tonyk1 Posted March 4, 2010 ID:209495 Share Posted March 4, 2010 Hi all - am a bit new to this so pls excuse any ignorance but seemed to have picked up xp anti virus 2010 and most of my anti spyware won't run - have tried re naming exe files as suggested in some other posts. Only one which will is Stopzilla which admittedly did stop the pop ups generated by the xp anti virus but then advised me I would need to pay to remove the infected files. Have now run Rootrepeal from the MBAM site with the results below but not sure which file if any I should wipe. Really grateful for any help.TonyROOTREPEAL © AD, 2007-2009==================================================Scan Start Time: 2010/03/04 13:49Program Version: Version 1.3.5.0Windows Version: Windows XP SP3==================================================Hidden/Locked Files-------------------Path: C:\hiberfil.sysStatus: Locked to the Windows API!Path: C:\WINDOWS\_VOIDnmcqfgeibhStatus: Invisible to the Windows API!Path: C:\WINDOWS\system32\_VOIDdisddsvqid.dllStatus: Invisible to the Windows API!Path: C:\WINDOWS\system32\_VOIDevmtntipgk.dllStatus: Invisible to the Windows API!Path: C:\WINDOWS\system32\_VOIDexnqiccrji.dllStatus: Invisible to the Windows API!Path: C:\WINDOWS\system32\_VOIDflwbwtmxob.dllStatus: Invisible to the Windows API!Path: C:\WINDOWS\system32\_VOIDipuowfhtxy.dllStatus: Invisible to the Windows API!Path: C:\WINDOWS\system32\_VOIDjisvmpuyap.dllStatus: Invisible to the Windows API!Path: C:\WINDOWS\system32\_VOIDpooffqqbww.dllStatus: Invisible to the Windows API!Path: C:\WINDOWS\system32\_VOIDrnoxvapyng.datStatus: Invisible to the Windows API!Path: C:\WINDOWS\_VOIDnmcqfgeibh\_VOIDd.sysStatus: Invisible to the Windows API!Path: C:\WINDOWS\system32\drivers\xjsoniny.sysStatus: Locked to the Windows API!Path: D:\Documents and Settings\All Users\Application Data\_VOIDkrl32mainweq.dllStatus: Invisible to the Windows API!Path: D:\Documents and Settings\All Users\Application Data\_VOIDmainqt.dllStatus: Invisible to the Windows API!Path: D:\Documents and Settings\TONY\Desktop\WINLOG~1.EXE:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}Status: Visible to the Windows API, but not on disk.Path: D:\Documents and Settings\TONY\Local Settings\Temp\_VOID5f00.tmpStatus: Invisible to the Windows API!Path: D:\Documents and Settings\TONY\Local Settings\Temporary Internet Files\Content.IE5\5QWJQBZI\tony@rubiconproject[3].txtStatus: Locked to the Windows API!Path: D:\Documents and Settings\TONY\Local Settings\Temporary Internet Files\Content.IE5\5QWJQBZI\AAAAAAAABYfwIAAAAAAAIAAwAAAAAA0gF3KScBAAAAAAAAAAAAANc-YAAAAAAAAAIAAAAAAADgVqgAAAAAAAAAAAAAAAAAfAMZUzsAAAA=,,http%3A%2F%2Fchinaontv.com%2Ftravel[1].php,;ord=1267711017Status: Visible to the Windows API, but not on disk.Path: d:\documents and settings\tony\local settings\application data\google\chrome\user data\default\current sessionStatus: Size mismatch (API: 38545, Raw: 29448)==EOF== Link to post Share on other sites More sharing options...
marktreg Posted March 4, 2010 ID:209498 Share Posted March 4, 2010 Hello, and welcome to Malwarebytes.orgWe don't work on Malware removal in the general forums. Please print out, read and follow the directions here:http://www.malwarebytes.org/forums/index.php?showtopic=9573Try to complete all the steps, but you can skip any steps you are unable to complete. Then post a NEW topic here:http://www.malwarebytes.org/forums/index.php?showforum=7If your computer is un-bootable, just post a description of the problems you are having there.One of the expert helpers there will give you one-on-one assistance when one becomes available.After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someon has replied to your post.Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org Link to post Share on other sites More sharing options...
Recommended Posts