Author Topic: Terrible virus (Read 27679 times)

matter92 · « **Reply #16 on:** May 12, 2008, 08:10:44 PM »

nevermind... I give up

Broni · « **Reply #17 on:** May 12, 2008, 08:13:27 PM »

Why would you give up. You're doing fine.
Just follow my instructions, and post two other logs.

matter92 · « **Reply #18 on:** May 12, 2008, 08:14:06 PM »

How do I get the logs from the otehr two programs?

matter92 · « **Reply #19 on:** May 12, 2008, 08:20:15 PM »

ok, I'm gonna start over again, maybe that'll do it.

Broni · « **Reply #20 on:** May 12, 2008, 08:24:07 PM »

Re-read my instructions. You don't have to run Superantispyware, because I saw the log.
If you DID run Malwarebytes:

Quote

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Post it.

Then, run HijackThis, and post its log.

matter92 · « **Reply #21 on:** May 12, 2008, 08:25:25 PM »

when I go to username, there is no antimalwarebytes folder.

Broni · « **Reply #22 on:** May 12, 2008, 08:27:18 PM »

Username is some your name.
For instance, on my computer, it says C:\Documents and Settings\Broni....

matter92 · « **Reply #23 on:** May 12, 2008, 08:32:32 PM »

yeah, I know, but the malware folder isn't there, it's alright, I'm gonna go through it all over again tonight.

Broni · « **Reply #24 on:** May 12, 2008, 08:33:36 PM »

Did you try C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt?

matter92 · « **Reply #25 on:** May 12, 2008, 08:36:24 PM »

No, but it's O.K., I'm patient enough to go through it all again. Thanks though.

Broni · « **Reply #26 on:** May 12, 2008, 08:39:25 PM »

No problem

matter92 · « **Reply #27 on:** May 13, 2008, 01:00:15 PM »

Heres SUPERAntiSpyware Log:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/13/2008 at 00:35 AM

Application Version : 4.0.1154

Core Rules Database Version : 3458
Trace Rules Database Version: 1449

Scan type : Complete Scan
Total Scan Time : 01:59:53

Memory items scanned : 229
Memory threats detected : 1
Registry items scanned : 5046
Registry threats detected : 0
File items scanned : 72447
File threats detected : 1

Adware.Vundo Variant/Resident
C:\WINDOWS\SYSTEM32\MLJBCBCU.DLL
C:\WINDOWS\SYSTEM32\MLJBCBCU.DLL

matter92 · « **Reply #28 on:** May 13, 2008, 01:01:28 PM »

Heres Malwarebytes Log:
Malwarebytes' Anti-Malware 1.12
Database version: 740

Scan type: Full Scan (C:\|)
Objects scanned: 152739
Time elapsed: 34 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 27
Registry Values Infected: 6
Registry Data Items Infected: 2
Folders Infected: 26
Files Infected: 173

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\mlJbcbCU.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\byXNDVNf.dll (Trojan.Vundo) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9e22bb27-fbf6-4153-bf34-0d2281db2ad5} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9e22bb27-fbf6-4153-bf34-0d2281db2ad5} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\Software\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.AntiMalwareGuard) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{88ebbe0b-5ff8-4b84-b043-71a216374a5b} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88ebbe0b-5ff8-4b84-b043-71a216374a5b} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\byxndvnf (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{95e554e1-04f3-4d9b-a4e9-881dc420882b} (Trojan.Fakealert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{5269d0c0-572b-445a-88ac-8c8843b6d42b} (Trojan.Fakealert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{69c1ef64-a396-4490-8849-52af7f7ec6e5} (Trojan.Fakealert) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{f5f40e25-cf4d-434e-a6ae-ed625ae87cab} (Trojan.Fakealert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\xp codec pack (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\Software\RegistrySmart (Rogue.RegistrySmart) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\pvnsmfor.btqr (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\pvnsmfor.toolbar.1 (Trojan.FakeAlert) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\f43e57be (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{88ebbe0b-5ff8-4b84-b043-71a216374a5b} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\RegistrySmart\ (Rogue.RegistrySmart) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0\Source (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\mpfanvqg (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vbksrofa (Trojan.FakeAlert) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mljbcbcu -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mljbcbcu -> No action taken.

Folders Infected:
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\2.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\p2pnetworks (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\system32\acespy (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\PerfInfo (Rogue.WinPerformance) -> No action taken.
C:\Program Files\RegistrySmart (Rogue.RegistrySmart) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMonitor (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMonitor\Data (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\MalWarrior 2008 (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\MalWarrior 2008\LOG (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Application Data\RegistrySmart (Rogue.RegistrySmart) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> No action taken.

Files Infected:
C:\WINDOWS\system32\mlJbcbCU.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\UCbcbJlm.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\UCbcbJlm.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ygefentc.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ctnefegy.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> No action taken.
C:\WINDOWS\system32\byXNDVNf.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Local Settings\Temporary Internet Files\Content.IE5\2P2ZQ5OL\CADGYL13 (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Local Settings\Temporary Internet Files\Content.IE5\2P2ZQ5OL\CAF6GVVD (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Local Settings\Temporary Internet Files\Content.IE5\4T0X87A5\CA3I2D3J (Trojan.Vundo) -> No action taken.
C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> No action taken.
C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3BROVLY.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3RESTUB.DLL (Adware.MyWeb.FunWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3SCHMON.EXE (Adware.MyWeb.FunWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3SHLLVW.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\XP Codec Pack\Uninstall.exe (Trojan.Vundo) -> No action taken.

matter92 · « **Reply #29 on:** May 13, 2008, 01:01:41 PM »

C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040197.scr (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040198.dll (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040199.dll (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040206.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040207.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040208.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040209.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040210.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040211.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040212.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040213.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040214.SCR (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040215.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040216.DLL (Adware.MyWeb.FunWeb) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040217.EXE (Adware.MyWeb.FunWeb) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040218.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040219.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040220.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040222.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040223.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040224.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040225.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040227.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040228.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040229.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040230.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040231.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040232.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040233.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040234.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040235.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP333\A0040236.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP344\A0040348.exe (Adware.MyWeb.FunWeb) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP351\A0043238.dll (Rogue.Multiple) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP351\A0043239.dll (Rogue.Multiple) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP351\A0043240.dll (Rogue.Multiple) -> No action taken.
C:\System Volume Information\_restore{5813C16A-554F-41EE-A295-A15F7F92ECC5}\RP351\A0043241.exe (Rogue.MalwareAlarm) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP101\A0014055.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP103\A0016145.exe (Rogue.Installer) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP103\A0016148.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP105\A0016251.rbf (Rogue.RegistrySmart) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP105\A0016252.rbf (Rogue.RegistrySmart) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP105\A0016285.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP106\A0016337.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP106\A0017337.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP106\A0017351.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP106\A0017362.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP106\A0017363.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP62\A0007848.exe (Adware.BHO) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP62\A0007849.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP62\A0007851.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP97\A0013850.exe (Rogue.Installer) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP97\A0013856.exe (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP99\A0013931.exe (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP99\A0013971.rbf (Rogue.RegistrySmart) -> No action taken.
C:\System Volume Information\_restore{6CDDEF72-D42F-4EC1-BD63-649AE3E24395}\RP99\A0013972.rbf (Rogue.RegistrySmart) -> No action taken.
C:\WINDOWS\system32\yaywtQHb.dll (Trojan.Vundo) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00024C8F (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\000814C9 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\6B94A5D2.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\6B94B265.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\6B94B340.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\6B94C689.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\6B94CE78 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\7A980A16.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\7A981DDC.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\7A982ACD.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\7A982D3E.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\ask_logo.gif (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.gif (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\center.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\index.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\mid_dots.gif (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\mws_logo.gif (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\protect.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\shocked.gif (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\stop.gif (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\systray.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\systrayp.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\tp_grad.gif (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON\warn.gif (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\p2pnetworks\amp2pl.exe (Fake.Dropped.Malware) -> No action taken.
C:\Program Files\RegistrySmart\Setup(2).exe (Rogue.RegistrySmart) -> No action taken.
C:\Program Files\RegistrySmart\Setup.exe (Rogue.RegistrySmart) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\MalWarrior 2008\LOG\20080511162648859.log (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Application Data\RegistrySmart\Log\2008 May 11 - 02_04_48 PM_609.log (Rogue.RegistrySmart) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Application Data\RegistrySmart\Log\2008 May 11 - 04_31_27 PM_078.log (Rogue.RegistrySmart) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Application Data\RegistrySmart\Log\2008 May 11 - 06_17_20 PM_921.log (Rogue.RegistrySmart) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Application Data\RegistrySmart\Log\2008 May 11 - 06_23_49 PM_375.log (Rogue.RegistrySmart) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Application Data\RegistrySmart\Log\2008 May 11 - 06_31_41 PM_234.log (Rogue.RegistrySmart) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Application Data\RegistrySmart\Log\2008 May 11 - 08_03_56 PM_015.log (Rogue.RegistrySmart) -> No action taken.
C:\Documents and Settings\Matt.MATTSCOMPUTER\Application Data\RegistrySmart\Log\2008 May 11 - 09_20_07 PM_562.log (Rogue.RegistrySmart) -> No action taken.
C:\WINDOWS\rs.txt (Malware.Trace) -> No action taken.
C:\Documents and Settings\Kathy\Desktop\Help and Support Center.lnk (Rogue.Link) -> No action taken.

Computer Hope Forum

News:

Author Topic: Terrible virus (Read 27679 times)

Broni

Re: Terrible virus

matter92

Re: Terrible virus

Broni

Re: Terrible virus

matter92

Re: Terrible virus

matter92

Re: Terrible virus

Broni

Re: Terrible virus

matter92

Re: Terrible virus

Broni

Re: Terrible virus

matter92

Re: Terrible virus

Broni

Re: Terrible virus

matter92

Re: Terrible virus

Broni

Re: Terrible virus

matter92

Re: Terrible virus

matter92

Re: Terrible virus

matter92

Re: Terrible virus