects scanned: 53427
Time elapsed: 22 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
D:\WINDOWS\system32\wsnpoem (Trojan.Agent) -> No action taken.

Files Infected:
D:\WINDOWS\system32\wsnpoem\audio.dll (Trojan.Agent) -> No action taken.
D:\WINDOWS\system32\wsnpoem\video.dll (Trojan.Agent) -> No action taken.



Thanks I really appreciate the help you're giving me boopme.

Edited by Juturnas, 05 January 2009 - 11:16 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:17 AM

Posted 05 January 2009 - 11:42 PM

I think we will clear those other issues as we go along. WE NEED to update MBam and scan again this is an old database.

Open MBAM (from Normal mode) and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan.
After scan click Remove Selected, Post new scan log and Reboot.

EDIT: Be sure you've done this step also
Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.

Edited by boopme, 05 January 2009 - 11:45 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Juturnas

Juturnas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 06 January 2009 - 12:34 AM

hey boopme, i did like you said and sure enough, MalwareBytes came up with 5 new viruses. My infected computer is crazy slow(I took like 256 mb of RAM out of the 512) so I will post the log tomorrow, or if you need a new log, please let me know. Thanks and happy late New Year's!

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:17 AM

Posted 06 January 2009 - 12:40 AM

Yes the new log is good. A happy and prosperous year to you also.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Juturnas

Juturnas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 07 January 2009 - 12:02 AM

hey boopme, my infected computer isn't working right now. It's not opening anything. So I will try again tomorrow at around 5-6 pm. Thanks for the help.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:17 AM

Posted 07 January 2009 - 09:48 PM

Any luck my friend? Do you have the original install CD?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Juturnas

Juturnas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 09 January 2009 - 12:23 AM

hey boopme, so far, no luck. I haven't had time to hook up my infected computer to my monitor and setup. I just have to find some time to do it, and this weekend I won't have any time. I actually don't have the install CD for Windows. I appreciate all the help and I hope I can start again by Sunday. Again, thanks.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:17 AM

Posted 09 January 2009 - 12:29 AM

Ok man,just let me know. i'll keep a llok out for ya.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users