Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cant Get Rid of Crip Xed-3 No Matter What, and Now It Wont Even Let Me


  • This topic is locked This topic is locked

#1
DrQuest

DrQuest

    New Member

  • Member
  • Pip
  • 2 posts
I have read "Click Here before posting a Hijack This log" and followed the steps, up to Step Three: Windows Updates. It will not let me install sp1a because it says that version is older than the one I have on the computer; none of the programs or scans remove the trojans, and now I am having other problems. When I try to run any anti-spyware programs in Safe Mode, or when I click on Control Panel/Add or Remove Programs I get this message:


---------------------------
RUNDLL
---------------------------
Error loading C:\DOCUME~1\Terrell\LOCALS~1\Temp\hiaqhnnfaii.nls

The specified module could not be found.


---------------------------
OK
---------------------------


I also get a similar message whenver I try other functions. Now I cant even run antispyware at all, and when I reboot to Windows in Normal mode, I get the blue screen that shows an error.


These are from the last scans I ran. Please help me get rid of this thing.


;*******************************************************************************
********************************************************************************
*
*******************
ANALYSIS: 2008-04-15 21:53:29
PROTECTIONS: 2
MALWARE: 23
SUSPECTS: 3
;*******************************************************************************
********************************************************************************
*
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
================================================================================
=
===================
Spyware Doctor with AntiVirus 4.4.5 Yes Yes
Trend Micro PC-cillin Internet Security 12.7.1019 Yes No
;===============================================================================
================================================================================
=
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
================================================================================
=
===================
00055522 Eicar.Mod Virus No 0 No No C:\Program Files\Trend Micro\Internet Security 12\tmhelp.chm[/PCC12/Test_virus.htm]
00217430 adware/surfassistant Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5dafd089-24b1-4c5e-bd42-8ca72550717b}
01177254 W32/Patchlog.D Virus No 0 No No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP619\A0069172.exe
01177254 W32/Patchlog.D Virus No 0 No No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP619\A0069158.exe
01230278 W32/PatchLog.gen Virus Yes 0 Yes No C:\WINDOWS\SYSTEM32\WINLOGON.EXE
01230278 W32/PatchLog.gen Virus Yes 0 Yes No C:\WINDOWS\SYSTEM32\SERVICES.EXE
01230278 W32/PatchLog.gen Virus Yes 0 Yes No C:\WINDOWS\SYSTEM32\LSASS.EXE
01230278 W32/PatchLog.gen Virus Yes 0 Yes No C:\WINDOWS\EXPLORER.EXE
01230278 W32/PatchLog.gen Virus No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075512.exe
01658840 Trj/WmaDownloader.F Virus/Trojan No 0 Yes No C:\Documents and Settings\Terrell\Incomplete\T-213423-01 - girl laying down anna ternheim _192kbps_ [Original].wma
02164907 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\DIGStream\digstream.exe
02888175 Adware/Zenosearch Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0073278.dll
02888175 Adware/Zenosearch Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075459.dll
02891362 Adware/Yazzle Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0073286.exe
02895723 Trj/Proxy.AS Virus/Trojan No 0 Yes No C:\WINDOWS\system32\dco.dll
02899242 Rootkit/Agent.HYS Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP619\A0069166.dll
02908461 Trj/Downloader.TCC Virus/Trojan No 0 Yes No C:\WINDOWS\Installer\{d992a7aa-d587-4c44-8200-ac5cf94e13a3}\zip.dll
02909763 Adware/BHO Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075510.dll
02912630 Trj/Downloader.THG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075511.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP620\A0071175.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP619\A0070174.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP618\A0069142.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP620\A0072253.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075381.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075406.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075417.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075445.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075502.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075501.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075479.exe
02913311 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP620\A0072176.exe
02913314 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075503.dll
02913315 Adware/Rabio Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP624\A0076813.dll
02913338 Adware/InternetSpeedMonitor Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP624\A0076803.exe
02913340 Adware/InternetSpeedMonitor Adware No 0 No No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP624\A0076803.exe[ism.exe]
02913340 Adware/InternetSpeedMonitor Adware No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP620\A0072216.exe
02913341 Adware/InternetSpeedMonitor Adware No 0 No No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP624\A0076803.exe[QdrModule15.exe]
02913726 Trj/Downloader.TIL Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0073259.exe
02913734 Trj/Spammer.AHC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0075456.exe
02913734 Trj/Spammer.AHC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0072541.exe
02913760 Trj/Downloader.TIP Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0073337.exe
02914229 Trj/Downloader.SZG Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP621\A0073269.exe
;===============================================================================
================================================================================
=
===================
SUSPECTS
Sent Location
;===============================================================================
================================================================================
=
===================
No C:\PROGRAM FILES\NETRATINGSNETSIGHT\NETSIGHT\NIELSENONLINE.EXE
No C:\Documents and Settings\Terrell\Local Settings\Temporary Internet Files\Content.IE5\MVGNENQH\count[1].php
No C:\WINDOWS\system32\drivers\Wod27.sys
;===============================================================================
================================================================================
=
===================
VULNERABILITIES
Id Severity Description
;===============================================================================
================================================================================
=
===================
;===============================================================================
================================================================================
=
===================



Malwarebytes' Anti-Malware 1.11
Database version: 635

Scan type: Quick Scan
Objects scanned: 42497
Time elapsed: 12 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 62
Registry Values Infected: 10
Registry Data Items Infected: 0
Folders Infected: 7
Files Infected: 77

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\isecurity.mgr (Rouge.ISecurity) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\isecurity.mgr.1 (Rouge.ISecurity) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{06faccd2-c7bb-4612-88de-338120477578} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0bc37c25-432c-4ec4-95b4-0f860c1bdfe3} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{18c0c3dc-9b12-45c8-8243-11a32babc050} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{20b5789d-76b8-41c3-92d2-72b322d0d81d} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{248c5ea6-af58-4a11-97a4-72b183232e58} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e8986d0-b571-4a3a-a831-0621cfcd7be1} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30073d4c-957a-4a2b-8dc7-ff57ea3d3dfb} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30576ee7-054c-4faf-801b-703845928839} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{59fe90af-3bf6-489b-9181-b1ee2a6ce64a} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{65f3c1a2-ec45-445f-b2e5-7fff05344ca0} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{78f4493f-42f4-4ef6-a417-042dd0a7e0af} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{818dd1ed-83b4-4ef0-99f9-e4a6d73e2456} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{853be7bd-f267-4750-b072-2b6b11d3d70c} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8eb10171-6058-4822-baf3-3da829caca4e} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{91a4a1c5-7fe7-41f1-9d23-cee9d3064175} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{91bd0deb-7196-46b1-9cd0-c26b7b3ab72e} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{93c9f61d-51b6-47ee-8fe5-36185021222b} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99bcd932-0d63-4f7e-8faa-dbd12b9f494c} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9b99e76d-9081-41c2-ae6e-e43cf752ac71} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9da1ffd9-3cd7-4cb5-8c0b-dcdea5663ae0} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{abe1716e-6f32-4d6f-8f3d-73425d396bdb} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ae4a9ec4-1dfe-425f-8fc7-501fb6cbf132} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c53fef45-3339-4d96-83c7-2f4bf389fa7b} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cd0ab90e-4a7f-4f0e-9cfa-5cc428649265} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0271652-93b4-4bc5-afc7-fb41e0d5004c} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e187f1a7-86bf-4df8-8d3c-33c1d1e50f3a} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e98f32d4-89dd-4e7d-96b8-e1b8d1c22eb2} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f3847cce-f74a-43ea-a323-3ac984c3443e} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ffe3c26d-fa6d-4884-bd7a-bc1d778eee94} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f4aaeb6d-3735-45aa-a22b-924cc4882d9c} (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\msram.tchongabho (Spyware.Banker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d279bc2b-a85b-4559-8fd9-ddc55f5d402d} (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\iSecurity (Rouge.ISecurity) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\mwc (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\icasServ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WinIFixer.com (Rogue.WinIFixer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Batco (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bat (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bat (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\xflock (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{45a2b65e-2075-4a4d-9c67-2beaf1ba0b34} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3d71ac3e-c759-49f2-b464-274f9abdf705} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sgoblxtm.bebp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sgoblxtm.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cjb (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kgktflc (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iSecurity applet (Rouge.ISecurity) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\Autorun (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dsktbwfe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ogxtsepr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\autoload (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\autoload (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\autoload (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Bat (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\Ultimate Defender (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\v5 (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\WinIFixer (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\{32FF2108-1EF0-4ae8-8C23-17C92EAA5DEF} (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\cjb (Trojan.Agent) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\cjb\cjb8.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\omgsnpojk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\000090.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1054q.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\12520437v.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\3354881341.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bqtkjat.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctfmonb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eigadmsehqe.drv (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\grqdonipsjq.nls (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hsbapsjqp.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\knedcnidcf.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtgbmtknihg.nls (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psajdiwp.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qtgbapgf.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tpdeblqo.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uykdwhka.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\enhfnlpbmk.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\gbunteox.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\iframevip.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\installs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\ismtpa15.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\jjregnap.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\jmqstarw.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\qosjlepqrn.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\rsyncini.exe (Trojan.Shutdowner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\TMPE37.tmp (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\tofuvqfa.exe.bak (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\v4xd3.ga2me (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\wave.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Bat\Bat.dll.intermediate.manifest (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\Bat.info (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\Bat.original (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\Info.dll (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\un_BatSetup_15041.exe (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\un_BatSetup_15041.txt (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\X_Bat.log (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\iSecurity.dat (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\ucleaner.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\ucleaneri.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\udefender.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\udefenderi.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\winifixer.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\winifixeri.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\v5\iSecurity.cpl (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\WinIFixer\install.exe (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\Program Files\ISecurity\{32FF2108-1EF0-4ae8-8C23-17C92EAA5DEF}\install.exe (Rouge.ISecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\000060.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\000080.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\os1zn2mO7Z.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\didduid.ini (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\123messenger.per (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\licencia.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\telefonos.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\textos.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\rs.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\~.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\shift.exe.exe (Worm.Zhelatin) -> Quarantined and deleted successfully.
C:\WINDOWS\dsktbwfe.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\ogxtsepr.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\spnkfwad.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\nd.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\cftmon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\cftmon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\iframestat.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\gold.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Start Menu\Programs\Startup\Bat - Auto Update.lnk (Adware.Batco) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Application Data\Install.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\maxpaynow.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\maxpaynowti.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\vx1dt1.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\vx3dt2.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\v5xd2.g3ame (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\v5xd4.ga2me (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\v6xdt4.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terrell\Local Settings\Temp\v4xd6.gam5e (Heuristics.Malware) -> Quarantined and deleted successfully.



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/15/2008 at 08:18 PM

Application Version : 4.0.1154

Core Rules Database Version : 3438
Trace Rules Database Version: 1430

Scan type : Complete Scan
Total Scan Time : 01:20:58

Memory items scanned : 282
Memory threats detected : 0
Registry items scanned : 5932
Registry threats detected : 0
File items scanned : 114571
File threats detected : 16

Adware.Tracking Cookie
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][1].txt
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][1].txt
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][1].txt
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][2].txt
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][1].txt
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][1].txt
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][2].txt
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][1].txt
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][2].txt
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][2].txt
C:\DOCUME~1\Terrell\LOCALS~1\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\Terrell\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\Terrell\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\Terrell\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\Terrell\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\Terrell\Local Settings\Temp\Cookies\[email protected][1].txt

Edited by DrQuest, 17 April 2008 - 06:41 PM.

  • 0

Advertisements


#2
DrQuest

DrQuest

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I had to reformat the hard drive and reinstall Windows XP to get rid of this bug. Issue resolved.

Thanks for all the responses.

Oh that's right. There weren't any. 53 views and no responses.
  • 0

#3
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP