Jump to content

hello there--just recently joined

zenybear

By zenybear
in General Chat

 Share

Recommended Posts

zenybear

zenybear

Posted
  • Author
Posted
Hi There

Welcome to the forums. Please let us know how you do regarding that annoying program.

before installing malwarebytes, i installed some promising malware removers. then i came across malwarebytes. i finally removed that annoying fake antispyware.

glad that malwarebytes' anti-malware is free. ;)

this is the report of the anti0malware program after removing antispyware 2008 xp:

Malwarebytes' Anti-Malware 1.25

Database version: 1101

Windows 5.1.2600 Service Pack 2

3:26:17 PM 8/31/2008

mbam-log-08-31-2008 (15-26-17).txt

Scan type: Full Scan (C:\|D:\|)

Objects scanned: 90312

Time elapsed: 38 minute(s), 27 second(s)

Memory Processes Infected: 1

Memory Modules Infected: 4

Registry Keys Infected: 18

Registry Values Infected: 3

Registry Data Items Infected: 2

Folders Infected: 6

Files Infected: 45

Memory Processes Infected:

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\as2008xp.exe (Rogue.Multiple) -> Unloaded process successfully.

Memory Modules Infected:

C:\WINDOWS\system32\awtSifeF.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\nbecygkc.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\efcdawTl.dll (Trojan.Vundo) -> Delete on reboot.

C:\WINDOWS\system32\lthibz.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8fe19ba-1e85-4b0c-b702-15154e3c13b3} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_CLASSES_ROOT\CLSID\{b8fe19ba-1e85-4b0c-b702-15154e3c13b3} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c80da8d6-977e-465a-8646-3bac02458e40} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{c80da8d6-977e-465a-8646-3bac02458e40} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{df84dca5-688b-4c23-8363-3416ac563015} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efcdawtl (Trojan.Vundo.H) -> Delete on reboot.

HKEY_CLASSES_ROOT\CLSID\{df84dca5-688b-4c23-8363-3416ac563015} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{099ac52c-1cd4-434c-9cc6-ff56dabb5010} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Secure Solutions (Rogue.Multiple) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\6c06db93 (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{df84dca5-688b-4c23-8363-3416ac563015} (Trojan.Vundo) -> Delete on reboot.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\s9201 (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\awtsifef -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\awtsifef -> Delete on reboot.

Folders Infected:

C:\Documents and Settings\All Users\Application Data\Secure Solutions (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\BASE (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\LOG (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Infected:

C:\WINDOWS\system32\awtSifeF.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\FefiStwa.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\FefiStwa.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lthibz.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\efcdawTl.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\nbecygkc.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\ckgycebn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP25\A0005027.exe (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP51\A0020775.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP51\A0020756.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP51\A0020763.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP51\A0020776.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP54\A0021488.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP54\A0021489.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021599.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021584.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021585.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021586.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021587.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021588.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021589.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021590.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021591.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021592.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021593.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021597.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021598.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\aaaudrhn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\geBqRjkH.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vtUmMgEW.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\xxyaxYro.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\yayxxWon.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\iifcDTlL.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\as2008xp.exe (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\LOG\20080831121511140.log (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\LOG\20080831131738218.log (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\LOG\20080831135511078.log (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\LOG\20080831140712640.log (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\BM6f35e80f.xml (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\BM6f35e80f.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\User\Desktop\Antispyware 2008 XP Removal Process (remove Antispyware2008XP) - PCHubs_com.mht (Rogue.Antispyware) -> Quarantined and deleted successfully.

C:\Documents and Settings\User\Desktop\XP Antivirus 2008 Removal Instructions and Information Uninstall, Remove and Delete XP Antivirus 2008.mht (Rogue.XPAntivirus) -> Quarantined and deleted successfully.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.