Ok I ran the MBAM? I think that was what you called it, it seems to have worked for now. Here is the log. Do i need to do anything else? And how do you think I got this on my pc? How an I avoid it in the future?
Thanks for your help!!! ;D
Malwarebytes’ Anti-Malware 1.41
Database version: 3014
Windows 5.1.2600 Service Pack 3
10/22/2009 9:08:17 PM
mbam-log-2009-10-22 (21-08-09).txt
Scan type: Full Scan (C:|)
Objects scanned: 208506
Time elapsed: 1 hour(s), 15 minute(s), 16 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 2
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 3
Files Infected: 7
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\lsp.dll (Search.Hijacker) → No action taken.
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) → No action taken.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) → No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\System tool (Rogue.SysGuard) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\System tool (Rogue.SysGuard) → No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0) → No action taken.
Folders Infected:
C:\Documents and Settings\All Users\Application Data\19527504 (Rogue.Multiple) → No action taken.
C:\Documents and Settings\Nicole\Start Menu\Programs\System Security (Rogue.SystemSecurity) → No action taken.
C:\WINDOWS\system32\sysproc64 (Trojan.Agent) → No action taken.
Files Infected:
C:\WINDOWS\system32\lsp.dll (Search.Hijacker) → No action taken.
C:\System Volume Information_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP934\A0212137.dll (Search.Hijacker) → No action taken.
C:\Documents and Settings\All Users\Application Data\19527504\19527504 (Rogue.Multiple) → No action taken.
C:\Documents and Settings\Nicole\Start Menu\Programs\System Security\System Security (Rogue.SystemSecurity) → No action taken.
C:\WINDOWS\system32\sysproc64\sysproc32.sys.cla (Trojan.Agent) → No action taken.
C:\Program Files\btiicj\sijbsysguard.exe (Rogue.SysGuard) → No action taken.
C:\WINDOWS\syssvc.exe (Trojan.FakeAlert) → No action taken.
Thank you for your help, again. I got my laptop back up and running, Avast finished the scan identified a virus, i sent it to the chest and removed it but it keeps coming back. This is the second time i have this same virus, it disguises itself as an anti-virus program, and it is blocking all my apps. So I am virtually useless. Im not an expert but im not an idiot either, if someone can walk me through how to remove this, at least so i can get my files off the pc would be really appreciated.
I think the name of the file is “iehelper.dll”