Jump to content

georgemcd

Members
  • Content Count

    3
  • Joined

  • Last visited

About georgemcd

  • Rank
    Newbie
  1. Thanks Seth I did that and it let me update both SuperAntiSpyware and avira, was that box checked as a result of the trojan? Anyways seems like a pretty nasty attack because when I ran the spyware scan again after updating it found a few trojans that weren't picked up before: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 05/04/2010 at 05:04 PM Application Version : 4.34.1000 Core Rules Database Version : 4888 Trace Rules Database Version: 2700 Scan type : Complete Scan Total Scan Time : 00:40:26 Memory items scanned : 734 Memory threats detected : 1 Registry items scanned : 7433 Registry threats detected : 1 File items scanned : 23505 File threats detected : 19 Trojan.Agent/Gen-FakeAlert C:\USERS\GEORGE\APPDATA\LOCAL\TEMP\UDK.EXE C:\USERS\GEORGE\APPDATA\LOCAL\TEMP\UDK.EXE [M5T8QL3YW3] C:\USERS\GEORGE\APPDATA\LOCAL\TEMP\UDK.EXE C:\USERS\GEORGE\APPDATA\LOCAL\TEMP\UDJ.EXE C:\WINDOWS\UVOZIA.EXE C:\Windows\Prefetch\UDK.EXE-C69763CA.pf Adware.Tracking Cookie C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\george@atdmt[2].txt C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\george@uk.findstuff[2].txt C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\george@stat.dealtime[1].txt C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\george@trafficengine[1].txt C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\george@dealtime[1].txt C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\george@mediatraffic[1].txt C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\george@overture[1].txt C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\george@doubleclick[1].txt C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\george@adviva[1].txt Adware.Casino Games (Golden Palace Casino) C:\POKER\PADDY POWER POKER\CASINO.EXE C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PADDY POWER POKER\PADDY POWER POKER.LNK C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PADDY POWER POKER.LNK C:\USERS\PUBLIC\DESKTOP\PADDY POWER POKER.LNK Trojan.Agent/Gen-Banker C:\USERS\GEORGE\APPDATA\LOCAL\TEMP\WGVYD.EXE Trojan.RootKit/Gen C:\WINDOWS\SYSTEM32\DRIVERS\MLURK.SYS I followed the process to remove them and ran it again on startup and they were all removed successfully apart from the one I originally mentioned (MLURK.SYS).
  2. Thanks. I seem to be having a problem updating to the latest version, it comes up with the error "There was an error trying to retrieve definitions. Make sure your firewall is not blocking SUPERANTISPYWARE from accessing the internet". I have tried turning off the windows firewall but got the same error. I'm also running Avira anti-virus, would that stop it at all? I'm also having problems updating Avira as it says the same thing that it can't get a connection so i suspect it is related to my virus. Latest log is: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 05/04/2010 at 12:58 PM Application Version : 4.34.1000 Core Rules Database Version : 4865 Trace Rules Database Version: 2649 Scan type : Quick Scan Total Scan Time : 00:31:41 Memory items scanned : 659 Memory threats detected : 0 Registry items scanned : 514 Registry threats detected : 0 File items scanned : 19924 File threats detected : 13 Adware.Casino Games (Golden Palace Casino) C:\POKER\PADDY POWER POKER\CASINO.EXE C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PADDY POWER POKER\PADDY POWER POKER.LNK C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PADDY POWER POKER.LNK C:\USERS\PUBLIC\DESKTOP\PADDY POWER POKER.LNK Adware.Tracking Cookie C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@doubleclick[1].txt C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ads.bcserving[1].txt C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@videoegg.adbureau[1].txt C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@invitemedia[2].txt C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[2].txt C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@content.yieldmanager[2].txt C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@content.yieldmanager[3].txt C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertise[1].txt Trojan.RootKit/Gen C:\WINDOWS\SYSTEM32\DRIVERS\MLURK.SYS
  3. Hi, A few days ago I got a virus called antimalware doctor on my laptop which was pretty hard to get rid of, and have been having problems every since. Every few hours or so I get a message saying "services and controller app stopped working and was closed", follwed by a messages saying windows has encountered a critical error and will restart in 1 minute. There doesn't seem to be a way to stop this and its extremely annoying when it happens and i'm in the middle of doing something. There's a trojan that superantispyware detects when I scan the computer with the following location :- c:\windows\system32\drivers\MLURK.sys which the programme says gets removed but after the required restart it finds it again. I dont think this is related to the above issue but it may be, google doesn't seem to come up with anything when i search for Mlurk.sys. Can anyone help? Cheers George
×
×
  • Create New...