Software > Computer viruses and spyware
Need to get rid of the Malware again (Outerinfo, Internet speed monitor, etc)
green tea:
I have no clue where my XP cd is at this time. It's been a good couple of years since I've seen it.
And my cd drive/dvd drive have not been working for a while as well. Only way I can get stuff into my pc is d/l through the internet or via usb.
I know doing system restore is dangerous since all the virus would still be there, but would it bring this application back?
green tea:
Only found the 4-disc Recovery CD that came with my machine. I think XP was already pre-installed on the computer when we got it.
Is there another way I can get the correct version? Would it be possible for you to post a d/l link for it and then I d/l and add it to the System folders?
evilfantasy:
--- Quote ---Is there another way I can get the correct version? Would it be possible for you to post a d/l link for it and then I d/l and add it to the System folders?
--- End quote ---
That's illegal.
Try to find the install disk, or use the recovery CD's and reinstall. Stop downloading torrents. I can't do much good if you are just going to keep making the same mistakes over and over.
green tea:
I honestly didn't think torrents could be dangerous if I got them from reliable sites. I've been using them for many years and it's only this year that the problems happened. I know, it's really stupid..
Would you still be able to help one more time (Hopefully)?? Can I use the recovery cd and replace that one system file, or does using the Recovery cd mean everything I have gets wiped out?
..
I went into the system32 folder to see if the Rundll32.exe was in there.. it is but the icon is a blank sheet of paper. The other exe all look like windows.
green tea:
Update:
Still not having any luck when I double click a program.. the "Open with" window still pops up. But I decided to test it, and did "Browse" and was able to open up the programs by going to Program file folder, and double clicking on the "exe" files from there.
I could open up SAS again, but cannot access the logs. I was able to run MBAM though, and here is the log. I can only paste it, because when I try to do Save As, Notepad crashes.
...................
Malwarebytes' Anti-Malware 1.11
Database version: 660
Scan type: Full Scan (C:\|)
Objects scanned: 112995
Time elapsed: 50 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 21
Registry Values Infected: 6
Registry Data Items Infected: 2
Folders Infected: 6
Files Infected: 54
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\jkkKcDvt.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\rqRJCUon.dll (Trojan.Vundo) -> Unloaded module successfully.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0bd6303c-42be-4a7c-8eaf-1cb19d7eeff4} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{0bd6303c-42be-4a7c-8eaf-1cb19d7eeff4} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{ffffffff-bbbb-4146-86fd-a722e8ab3489} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{66186f05-bbbb-4a39-864f-72d84615c679} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{66186f05-bbbb-4a39-864f-72d84615c679} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffffffff-bbbb-4146-86fd-a722e8ab3489} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a69f6966-e4f3-4290-8301-cc9342894fe5} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WLCtrl32 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1d0b1b2f-4d44-48dc-ae5a-f4bbbae2a83f} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d0b1b2f-4d44-48dc-ae5a-f4bbbae2a83f} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rqrjcuon (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\WebProxy (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\autoload (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM1f8c01e5 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{1d0b1b2f-4d44-48dc-ae5a-f4bbbae2a83f} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\autoload (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\autoload (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\jkkkcdvt -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\jkkkcdvt -> Delete on reboot.
Folders Infected:
C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\b1 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\NetMon (Trojan.NetMon) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\ccvdxtdx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xdtxdvcc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkkKcDvt.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\tvDcKkkj.ini (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\tvDcKkkj.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wuxslnhr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rhnlsxuw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sockots64.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\CPV\CPV8.dll (Adware.Bestrevenue) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore\JavaCore.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0000070.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0000071.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0000073.dll (Adware.ZenoSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0000078.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0000079.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0000095.exe (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0000096.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0000099.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0000100.exe (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0001182.exe (AdWare.CommAd) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0001184.dll (Adware.TargetSaver) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0001185.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0001186.dll (AdWare.CommAd) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0001187.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D172B5C7-37F3-42FE-B932-0FBE6EBB1A9E}\RP6\A0001190.vbs (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\b116.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\b138.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\b152.exe (Trojan.Insider) -> Quarantined and deleted successfully.
C:\WINDOWS\b155.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\b157.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lcntmkdn.exe (Adware.ZeroSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rwwnw64d.exe (Adware.ZeroSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vptyufqy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\nvxbarr.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\n3\predircom3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wTMP\idevdpll.exe (Adware.ZeroSearch) -> Quarantined and deleted successfully.
C:\Program Files\JavaCore\UnInstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\config\systemprofile\cftmon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qrixtvyx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\000070.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\000080.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zxdnt3d.cfg. (Adware.ZenoSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zxdnt3d.cfg (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sft.res (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WLCtrl32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\mrofinu1000106.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rqRJCUon.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\b156.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\core.cache.dsk (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\cftmon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\cftmon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version