General discussion
-
Topic
-
Antimalware virus; please analyze my logs
LockedHi I got the “antimalware” virus. I ran several scans including malwarebytes, superantispyware, spybot, panda cloud, avira and ad-aware. I have not been able to get rid of all of it yet. I did find a lot of stuff on my computer from it and the computer is running considerably better. Right now there are two problems.
1. When I’m online it will out of the blue open another browser redirecting to a garbage site.
2. When the computer first starts I get this error:
RUNDLL
Error loading sbjgrujj.dll
The specified file could not be found.Thanks for your help. Here are the logs:
MALWAREBYTES
Malwarebytes’ Anti-Malware 1.46
http://www.malwarebytes.orgDatabase version: 4174
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.187026/8/2010 7:55:55 PM
mbam-log-2010-06-08 (19-55-55).txtScan type: Full scan (C:\|G:\|I:\|)
Objects scanned: 287694
Time elapsed: 2 hour(s), 58 minute(s), 12 second(s)Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0Memory Processes Infected:
(No malicious items detected)Memory Modules Infected:
(No malicious items detected)Registry Keys Infected:
(No malicious items detected)Registry Values Infected:
(No malicious items detected)Registry Data Items Infected:
(No malicious items detected)Folders Infected:
(No malicious items detected)Files Infected:
(No malicious items detected)HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:57:31 PM, on 6/8/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: NormalRunning processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ClamAV for Windows\1.0.26\agent.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\FSRremoS.EXE
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\Pelmiced.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ClamAV for Windows\1.0.26\iptray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Program Files\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exeR1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O1 – Hosts: 66.98.148.65 auto.search.msn.com
O1 – Hosts: 66.98.148.65 auto.search.msn.es
O2 – BHO: SysShield IE Popup Blocker – {9A23B8A4-C6C9-4A68-8FA6-5F905DC8FF80} – C:\Program Files\SysShield Tools\Internet Eraser\pkext.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 – Toolbar: AbsoluteShield – {EE9DD090-902D-4623-9360-FB7D8666202B} – C:\Program Files\SysShield Tools\Internet Eraser\AbsoluteBar.dll
O3 – Toolbar: (no name) – {CCC7A320-B3CA-4199-B1A6-9F516DD69829} – (no file)
O4 – HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 – HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 – HKLM\..\Run: [SoundM