There was something horribly wrong with my laptop.
Yestereday, I downloaded Avest and fortunately, it could find somehting, which McAfee could not find.
Now the issue is, Avest says.
Virus found
c:\windows\system32\gasfyyoxkvlxm.dll
when I click on move to chest, it says “cannot process as it is being used by other programs.”
I tried to delete permanently, it could not. I chose startup option.
It restarted, boot time scan started and even after that it could not remove.
I started in Safe Mode command prompt.
I checked this directory. I could not find any file named this.
Thanks for your prompt reply. I shall perform these steps tonight and post results, as I am currently in Office.
One more point, which I forgot to post.
The error was also talking about
Win32-Alurecon-CY [Rtk] found in operating memory area below the dll error.
I hope the steps you told me to perform, caters to this only. Am I right?
I performed all of the steps repetitively and I guess my laptop is now cl eaned up. It was full of virus I guess.
Thanks for your guidence. I am greatful to you. All logs are attached with this mail. I request you to check log of Hijack this and let me know if I have to do anything more.
Looks like SUPERAntiSpyware removed a rootkit and some tracking cookies that are nothing to worry about.
You did not let Malwarebytes (MBAM) remove what it found
Files Infected:
\?\globalroot\systemroot\system32\gasfkyyoxkvlxm.dll (Trojan.FakeAlert) → No action taken.
C:\WINDOWS\system32\a99k.bin (Trojan.Goldun) → No action taken.
C:\WINDOWS\system32\Drivers\str.sys (Rootkit.Agent) → No action taken.
C:\Documents and Settings\MAJHAR\Favorites\MP3 Download.url (Rogue.Link) → No action taken.
C:\WINDOWS\system32\sebdpx.sys (Trojan.Goldun) → No action taken.
C:\WINDOWS\pxysdb.dat (Trojan.Goldun) → No action taken.
Run MBAM then let it remove what it finds then reboot to let it remove locked files.
I see you are still running Windows Service Pack 2 so you should install Windows Service Pack 3 that has been available for over a year and contains several Critical Security updates plus performance improvements.
You need to start Internet Explorer then go to Tools then Windows Update and download all of the available updates.
Also you should enable Automatic Updates or at least be notified that Updates are available.
Go to Control Panel then Automatic Updates then select Automatic (recommended) or at least Notify me but don’t automatically download or install them.
That was the first log.
I did boot time and then again windows scan. The result was no infected items.
But to give this forum of exact issues, I uploaded first log.
Yes, you are right. I will apply service pack 3 updates.
b[/b] You are using Windows XP Service Pack 2. A newer Service Pack (SP3) is already available for download via Microsof Update. Please consider upgrading as soon as possible for the possible security patches and stability fixes.
b[/b] You seem to use Windows XP’s firewall or no firewall at all. You may enhance your protection by installing a firewall with Outbound Protection that XP’s firewall does not support. Example of good firewall are:
b[/b] R3 - URLSearchHook: Mininova-Vuze Toolbar - {d51d388b-f5dc-471a-a1ce-5e2d671091c0} - C:\Program Files\Mininova-Vuze\tbMin1.dll
This is a Mininova toolbar linked with Vuze. If you did not intentionally install this, you may fix this entry and uninstall the toolbar.
Mininova could probably be linked with Vuze. Did you remeber having a on option on installing toolbars during your Vuze installation? If yes, then Mininova could probably be uninstalled together with Vuze.