Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Help need to remove antivirus7

  • 19-10-2010 10:04PM
    #1
    leeds87
    Closed Accounts Posts: 46


    hi this morning i got bombarded with viruses and i figured out it was antivirus8 . this malware tells the user that they have an infection and they need to purchase removal software. this is a scam. after about 5 hours i removed this using malwarebytes antimalware software which i downloaded. however this did not remove the antivirus 7. this virus sends a pop up upon entering websites which says attention your web page request has been cancelled. just wondering can any1 help me . im trying to get rid of it alll day.
    thanks


Comments

  • #2
    mp22
    Moderators, Business & Finance Moderators, Regional South Moderators Posts: 6,854 Mod ✭✭✭✭mp22


    http://www.bleepingcomputer.com/virus-removal/remove-antivirus7


  • #3
    leeds87
    Closed Accounts Posts: 46 leeds87


    thanks for the link. i tried this and it found 1 infection which it removed. the problem still persists where when i try to enter websites i get the red message box saying attention your webpage request has been cancelled and some other stuff like you computer is infected. click fix now. after that i downloaded super anti spyware and had it just installed and was rebooting the computer and now when i enter my password it accepts it and then i just have a blank screen. its the same in safe mode. im actually worse off now. i have vista by the way. any help would be appreciated as i need the laptop for college work.


  • #4
    mp22
    Moderators, Business & Finance Moderators, Regional South Moderators Posts: 6,854 Mod ✭✭✭✭mp22


    try a system restore to before installing super anti spyware.


  • #5
    leeds87
    Closed Accounts Posts: 46 leeds87


    i actually just did a system restore and the computer is working again with no viruses present. however im getting popups saying pctools stopped working. this is my spyware doctor. i tried to uninstall it but it says cannot because of corrupted files. im deleting it because i think this had something to do with me getting the virus in the first place. any ideas on how to uninstall it or should i just download a newer version.


  • #6
    tricky D
    Closed Accounts Posts: 9,700 ✭✭✭tricky D


    Your best course of action is to read the "I think I have a virus" - Please Read & Try BEFORE Posting (Updated 12/02/2010) sticky and carry out as many of the instructions in that thread, then post the relevant logs here. Someone will be along to help but only once you do those tasks.


  • Advertisement
  • #7
    leeds87
    Closed Accounts Posts: 46 leeds87


    this is the log i got from antimalware pro.

    <b>Operating System:</b> Windows Vista (6.0)
    <b>Num of Processors:</b> Number of CPU(s): 2
    <b>Computer Name:</b> MARK-PC
    <b>Memory Status:</b>
    Installed RAM: 1916MB
    Memory Available: 709448KB
    Precent of used RAM: %63
    <b>Hard Disk Information:</b>
    Number of Hard Disk Drives: 1
    --- Hard Disk No. 1 ---
    Cylinders: 30401
    Tracks per cylinder: 255
    Sectors per track: 63
    Bytes per sector: 512
    Total size: 250056737280 (Bytes) -> 238472 (MB) -> 232 (GB)
    <b>Running Processes</b>
    c:\windows\system32\taskeng.exe, 169984, f6cc0d394e706e7ac52f575787472131
    c:\windows\system32\dwm.exe, 81920, 12ee21152920e57fded4739339fc37ae
    c:\windows\explorer.exe, 2926592, e18e5d41490468900df2d134803b2364
    c:\program files\windows defender\msascui.exe, 1008184, 1e4a3fef4ca8f1c4242c3074f02eca5f
    c:\program files\java\jre6\bin\jusched.exe, 136600, ca900b9399f0bbcd547d41e2a9719456
    c:\program files\synaptics\syntp\syntpenh.exe, 1029416, a9999599e1f7ec1367f6f772cde46fc7
    c:\program files\toshiba\configfree\ndstray.exe, 1056768, 7f40f0c85437b34134872403c146d820
    c:\program files\google\google desktop search\googledesktop.exe, 30192, a0603010c1b806bba027cab8c7ebe9a0
    c:\program files\toshiba tempro\toshiba.tempo.ui.trayapplication.exe, 103824, 15b5a0f6f0b96ac6ba3539b13f100f3a
    c:\program files\toshiba\toshiba online product information\topi.exe, 581632, f20bb08a26cd18463dd02e0048169525
    c:\windows\system32\hkcmd.exe, 170520, fc80808ecb580ed2f30b497c11eb10a1
    c:\windows\system32\igfxpers.exe, 145944, 9f01234c1402eee9b729fc2e1cb82065
    c:\windows\rthdvcpl.exe, 6037504, 7d998facb4bf807374601a9c0da964de
    c:\program files\toshiba\power saver\tpwrmain.exe, 431456, c1785bf212818e320af41595e7576815
    c:\program files\toshiba\smoothview\smoothview.exe, 509816, e251d60e0e2a35f4dd284d09487c6f33
    c:\program files\toshiba\flashcards\tcrdmain.exe, 716800, 01d05e83692c2f1c639197fa0c6eb34c
    c:\program files\camera assistant software for toshiba\traybar.exe, 417792, c2ec6fec76904005024bd17adf7339a4
    c:\program files\spyware doctor\pctstray.exe, 1243088, b34d707b39e14b8d995eac0cc9770e48
    c:\program files\alwil software\avast5\avastui.exe, 2838912, 7d2c4206d27f1426401148bd7d56200e
    c:\program files\common files\real\update_ob\realsched.exe, 202256, f383513ae4759d3fc337e277898380ba
    c:\program files\windows sidebar\sidebar.exe, 1233920, af460080a54bf10c9a2a3c0f169c80e5
    c:\program files\toshiba\toscdspd\toscdspd.exe, 430080, 6e3a8751932440413237d96bca7bdc91
    c:\windows\ehome\ehtray.exe, 125952, c019785a360262ce5648c9ab5a4f4f1d
    c:\windows\system32\igfxsrvc.exe, 256536, 8df1cfc2eb6739d239fc9893b70f2858
    c:\program files\registry mechanic\rmtray.exe, 812952, b1fa9d5d230b2a13d1686c359e26a036
    c:\program files\winzip\wzqkpick.exe, 495432, 0c8233342755894c5e1a3941129098ca
    c:\program files\microsoft office\office12\onenotem.exe, 97680, 43d378a8bc757185b3cc6730ae21bec6
    c:\program files\windows media player\wmpnscfg.exe, 202240, 46a48fbe822318655f32ad3b2ab89b8e
    c:\windows\system32\wbem\unsecapp.exe, 37888, 9385d98837e5672ff9861e994875bdd2
    c:\program files\camera assistant software for toshiba\cec_main.exe, 4787712, ba9d9cb8147369ed84b520e0437431d9
    c:\windows\ehome\ehmsas.exe, 37376, 1052a6cac459ef6d0ac933092815c31f
    c:\windows\system32\igfxext.exe, 174616, d09db13536f0b23cb2333a2ba891fd76
    c:\program files\toshiba\configfree\cfswmgr.exe, 405504, ab92662178ad8fde15fe2a5badad36f6
    c:\program files\synaptics\syntp\syntphelper.exe, 95528, 1ad0dfc6183da0b1c0f1b66207e6df18
    c:\windows\system32\wermgr.exe, 56320, 365bda8dab05ee04060689662a9638c8
    c:\program files\java\jre6\bin\jucheck.exe, 382384, ed2cfef7d4846e6961b75c8767569cd8
    c:\program files\antimalware pro\antimalwarepro.exe, 19705008, 4adfbbe0116783af43527c5180f81f1a
    c:\windows\system32\wsqmcons.exe, 192000, f9c1bafdc87bbb1d462af27045b5a969
    <b>Startup registry items (LOCAL MACHINE)</b>
    <b>[Windows Defender]</b>, %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    <b>[SunJavaUpdateSched]</b>, "C:\Program Files\Java\jre6\bin\jusched.exe"
    <b>[SynTPEnh]</b>, C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    <b>[NDSTray.exe]</b>, NDSTray.exe
    <b>[cfFncEnabler.exe]</b>, cfFncEnabler.exe
    <b>[Adobe Reader Speed Launcher]</b>, "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    <b>[Google Desktop Search]</b>, "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    <b>[Google EULA Launcher]</b>, c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
    <b>[Toshiba TEMPO]</b>, C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
    <b>[topi]</b>, C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    <b>[IgfxTray]</b>, C:\Windows\system32\igfxtray.exe
    <b>[HotKeysCmds]</b>, C:\Windows\system32\hkcmd.exe
    <b>[Persistence]</b>, C:\Windows\system32\igfxpers.exe
    <b>[RtHDVCpl]</b>, RtHDVCpl.exe
    <b>[Skytel]</b>, Skytel.exe
    <b>[TPwrMain]</b>, %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    <b>[SmoothView]</b>, %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    <b>[00TCrdMain]</b>, %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    <b>[Toshiba Registration]</b>, C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
    <b>[Camera Assistant Software]</b>, "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
    <b>[ISTray]</b>, "C:\Program Files\Spyware Doctor\pctsTray.exe"
    <b>[avast5]</b>, "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    <b>[TkBellExe]</b>, "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    <b>Startup registry items (CURRENT USER)</b>
    <b>[Sidebar]</b>, C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    <b>[WindowsWelcomeCenter]</b>, rundll32.exe oobefldr.dll,ShowWelcomeCenter
    <b>[TOSCDSPD]</b>, C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    <b>[ehTray.exe]</b>, C:\Windows\ehome\ehTray.exe
    <b>[swg]</b>, "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    <b>[AROReminder]</b>, C:\Program Files\Advanced Registry Optimizer\ARO.exe -rem
    <b>[RegistryMechanic]</b>, C:\Program Files\Registry Mechanic\RMTray.exe /H
    <b>BHO Items</b>
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    {3049C3E9-B461-4BC5-8870-4C09146192CA}
    {6D53EC84-6AAE-4787-AEEE-F4628F01010C}
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    {AA58ED58-01DD-4d91-8333-CF10577473F7}
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    {DBC80044-A445-435b-BC74-9C25C1C588A9}
    <b>Executable files that were created in last 30 days:</b>
    c:\$recycle.bin\s-1-5-21-3933040006-404487481-829142409-1000\$i3cnjw2.exe, 544, a6bd77746b355510e0b0d867209b2e5f
    c:\program files\alwil software\avast5\aswchlic.exe, 74368, d1b81a23580355a75d15f7e2a72193aa
    c:\program files\alwil software\avast5\defs\10102100\algo.dll, 723456, 73d55935b09a9db54fc1188709f82420
    c:\program files\alwil software\avast5\defs\10102100\arpot.dll, 37312, 93249c1447e848654b21e9b35f36291d
    c:\program files\alwil software\avast5\defs\10102100\aswar.dll, 139264, 004a38b5057b1caf707dd064b0994614
    c:\program files\alwil software\avast5\defs\10102100\aswboot.dll, 1395376, 567b183efd3a57338a707ca5e80a8f43
    c:\program files\alwil software\avast5\defs\10102100\aswcleanerdll.dll, 428736, 160697cb5e7f1660391e1df6b4089973
    c:\program files\alwil software\avast5\defs\10102100\aswcmnbs.dll, 302016, 2b386a770ac07133196e206d0b4dc0aa
    c:\program files\alwil software\avast5\defs\10102100\aswcmnis.dll, 170688, ec34faa411e4b2c0ad4666d004d6c76a
    c:\program files\alwil software\avast5\defs\10102100\aswcmnos.dll, 90696, 4cc6cd5418f7d730e312499609256385
    c:\program files\alwil software\avast5\defs\10102100\aswengin.dll, 1151248, 46e639cce18042b92d339df210da9e52
    c:\program files\alwil software\avast5\defs\10102100\aswrawfs.dll, 295336, d4f19f59680df0fef25c37155060d8a7
    c:\program files\alwil software\avast5\defs\10102100\aswscan.dll, 73856, 5a98074b5ac783c605b3cad3fa9c97dd
    c:\program files\alwil software\avast5\defs\10102100\exts.dll, 11048, 44093f02ad854bd82f2ff66f27e85d69
    c:\program files\alwil software\avast5\defs\10102100\fwaux.dll, 38872, 3911ab5f70b386bed93cb9ce0f392647
    c:\program files\antimalware pro\antimalwarepro.exe, 19705008, 4adfbbe0116783af43527c5180f81f1a
    c:\program files\antimalware pro\cl.exe, 221184, 8f1f141ff1d57f6e9da30d190564030a
    c:\program files\antimalware pro\e_pma.dll, 851968, 35687d886a2f4e0970a854f850701ba1
    c:\program files\antimalware pro\unins000.exe, 722782, c7e331d090a8fcd13dc51ec9bffb1150
    c:\program files\google\chrome\application\6.0.472.63\avcodec-52.dll, 1434680, 25d5711d01d396b3ff712ff971c46425
    c:\program files\google\chrome\application\6.0.472.63\avformat-52.dll, 193592, 8a65dba6d7ea429a8723ac6d8b551588
    c:\program files\google\chrome\application\6.0.472.63\avutil-50.dll, 91192, a17e7f6f0925bc6de78fef1be1c9ab0a
    c:\program files\google\chrome\application\6.0.472.63\chrome.dll, 20082232, 98d229c4bf1b36d57cc208e350cf56fa
    c:\program files\google\chrome\application\6.0.472.63\chrome_launcher.exe, 89656, 68440e31f28d3fa9e08dc6789dac1472
    c:\program files\google\chrome\application\6.0.472.63\gcswf32.dll, 5964752, 0863e121678e77212e523a9e3b4f5d11
    c:\program files\google\chrome\application\6.0.472.63\gears.dll, 3184184, 3e6ba590f709206417ccf07cfa995bf9
    c:\program files\google\chrome\application\6.0.472.63\icudt42.dll, 10911800, 850bb35a4198686c93e9f7662a1b99ae
    c:\program files\google\chrome\application\6.0.472.63\installer\setup.exe, 1133112, f48a9b8840dc6440f7421c50c87c3f68
    c:\program files\google\chrome\application\6.0.472.63\locales\am.dll, 107576, 983d0f2145d15228d3a0185255eadb99
    c:\program files\google\chrome\application\6.0.472.63\locales\ar.dll, 193592, 4462c1be9ab7c25ebe002a760433a253
    c:\program files\google\chrome\application\6.0.472.63\locales\bg.dll, 237112, c50e1ec54770bc84cc39b10eed28158f
    c:\program files\google\chrome\application\6.0.472.63\locales\bn.dll, 203832, ac501cb9bca5103d2bc85a756d8ca754
    c:\program files\google\chrome\application\6.0.472.63\locales\ca.dll, 204344, 92717a34c305958d08cdc7f20f004839
    c:\program files\google\chrome\application\6.0.472.63\locales\cs.dll, 195128, 4943059acf0e16344e017f2c79d6d08d
    c:\program files\google\chrome\application\6.0.472.63\locales\da.dll, 187448, 142e04fea8e9a6c469a24493e43c6e81
    c:\program files\google\chrome\application\6.0.472.63\locales\de.dll, 169016, 83469c71b058657e448ff9c12e78f9da
    c:\program files\google\chrome\application\6.0.472.63\locales\el.dll, 259128, 7474f20c9af4d296e876dad7221969bc
    c:\program files\google\chrome\application\6.0.472.63\locales\en-gb.dll, 175160, be3b37a4e6a53531ec0bef7c63ee224f
    c:\program files\google\chrome\application\6.0.472.63\locales\en-us.dll, 174648, 31950eb60092ecaa987aac1e01889044
    c:\program files\google\chrome\application\6.0.472.63\locales\es-419.dll, 204344, c50632f7fc6f6f572977bdeb56772c8f
    c:\program files\google\chrome\application\6.0.472.63\locales\es.dll, 208440, cc9355a54bf4103d1b56e7df29292752
    c:\program files\google\chrome\application\6.0.472.63\locales\et.dll, 179256, bdba7ae8a045cdf2a62b82356dfca946
    c:\program files\google\chrome\application\6.0.472.63\locales\fi.dll, 186936, a28cf6713fb82962bfbb31d01ea52548
    c:\program files\google\chrome\application\6.0.472.63\locales\fil.dll, 211000, 85937484a6ef67b4ea9e5baf46c0328d
    c:\program files\google\chrome\application\6.0.472.63\locales\fr.dll, 211512, 0e5c9e549da4be9affe09c9a1de703ec
    c:\program files\google\chrome\application\6.0.472.63\locales\gu.dll, 197688, bf2fb6d74ca5387bacc82bf664f3bc83
    c:\program files\google\chrome\application\6.0.472.63\locales\he.dll, 168504, df6ab60ff3acf967ba6416d507490bf7
    c:\program files\google\chrome\application\6.0.472.63\locales\hi.dll, 245816, aa6a1bbcbbbd90168b7e7baee07c09e4
    c:\program files\google\chrome\application\6.0.472.63\locales\hr.dll, 189496, 543344e83cf1ec4fbfa9b65753b9f8be
    c:\program files\google\chrome\application\6.0.472.63\locales\hu.dll, 204344, 4a25c2defec0aec202f3cc0b1574a1ef
    c:\program files\google\chrome\application\6.0.472.63\locales\id.dll, 185912, f0f8b9f59c7d9e896c192a06b9d03164
    c:\program files\google\chrome\application\6.0.472.63\locales\it.dll, 200760, 2eb1ab273c9b615ee5033a2077b96555
    c:\program files\google\chrome\application\6.0.472.63\locales\ja.dll, 142904, 6572d83b587b9c276169154a1619e009
    c:\program files\google\chrome\application\6.0.472.63\locales\kn.dll, 216120, a4802265757eaeb3121bfd05b962cd18
    c:\program files\google\chrome\application\6.0.472.63\locales\ko.dll, 131128, 3731e1319043c3052c7fc74da0fc7b26
    c:\program files\google\chrome\application\6.0.472.63\locales\lt.dll, 194616, 8c9ac0c907dbd9b1f0d810b2f4482c7d
    c:\program files\google\chrome\application\6.0.472.63\locales\lv.dll, 193080, 2afefc6693249f1e95bf0f8c8eef16a0
    c:\program files\google\chrome\application\6.0.472.63\locales\ml.dll, 258616, 4a15ce0161b3164f38db951861ce04d1
    c:\program files\google\chrome\application\6.0.472.63\locales\mr.dll, 201784, 0e60b6ce5077e4cf5d0278af3f9a6242
    c:\program files\google\chrome\application\6.0.472.63\locales\nb.dll, 185400, 22b1876b71e7b78eeb8292460ba9f993
    c:\program files\google\chrome\application\6.0.472.63\locales\nl.dll, 199224, 06a1e4b9502de1d09f2c01d13cfd0d3e
    c:\program files\google\chrome\application\6.0.472.63\locales\pl.dll, 204344, a8964c11f8c053db820e8df309cca8d7
    c:\program files\google\chrome\application\6.0.472.63\locales\pt-br.dll, 197176, ce2b292c494b4e7abb65c2157ec34bed
    c:\program files\google\chrome\application\6.0.472.63\locales\pt-pt.dll, 202296, 82704e396e213b530a6c5c2c7d423087
    c:\program files\google\chrome\application\6.0.472.63\locales\ro.dll, 206904, e14660f606edac7c2b26f431e850e0d7
    c:\program files\google\chrome\application\6.0.472.63\locales\ru.dll, 231992, 31941dbd692ecc170b39e9daa681b2b2
    c:\program files\google\chrome\application\6.0.472.63\locales\sk.dll, 205368, ca0aeb539b30e65af6df5700de56e097
    c:\program files\google\chrome\application\6.0.472.63\locales\sl.dll, 186936, 66e9f0fcaaa557f09e779ad656df52c3
    c:\program files\google\chrome\application\6.0.472.63\locales\sr.dll, 219192, fd6b06614722fc0767da30251f78757e
    c:\program files\google\chrome\application\6.0.472.63\locales\sv.dll, 184888, 6978629e5c687e90d9abd88d09126814
    c:\program files\google\chrome\application\6.0.472.63\locales\sw.dll, 141880, 5f96dd84bc9a1704a7da629dc877a0b0
    c:\program files\google\chrome\application\6.0.472.63\locales\ta.dll, 233528, 4270879b8cee7ce0f321ee4e372c825a
    c:\program files\google\chrome\application\6.0.472.63\locales\te.dll, 210488, 2da9c0a41b1daf0f2a571bc6fc943cb1
    c:\program files\google\chrome\application\6.0.472.63\locales\th.dll, 237112, 243fcaf2cc121a72ed92ed9a98108d3c
    c:\program files\google\chrome\application\6.0.472.63\locales\tr.dll, 193592, 73e57ba9a1bdfb510e45991d4d229a11
    c:\program files\google\chrome\application\6.0.472.63\locales\uk.dll, 222776, 86f28169e199446dfe43dc5bdbf9cde7
    c:\program files\google\chrome\application\6.0.472.63\locales\vi.dll, 200760, 9936655c8e2f9006f3c6fc8c39c367b4
    c:\program files\google\chrome\application\6.0.472.63\locales\zh-cn.dll, 102456, 366b132d4a8901f04572ebb2f40662c6
    c:\program files\google\chrome\application\6.0.472.63\locales\zh-tw.dll, 102968, c6d736c437bdc1c908ccc8eb6cd6e106
    c:\program files\google\chrome\application\6.0.472.63\nacl64.dll, 2278968, c4246d20b80b51c68f1bc386328ddc78
    c:\program files\google\chrome\application\6.0.472.63\nacl64.exe, 1219128, 461061d81367320d58632c2bf65aed48
    c:\program files\google\chrome\application\6.0.472.63\npchrome_frame.dll, 1535032, 317a07dd62c39d8d363d5ffb96337126
    c:\program files\google\chrome\application\6.0.472.63\pdf.dll, 2613816, 9a050956b346f32105239ac53eebb0ea
    c:\program files\google\google desktop search\gcdtmp2\googledesktopcommon.dll, 273920, e0605fdbd07e03ab1849ddbf8f433482
    c:\program files\google\google desktop search\gcdtmp2\googledesktopresources_en_gb.dll, 573952, 396b6b4c4b561d476bcb3676d54ca564
    c:\program files\internet explorer\iecompat.dll, 13312, d914d96ad3b43f7128aacad48961d785
    c:\program files\perfect uninstaller\contextmenu.dll, 410432, 951a31f0d4e791c86eeb21b2f5beaaee
    c:\program files\reference assemblies\microsoft\framework\v3.5\system.web.extensions.dll, 1277952, c91b8be65fab0ba1067a2c9cfc2066a1
    c:\program files\spyware doctor\avdb\201010101346\ecmldr32.dll, 58688, bcb65089f0a51e51967b9c12a9781d64
    c:\program files\spyware doctor\avdb\201010101346\ecmsvr32.dll, 279872, 516664d280c80e2eb5fcf42eb88cb976
    c:\program files\spyware doctor\avdb\201010101346\naveng32.dll, 177472, 6ad80e3a6106f52e849c6d6438b50def
    c:\program files\spyware doctor\avdb\201010101346\navex32a.dll, 1717568, 0fd64d43ac9cab05881f42d1d1907580
    c:\programdata\microsoft\windows defender\definition updates\{5c1bb06d-c75d-4607-9b26-52fde6a8bd00}\mpengine.dll, 6084944, df2f5a387f6ace26be3e7a8a868b647c
    c:\users\all users\microsoft\windows defender\definition updates\{5c1bb06d-c75d-4607-9b26-52fde6a8bd00}\mpengine.dll, 6084944, df2f5a387f6ace26be3e7a8a868b647c
    c:\users\mark\appdata\local\microsoft\windows\temporary internet files\content.ie5\dqzr7o3g\perfectuninstaller[1].exe, 3545488, 12db1edfe51ac6566b5e428c7dac587d
    c:\users\mark\appdata\roaming\mozilla\firefox\profiles\mkwekm1t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll, 1496064, 1b7a517e4d04858bc639bdf884abd57e
    c:\users\mark\appdata\roaming\mozilla\firefox\profiles\mkwekm1t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll, 43008, f6c13cc1d7fb8de5718c5ad8cf5ec6c1
    c:\users\mark\appdata\roaming\mozilla\firefox\profiles\mkwekm1t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll, 338944, 399dd9b20adb997b4666eb17ecbf7255
    c:\users\mark\appdata\roaming\mozilla\firefox\profiles\mkwekm1t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll, 346112, be8fd965f41c743cdee8eff7b4bc5188
    c:\windows\assembly\gac_32\system.web\2.0.0.0__b03f5f7f11d50a3a\system.web.dll, 5242880, 8e67a4c87c6257171c8b27ee815c41f0
    c:\windows\assembly\gac_msil\system.web.extensions\3.5.0.0__31bf3856ad364e35\system.web.extensions.dll, 1277952, c91b8be65fab0ba1067a2c9cfc2066a1
    c:\windows\assembly\nativeimages_v2.0.50727_32\aspnetmmcext\d03fcf5e4157e919a55382fb5fac6844\aspnetmmcext.ni.dll, 842240, 4cd6e22f314736afb3ec286a10152b60
    c:\windows\assembly\nativeimages_v2.0.50727_32\ehshell\c2045c83aff81ea96c9a228d1f9ee259\ehshell.ni.dll, 11588096, b1858b26e9b45b87fbd45238b2c4447f
    c:\windows\assembly\nativeimages_v2.0.50727_32\microsoft.mediacent#\07259f184f7df1668aae2c0ae54dc04c\microsoft.mediacenter.ui.ni.dll, 5486080, e3b2809b10e9be6b5814ee0f82246243
    c:\windows\assembly\nativeimages_v2.0.50727_32\microsoft.visualbas#\b8275f3805e12e632edaf9fe4ac0239f\microsoft.visualbasic.ni.dll, 1711616, d25fac0673cbbf103df5c6c8c7871ba7
    c:\windows\assembly\nativeimages_v2.0.50727_32\miguicontrols\306e0a581445fcb79e9e990aa60685d6\miguicontrols.ni.dll, 6340096, 6861ce4e0a617a4e7d00a9d20067a34e
    c:\windows\assembly\nativeimages_v2.0.50727_32\servicemodelreg\4a228333e0c9ad1b4020df1e87e8d236\servicemodelreg.ni.exe, 320512, 44dcf70096cc566e5a8af4a15d5a5409
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.data.entity.#\b8892df7c9910e510fb6823d2854a08f\system.data.entity.design.ni.dll, 756736, fd95c1e21b6627219d6ef0adb53c53fa
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.data.services\224e473c87810418a2c1d8727c22643f\system.data.services.ni.dll, 1328128, bf861112c463c411b4e70268e63b715b
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.design\e04351b75b666417b0f36cb8e94d8697\system.design.ni.dll, 10683392, 06970e636994af8684452667a41c69a8
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.identitymodel\f3d9e850afe228a8c3de6fd5b908cf23\system.identitymodel.ni.dll, 1070080, 65da7a3ef8ea1d4c88875bf402827500
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.runtime.remo#\9b8e883fd5fa51f026577156a0ee9d57\system.runtime.remoting.ni.dll, 771584, e5d63e8a74c9af894ca432bb7a281777
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.servicemodel\15251dccd20b85097faa6a33256dff5d\system.servicemodel.ni.dll, 17404416, 91ea7a0c3e8ab6e275f5cf33a737f3ec
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.servicemodel#\adb6547723d4b49017cb6079e11bd947\system.servicemodel.web.ni.dll, 1705984, 2d3aacfcec2e1e5473fe84cd8566f576
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web\62dfd8797881fd7a0d0de3f448a18c01\system.web.ni.dll, 11804672, e8081c210ed531872f7d51b0ea12d2ae
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web.abstract#\b23cb3f01c779300e938ea91c25cdd01\system.web.abstractions.ni.dll, 141312, 29e414d589e8f7fcc3c37d4670c2b646
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web.dynamicd#\3fcc2db96f62b08ab8babb817ca768b7\system.web.dynamicdata.design.ni.dll, 36864, 1b75f56c6cf3a60f5b6abd154375e9f1
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web.dynamicd#\6b3d74971b8754e1438158531272b63d\system.web.dynamicdata.ni.dll, 547328, c9a0763c87ac72d4a3f75bb62db87099
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web.entity\ade616e02c8827de787cc2832e08ccd2\system.web.entity.ni.dll, 328704, b177e7010c744617f142023229d140d1
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web.entity.d#\fdd74ca4c29dd2ffe335e8c5e6ac6cd7\system.web.entity.design.ni.dll, 301056, 621addef0fafbe207d388bb528601e8a
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web.extensio#\00203eb07c10b5f253f581c14951fc6c\system.web.extensions.ni.dll, 2405376, d24917c8447d1d2033114fc007ab510b
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web.extensio#\8d1c9e5eac4e7d278597ab1f58815b4b\system.web.extensions.design.ni.dll, 859648, 8b3c7df1772587b09a70d113da2e28b1
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web.mobile\643ca064d5301e643a52b96e0c8de7b2\system.web.mobile.ni.dll, 2209280, 79fa3efaf9515958c3c399b76b9c96ef
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web.routing\ac8855fd6dd45f853ee7676ac67808a4\system.web.routing.ni.dll, 129536, 9febb82f7e85fc107cae36112937d8d4
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.web.services\25c01af033a32851399dac68d14b4446\system.web.services.ni.dll, 1840640, f10e850d130d29125efb05233159bbc4
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.workflow.act#\0cd09568d585c25ae67169b9cda5397d\system.workflow.activities.ni.dll, 2992640, 13fc870aab482ed623bc2a53406521aa
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.workflow.com#\080174efe002db39aabfebae9da9dec4\system.workflow.componentmodel.ni.dll, 4514304, 2b3d0ce7ffd254b08ad648b7cf830914
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.workflow.run#\4bf06edc6214b937816756beb0ce7785\system.workflow.runtime.ni.dll, 1911296, 300aa97ebc583d09384708a1b309a83f
    c:\windows\assembly\nativeimages_v2.0.50727_32\system.workflowserv#\89de83aafaf1084e063e6a695a16a82c\system.workflowservices.ni.dll, 1356288, 7bcf1df42e5faebc4281d8f4c0cd2928
    c:\windows\microsoft.net\framework\v2.0.50727\aspnet_wp.exe, 30544, c76eaeb91a0b708c16a9df52d2cc00d7
    c:\windows\microsoft.net\framework\v2.0.50727\system.web.dll, 5242880, 8e67a4c87c6257171c8b27ee815c41f0
    c:\windows\microsoft.net\framework\v2.0.50727\webengine.dll, 435024, c043fd4428ee33088598b7a9163921e3
    c:\windows\system32\tzres.dll, 2048, e372fd2688b0cdee15e6873ab5f06a40
    c:\windows\system32\volumemsprlam.dll, 0, e52e9dea9011c315fa911aa9fd09538f
    c:\windows\temp\cr_d6bf.tmp\setup.exe, 1133112, f48a9b8840dc6440f7421c50c87c3f68
    c:\windows\temp\ukqd.tmp\setup.exe, 7168, 28688302563c29bae56ccde82f5a1a75
    c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18497_none_14ed10c809d4b259\tzres.dll, 2048, 2465a41c714c7fe1a999aa1ff8b8d3d2
    c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22717_none_15cd30bf22b16ce9\tzres.dll, 2048, 43987c171348f4951b5f8185e5e9cd61
    c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22717_none_15cd30bf22b16ce9\tzupd.exe, 19456, 90ea10fa4e7e621c2306305302a4f5ff
    c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18276_none_16e8242406ebb36b\tzres.dll, 2048, e372fd2688b0cdee15e6873ab5f06a40
    c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22429_none_17aad34f1fde10ac\tzres.dll, 2048, da545d16150e234040e12d93874714cd
    c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22429_none_17aad34f1fde10ac\tzupd.exe, 19456, c9942ef9359cc3657c3b7419140e4c72
    c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18969_none_83a0d11a46dfe78b\iecompat.dll, 13312, d914d96ad3b43f7128aacad48961d785
    c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.23061_none_842241d16004f2b8\iecompat.dll, 13312, 9ad4bd03b69ca6301caadf89de11bfa6
    c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6002.18315_none_c4c55bfa8c99ea3a\aspnet_wp.exe, 30544, c76eaeb91a0b708c16a9df52d2cc00d7
    c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6002.22493_none_adffe51aa639e1b6\aspnet_wp.exe, 30544, 8bab0729187af11bfa5bf2fff8b5065a
    c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6002.18315_none_367bc675383c70c0\webengine.dll, 435024, c043fd4428ee33088598b7a9163921e3
    c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6002.22493_none_1fb64f9551dc683c\webengine.dll, 436048, 3b62cc52271005cd46540f219473fb86
    c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6002.18315_none_f704312d16d4786d\system.web.dll, 5242880, 8e67a4c87c6257171c8b27ee815c41f0
    c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6002.22493_none_e03eba4d30746fe9\system.web.dll, 5251072, 4b69b7c6cc483fccc47e0e02d973bd1a

    dont know how any1 can make sense of that. any help much appreciated


  • #8
    leeds87
    Closed Accounts Posts: 46 leeds87


    this is the log i got from malwarebytes.

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org
    Database version: 4904
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18943
    21/10/2010 19:54:31
    mbam-log-2010-10-21 (19-54-31).txt
    Scan type: Full scan (C:\|E:\|F:\|)
    Objects scanned: 265254
    Time elapsed: 1 hour(s), 26 minute(s), 7 second(s)
    Memory Processes Infected: 1
    Memory Modules Infected: 0
    Registry Keys Infected: 20
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 6
    Memory Processes Infected:
    C:\Program Files\AntiMalware Pro\AntiMalwarePro.exe (Rogue.AntiMalwarePro) -> Unloaded process successfully.
    Memory Modules Infected:
    (No malicious items detected)
    Registry Keys Infected:
    HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
    Registry Data Items Infected:
    (No malicious items detected)
    Folders Infected:
    (No malicious items detected)
    Files Infected:
    C:\Program Files\AntiMalware Pro\AntiMalwarePro.exe (Rogue.AntiMalwarePro) -> Quarantined and deleted successfully.
    C:\Program Files\AntiMalware Pro\Cl.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Users\Public\Desktop\AntiMalwarePro.lnk (Rogue.AntiMalwarePro) -> Quarantined and deleted successfully.
    C:\Users\MARK\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AntiMalwarePro.lnk (Rogue.AntiMalwarePro) -> Quarantined and deleted successfully.
    C:\Windows\System32\MSVolume.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
    C:\Windows\System32\VolumeMSPrLam.dll (Rogue.AntiMalwarePro) -> Quarantined and deleted successfully.


  • #9
    martinAD71
    Closed Accounts Posts: 6 martinAD71


    try www.malwarebytes.org I find it great for removing anything that I have come across plus its free


  • #10
    drunkmonkey
    Registered Users, Registered Users 2 Posts: 28,897 ✭✭✭✭drunkmonkey


    martinAD71 wrote: »
    try www.malwarebytes.org I find it great for removing anything that I have come across plus its free

    That should shift a lot of stuff but it's best to download and run rKill.exe first, it'll shut down any running processes. You can get it here http://download.bleepingcomputer.com/grinler/rkill.exe


Advertisement