1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

MICRO ANTIVIRUS 2009 has infected my brand new PC!!

Discussion in 'Virus & Other Malware Removal' started by speedyralph, Sep 22, 2008.

Thread Status:
Not open for further replies.
  1. speedyralph

    speedyralph Thread Starter

    Joined:
    Sep 22, 2008
    Messages:
    1
    Hello everyone,

    I bought a brand new HP Pavillion a6437c from tigerdirect and decided to back up my stuff from my old PC and install it on my new PC. As I was done with passing my docs, pics, and printer drivers from my old pc a window that looked officially from microsoft with a heading of "Micro Antivirus 2009" openned up and started to scan my computer immediately with pop ups popping at the same time telling me that my cpu with crashing and that I should buy the software. The way in which I manage to shut it down is by going to my task manager and ending thru there, after im able to end it I noticed that the virus left several porn shortcuts on my desktop. I am able to operate on it but as soon as i try to download something like superantispyware the virus kicks into play. I am able to access the task manager and control panel.
    Oh, the Vista I have is 64 bit
    My log file is:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:08:48 PM, on 9/22/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Users\Ferrer\AppData\Roaming\Adobe\Player.exe
    C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\SysWOW64\YURF68F.exe
    C:\Windows\SysWOW64\YUR8113.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\hp\kbd\kbd.exe
    C:\Program Files (x86)\PCHealthCenter\4.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finance.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: peltodgx - {A2E224B7-CF47-4AB6-80BE-BA4C445F87B4} - C:\Users\Ferrer\AppData\Local\Temp\ac8zt2\peltodgx.dll (file missing)
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [\YURF68F.exe] C:\Windows\system32\YURF68F.exe
    O4 - HKLM\..\Run: [\YURFE6C.exe] C:\Windows\system32\YURFE6C.exe
    O4 - HKLM\..\Run: [ANTIVIRUS] "C:\Program Files (x86)\MicroAV\MicroAV.exe"
    O4 - HKLM\..\Run: [\YUR8113.exe] C:\Windows\system32\YUR8113.exe
    O4 - HKLM\..\Run: [\YURCB59.exe] C:\Windows\system32\YURCB59.exe
    O4 - HKLM\..\Run: [\YURCD9A.exe] C:\Windows\system32\YURCD9A.exe
    O4 - HKLM\..\Run: [\YUR4807.exe] C:\Windows\system32\YUR4807.exe
    O4 - HKLM\..\Run: [\YUR9EFC.exe] C:\Windows\system32\YUR9EFC.exe
    O4 - HKLM\..\Run: [\YURA19B.exe] C:\Windows\system32\YURA19B.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Run] C:\Users\Ferrer\AppData\Roaming\Adobe\Player.exe
    O4 - HKCU\..\Run: [\YURF68F.exe] C:\Windows\system32\YURF68F.exe
    O4 - HKCU\..\Run: [\YURFE6C.exe] C:\Windows\system32\YURFE6C.exe
    O4 - HKCU\..\Run: [\YUR8113.exe] C:\Windows\system32\YUR8113.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [\YUR138F.exe] C:\Windows\system32\YUR138F.exe
    O4 - HKCU\..\Run: [\YUR1C36.exe] C:\Windows\system32\YUR1C36.exe
    O4 - HKCU\..\Run: [\YUR9175.exe] C:\Windows\system32\YUR9175.exe
    O4 - HKCU\..\Run: [\YURC34E.exe] C:\Windows\system32\YURC34E.exe
    O4 - HKCU\..\Run: [\YURC541.exe] C:\Windows\system32\YURC541.exe
    O4 - HKCU\..\Run: [\YUR3FAE.exe] C:\Windows\system32\YUR3FAE.exe
    O4 - HKCU\..\Run: [\YURCB59.exe] C:\Windows\system32\YURCB59.exe
    O4 - HKCU\..\Run: [\YURCD9A.exe] C:\Windows\system32\YURCD9A.exe
    O4 - HKCU\..\Run: [\YUR4807.exe] C:\Windows\system32\YUR4807.exe
    O4 - HKCU\..\Run: [\YUR9EFC.exe] C:\Windows\system32\YUR9EFC.exe
    O4 - HKCU\..\Run: [\YURA19B.exe] C:\Windows\system32\YURA19B.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
    O13 - Gopher Prefix:
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
    O21 - SSODL: onfwbsak - {4C5D8BEC-A8E1-45C7-9EC0-C9B39DFFA51B} - C:\Windows\onfwbsak.dll (file missing)
    O21 - SSODL: rwlfsdmk - {7C49CE07-BFF4-487C-AE63-FB3785E1E80A} - C:\Windows\rwlfsdmk.dll (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

    --
    End of file - 8700 bytes
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - MICRO ANTIVIRUS 2009
  1. DebbyR
    Replies:
    2
    Views:
    698
  2. spoonthumb
    Replies:
    9
    Views:
    754
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/752458

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice