zenybear

Members
  • Content count

    2
  • Joined

  • Last visited

About zenybear

  • Rank
    New Member
  • Birthday 01/27/1989

Contact Methods

  • ICQ
    0
  • Yahoo
    zenz_38
  1. before installing malwarebytes, i installed some promising malware removers. then i came across malwarebytes. i finally removed that annoying fake antispyware. glad that malwarebytes' anti-malware is free. this is the report of the anti0malware program after removing antispyware 2008 xp: Malwarebytes' Anti-Malware 1.25 Database version: 1101 Windows 5.1.2600 Service Pack 2 3:26:17 PM 8/31/2008 mbam-log-08-31-2008 (15-26-17).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 90312 Time elapsed: 38 minute(s), 27 second(s) Memory Processes Infected: 1 Memory Modules Infected: 4 Registry Keys Infected: 18 Registry Values Infected: 3 Registry Data Items Infected: 2 Folders Infected: 6 Files Infected: 45 Memory Processes Infected: C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\as2008xp.exe (Rogue.Multiple) -> Unloaded process successfully. Memory Modules Infected: C:\WINDOWS\system32\awtSifeF.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\nbecygkc.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\efcdawTl.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\lthibz.dll (Trojan.Vundo) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8fe19ba-1e85-4b0c-b702-15154e3c13b3} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{b8fe19ba-1e85-4b0c-b702-15154e3c13b3} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c80da8d6-977e-465a-8646-3bac02458e40} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c80da8d6-977e-465a-8646-3bac02458e40} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{df84dca5-688b-4c23-8363-3416ac563015} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efcdawtl (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{df84dca5-688b-4c23-8363-3416ac563015} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{099ac52c-1cd4-434c-9cc6-ff56dabb5010} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Secure Solutions (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\6c06db93 (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{df84dca5-688b-4c23-8363-3416ac563015} (Trojan.Vundo) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\s9201 (Rogue.Multiple) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\awtsifef -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\awtsifef -> Delete on reboot. Folders Infected: C:\Documents and Settings\All Users\Application Data\Secure Solutions (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\BASE (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\LOG (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully. Files Infected: C:\WINDOWS\system32\awtSifeF.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\FefiStwa.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\FefiStwa.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lthibz.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\efcdawTl.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\nbecygkc.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\ckgycebn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP25\A0005027.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP51\A0020775.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP51\A0020756.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP51\A0020763.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP51\A0020776.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP54\A0021488.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP54\A0021489.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021599.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021584.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021585.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021586.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021587.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021588.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021589.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021590.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021591.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021592.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021593.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021597.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{C70D1D60-D87E-4BF0-BD42-F1DEA87C4B05}\RP57\A0021598.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\aaaudrhn.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\geBqRjkH.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vtUmMgEW.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xxyaxYro.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yayxxWon.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\iifcDTlL.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\as2008xp.exe (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\LOG\20080831121511140.log (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\LOG\20080831131738218.log (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\LOG\20080831135511078.log (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Secure Solutions\Antispyware 2008 XP\LOG\20080831140712640.log (Rogue.Multiple) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM6f35e80f.xml (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM6f35e80f.txt (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\User\Desktop\Antispyware 2008 XP Removal Process (remove Antispyware2008XP) - PCHubs_com.mht (Rogue.Antispyware) -> Quarantined and deleted successfully. C:\Documents and Settings\User\Desktop\XP Antivirus 2008 Removal Instructions and Information Uninstall, Remove and Delete XP Antivirus 2008.mht (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
  2. hello there. I recently joined. my laptop has been infected by antispyware 2008 xp. it's really annoying. hope the program i installed from malwarebytes will help.