InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Solve : error message on start up screen? |
|
Answer» FOUND the following error message: Error loading C:\WINDOWS\oteqageteyojomuc.dll The SPECIFIED module could not be found Paste the following logs for your inspection: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 02/16/2011 at 03:27 PM Application Version : 4.48.1000 Core Rules Database Version : 6415 Trace Rules Database Version: 4227 Scan type : Complete Scan Total Scan Time : 00:48:04 Memory items scanned : 358 Memory threats detected : 0 Registry items scanned : 8165 Registry threats detected : 3 File items scanned : 74731 File threats detected : 83 Adware.Tracking Cookie C:\Documents and Settings\tso\Cookies\[email protected][2].txt C:\Documents and Settings\tso\Cookies\[email protected][2].txt C:\Documents and Settings\tso\Cookies\[email protected][1].txt C:\Documents and Settings\tso\Cookies\[email protected][2].txt C:\Documents and Settings\tso\Cookies\[email protected][2].txt C:\Documents and Settings\tso\Cookies\[email protected][1].txt media.vmixcore.com [ C:\Documents and Settings\tso\Application Data\Macromedia\Flash Player\#SharedObjects\WG9YUUED ] .adinterax.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .adinterax.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .doubleclick.net [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .atdmt.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .atdmt.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] ad.yieldmanager.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] ad.yieldmanager.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] ad.yieldmanager.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] ad.yieldmanager.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] ad.yieldmanager.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .ads.pointroll.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .pointroll.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .pointroll.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .ads.pointroll.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .ads.pointroll.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .ads.pointroll.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .ads.pointroll.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .ads.pointroll.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .ads.pointroll.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .casalemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .casalemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .casalemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .casalemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .invitemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .invitemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .invitemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .invitemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .invitemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .invitemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .content.yieldmanager.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .invitemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] in.getclicky.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .invitemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .invitemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .apmebf.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .mediaplex.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .mediaplex.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .nextag.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .nextag.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .overture.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .overture.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .overture.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .imrworldwide.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .imrworldwide.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] ad.yieldmanager.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .ads.pointroll.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .bs.serving-sys.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .serving-sys.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .serving-sys.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .serving-sys.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .serving-sys.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .adcentriconline.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .ru4.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .ru4.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] www.googleadservices.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .femalebaldness.org [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .chitika.net [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .dmtracker.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .casalemedia.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .revsci.net [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .revsci.net [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .adbrite.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .adbrite.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] www.googleadservices.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .revsci.net [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .revsci.net [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .revsci.net [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .media6degrees.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .media6degrees.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .media6degrees.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .kontera.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .kontera.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .kontera.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .kontera.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .questionmarket.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] .questionmarket.com [ C:\Documents and Settings\tso\Application Data\Mozilla\Firefox\Profiles\z2u6jnhh.default\cookies.sqlite ] Backdoor.Bot[ZBot] HKU\S-1-5-21-1454471165-1788223648-725345543-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} Malware.Trace HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5706 Windows 5.1.2600 Service Pack 3 INTERNET Explorer 8.0.6001.18702 2/16/2011 4:02:13 PM mbam-log-2011-02-16 (16-02-13).txt Scan type: Full scan (C:\|) Objects scanned: 207927 Time elapsed: 20 minute(s), 25 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\adShotHlpr.adShotHlpr (Adware.Adrotator) -> Delete on reboot. HKEY_CLASSES_ROOT\adShotHlpr.adShotHlpr.1.0 (Adware.Adrotator) -> Delete on reboot. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Please help. Thank you. I'm required to give you this information. One or more of the identified infections is a backdoor trojan. (And, it appears that it could be on all accounts.) This allows hackers to remotely control your computer, steal critical system information and Download and Execute files Read this article: Danger: Remote Access Trojans. If your computer was used for online banking, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for banking, email, eBay and forums. You should consider them to be compromised. They should be changed by using a different computer and not the infected one! If not, an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breach. I would counsel you to disconnect this PC from the Internet immediately. Though the Trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community BELIEVE that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? When Should I Format, How Should I Reinstall? We can attempt to clean this machine but i can't guarantee that it will be 100% secure afterwards. Should you have any questions, please feel free to ask. Please let us know what you have decided to do in your next postThank you for your help. I will take your advice and act ACCORDINGLY. |
|