My computer hadn’t been running properly, shortcuts stopped working, windows programs were disabled…and after multiple thorough scans Avast found nothing wrong. This is with a licensed version. Can someone tell me why?
Since running an alternate program, my computer is now functional.
Avast was up to date. It was eventually disabled by the malware, that was when I sought additional help.
I also ran ALWIL Virus/Worm Cleaner, and these files were “not able to be scanned”
If you are showing any of these program files in your system, I suggest you perform an alternate scan until Avast catches up.
ComboFix 09-11-05.01 - Mama 11/05/2009 16:43.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.503.233 [GMT -5:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\docume~1\ADMINI~1\LOCALS~1\Temp\tmp1.tmp
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\program files\Uninstall Fun Web Products.dll
c:\recycler\S-1-5-21-1076938913-1788782439-1649114590-1006
c:\recycler\S-1-5-21-1335824712-230926726-149657146-500
c:\recycler\S-1-5-21-1708537768-602609370-725345543-500
c:\recycler\S-1-5-21-2308430894-1623928607-1027514085-1006
c:\recycler\S-1-5-21-2320242337-1531394502-1403792422-1006
c:\recycler\S-1-5-21-3655382875-1176697792-341787293-1006
c:\recycler\S-1-5-21-4218230653-959414080-196939669-1006
c:\windows\9g2234wesdf3dfgjf23
c:\windows\instsp2.exe
c:\windows\ld08.exe
c:\windows\mqcd.dbt
c:\windows\pp06.exe
c:\windows\system32__c008B98.dat
c:\windows\system32\ajugonoy.ini
c:\windows\system32\akuyokav.ini
c:\windows\system32\aluzevar.ini
c:\windows\system32\ashl.nq
c:\windows\system32\azton.mt
c:\windows\system32\baborefe.dll
c:\windows\system32\bamukitu.dll
c:\windows\system32\bibegipe.dll
c:\windows\system32\Cache
c:\windows\system32\dolman.zt
c:\windows\system32\ebavirek.ini
c:\windows\system32\efafedin.ini
c:\windows\system32\eferobab.ini
c:\windows\system32\epigebib.ini
c:\windows\system32\eqxhpj.dll
c:\windows\system32\eworukap.ini
c:\windows\system32\fairy.an
c:\windows\system32\ferryl.cbv
c:\windows\system32\fidofepu.dll
c:\windows\system32\heribaye(2)(2).dll
c:\windows\system32\ikanohul.ini
c:\windows\system32\imewopen.ini
c:\windows\system32\imuwajev.ini
c:\windows\system32\inqby.sr
c:\windows\system32\isifewuj.ini
c:\windows\system32\jahomayo.dll
c:\windows\system32\jajulaze.dll
c:\windows\system32\jivavadu.dll
c:\windows\system32\jizimuzi.dll
c:\windows\system32\jkshfuiehi.dll
c:\windows\system32\juwefisi.dll
c:\windows\system32\kerivabe.dll
c:\windows\system32\kirasahi.dll
c:\windows\system32\kutipuni.exe
c:\windows\system32\lamofuku.dll
c:\windows\system32\lelehaku.dll
c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\lowsec\user.ds.lll
c:\windows\system32\luhonaki.dll
c:\windows\system32\luyudoya.dll
c:\windows\system32\midepoba.dll
c:\windows\system32\miziwiva.dll
c:\windows\system32\nageyefu.dll
c:\windows\system32\netutode.dll
c:\windows\system32\oliloliz.ini
c:\windows\system32\omodeyav.ini
c:\windows\system32\owotited.ini
c:\windows\system32\rivenape.dll
c:\windows\system32\rukakaja.dll
c:\windows\system32\sdra64.exe
c:\windows\system32\sizugomu.dll
c:\windows\system32\SYS32DLL.exe
c:\windows\system32\tabupulu.dll
c:\windows\system32\ulupubat.ini
c:\windows\system32\ulusitaw.ini
c:\windows\system32\vanituti.dll
c:\windows\system32\vekukedu.dll
c:\windows\system32\wetemawo.dll
c:\windows\system32\wetudave.dll
c:\windows\system32\wikipuha.dll
c:\windows\system32\wimavapa.dll
c:\windows\system32\wotitiha.dll
c:\windows\system32\yarajobi.dll
c:\windows\system32\yijeziye.dll
c:\windows\system32\yonesefe.dll
c:\windows\system32\zodatibo.dll
c:\windows\t55ft2692f44.dat
C:\xcrashdump.dat
----- BITS: Possible infected sites -----
hxxp://82.98.235.208
hxxp://82.98.235.205