XP Internet Security 2010

[Eterain]

Hello all! I have contracted both Antivirus Soft and XP Internet Security 2010 (a VERY bad day for me). Anyways, I managed to follow the instructions from bleeping computer and here, and I did manage to install mbam.exe under another code and I put it in the Malwarebytes Anti-Malware folder, BUT I keep getting Error 707. I tried looking in Malwarebytes forum for a cure, but the one here is different from the one on my computer, so I had to use the bleepingcomputer guide which basically told me to run mbam.exe, but of course I can't right now...

Help anyone? Thanks.

[Eterain]

I got malwarebytes to wrong (had to change the mbam.exe code to mbam.com). Here is my log...I hope this is the right place to psot it. Anyways have to restart my computer, so I hope after I restart, both Antivirus Soft and XP Internet Security 2010 are gone for good!

Malwarebytes' Anti-Malware 1.44

Database version: 3805

Windows 5.1.2600 Service Pack 2

Internet Explorer 8.0.6001.18702

2/27/2010 8:02:08 PM

mbam-log-2010-02-27 (20-02-08).txt

Scan type: Quick Scan

Objects scanned: 147938

Time elapsed: 31 minute(s), 19 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 6

Registry Keys Infected: 7

Registry Values Infected: 7

Registry Data Items Infected: 10

Folders Infected: 0

Files Infected: 65

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

C:\WINDOWS\system32\buyopako.dll (Trojan.Vundo.H) -> Delete on reboot.

c:\WINDOWS\system32\lebapide.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\mofomugo.dll (Trojan.Vundo.H) -> Delete on reboot.

c:\WINDOWS\system32\zeveluhe.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\os3dms.dll (Trojan.Hiloti) -> Delete on reboot.

C:\WINDOWS\system32\amht.xfo (Trojan.Oficla) -> Delete on reboot.

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d564e4d9-088d-54b2-5c2c-76aa98fb76bf} (Trojan.BHO.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{d564e4d9-088d-54b2-5c2c-76aa98fb76bf} (Trojan.BHO.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{fdd99947-16ec-40f3-bbc5-24e55787a405} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ae83aa24-9a19-4731-8a64-932bea184118} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\idid (Trojan.Sasfix) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hugokebuf (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{fdd99947-16ec-40f3-bbc5-24e55787a405} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\momayejuh (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ae83aa24-9a19-4731-8a64-932bea184118} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\bobikevut (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ykvpmxwe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ykvpmxwe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: buyopako.dll -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: os3dms.dll -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\zeveluhe.dll -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\zeveluhe.dll -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\lebapide.dll -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\lebapide.dll -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe rundll32.exe amht.xfo kixxkk) Good: (Explorer.exe) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\bedanifa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\buyopako.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\dulerofu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\dumepiwo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\fopihofu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\fujayagi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\gayuhiyu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\gimemula.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\gupureje.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\gutinila.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\hidagipe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\hitotilo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jekosefu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jikotato.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\kihufupu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lakopayi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lebapide.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\ledekuka.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\leveboju.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lidituhu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ludoyuja.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lupujuye.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mofomugo.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\pajusumo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\piyewotu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\putizoje.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\rufozobo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\simonuha.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\soseyuma.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tabisape.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tamuyali.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tifakapu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tigefeki.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tilafago.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tiyunike.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\toyedofi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vehuyafa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\wepozara.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\wevotegu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\wutivoba.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\wuvajepe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\zedokupa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\zeveluhe.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\zirinuva.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\zofofisa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\os3dms.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\oqacirisohahoz.dll (Trojan.BHO.H) -> Delete on reboot.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\140.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\18.tmp (Trojan.Hiloti) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\D7WMZ3YC\g55ix7jVq-Uj_7MZChOx1UKu5lcVM6bcwzhZzJ8aj32inkMpm__hvyJuBRojSwIvtb-g4Kp35g3kSugli3DfOvaitryeCmMS_2xsgXQ0Wej0YcyjHxBniyAsYmVnVnHUuKGv_O8Oyb2T5Nk[1].

htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\D7WMZ3YC\KO3MmuNuen7vqaTWEQQyR5JGN1xWkcsh0LJSa2DXXbyMxAPY_ofWSVZ4r978Mf1Oe5CjAjMLKAu

ABA0gwoZUTCR67fmPf9asWlyYzesN8EUP-lHh6Fw9POVg8dj6Im1oWYNdl1ONZheVsCQ[1].htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\EY89WJ2I\default[1].htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\HY1V1Q0P\default[1].htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\IT8P7FVX\arXgSdCfmtDdEQ5JLohRC-xK-W3KXPoZjfrOV3samB0FIJlLWG6ZHsI8akQtxbenCRyVcZTfYKpdk0we0r-CksB_TReaneph_pJebng1O1TsHWHViN8UyAldT6p2HWiXm1qojQyV--IdxaQ[1].htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\KMH686HI\default[1].htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\MNOM8DX6\default[1].htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\QC49DP12\default[1].htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\U0BI5UWI\z002106201r0409Xe4883aa6Yaff2ed2dZ0100f080317P000000070[1] (Malware.Packer) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\U0BI5UWI\default[1].htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\U0BI5UWI\default[2].htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WVDG0SWB\default[1].htm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\amht.xfo (Trojan.Oficla) -> Delete on reboot.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\av.exe (ROGUE.Win7Antispyware2010) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\n.exn (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Documents and Settings\Compaq_Administrator\My Documents\downloads\explorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

[screen317]

Hi and welcome to Malwarebytes.

Do you still need help?

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!