MSIV root virus?

I

icemike

New member
Hi guys I've followed the guide on removing rootkit virus and how to manually remove malaware. I've also tried installing programs like hijack this and spybot and everytime I come to do this I get BSOD. Same applies to when i start scanning with avg? Superantispyware won't even start up anymore!?

Not sure how I got this but i have an idea it might have been through a script one of my work peers put on my laptop. I use autocad and we rely heavly on scripts for design work. Would be much help if anyone can advise on me what to do.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Requested file archive at 13/06/2009 01:15:18
Created by RootAlyzer
Copyright © 2004-2009 Safer-Networking Limited. All rights reserved.

File, Invisible to Win32: C:\WINDOWS\System32\MSIVXcount
File, Invisible to Win32: C:\WINDOWS\System32\MSIVXkfjefjjurxdutmyxnveavvljmarkpqmx.dll
File, Invisible to Win32: C:\WINDOWS\System32\MSIVXopneldfwbkqobowtjpgeduimiobybgtl.dll
File, Invisible to Win32: C:\WINDOWS\System32\drivers\MSIVXmfasbqwbmebrvfvioxdxfnvocoqaxpdu.sys
File, Invisible to Win32: C:\Users\Michael\AppData\Local\Temp\_tc\MSIVXcount
File, Invisible to Win32: C:\Users\Michael\AppData\Local\Temp\_tc\MSIVXkfjefjjurxdutmyxnveavvljmarkpqmx.dll
Folder, No admin in ACL: C:\Users\All Users\Microsoft\OFFICE\DATA
File, No admin in ACL: C:\Users\All Users\Microsoft\OFFICE\DATA\OPA12.BAK
File, No admin in ACL: C:\Users\All Users\Microsoft\OFFICE\DATA\opa12.dat
Folder, No admin in ACL: C:\ProgramData\Microsoft\OFFICE\DATA
File, Invisible to Win32: C:\Program Files\MSIVXcount

Requests:
C:\WINDOWS\System32\MSIVXcount
C:\WINDOWS\System32\MSIVXkfjefjjurxdutmyxnveavvljmarkpqmx.dll
C:\WINDOWS\System32\MSIVXopneldfwbkqobowtjpgeduimiobybgtl.dll
C:\WINDOWS\System32\drivers\MSIVXmfasbqwbmebrvfvioxdxfnvocoqaxpdu.sys
C:\Users\Michael\AppData\Local\Temp\_tc\MSIVXcount
C:\Users\Michael\AppData\Local\Temp\_tc\MSIVXkfjefjjurxdutmyxnveavvljmarkpqmx.dll
C:\Users\All Users\Microsoft\OFFICE\DATA\*.*
C:\Users\All Users\Microsoft\OFFICE\DATA\OPA12.BAK
C:\Users\All Users\Microsoft\OFFICE\DATA\opa12.dat
C:\ProgramData\Microsoft\OFFICE\DATA\*.*
C:\Program Files\MSIVXcount

Operations:
+ added: C:\WINDOWS\System32\MSIVXcount
+ added: C:\WINDOWS\System32\MSIVXkfjefjjurxdutmyxnveavvljmarkpqmx.dll
+ added: C:\WINDOWS\System32\MSIVXopneldfwbkqobowtjpgeduimiobybgtl.dll
+ added: C:\WINDOWS\System32\drivers\MSIVXmfasbqwbmebrvfvioxdxfnvocoqaxpdu.sys
+ added: C:\Users\Michael\AppData\Local\Temp\_tc\MSIVXcount
+ added: C:\Users\Michael\AppData\Local\Temp\_tc\MSIVXkfjefjjurxdutmyxnveavvljmarkpqmx.dll
+ added: C:\Users\All Users\Microsoft\OFFICE\DATA\OPA12.BAK
+ added: C:\Users\All Users\Microsoft\OFFICE\DATA\opa12.dat
+ added: C:\Users\All Users\Microsoft\OFFICE\DATA\OPA12.BAK
+ added: C:\Users\All Users\Microsoft\OFFICE\DATA\opa12.dat
+ added: C:\ProgramData\Microsoft\OFFICE\DATA\OPA12.BAK
+ added: C:\ProgramData\Microsoft\OFFICE\DATA\opa12.dat
+ added: C:\Program Files\MSIVXcount
 
Hi icemike

Please rename HijackThis installer.

If you are able to install HijackThis, please rename HijackThis executable if it doesn't run.
 
Due to the lack of feedback this Topic is closed.

If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.

Everyone else please begin a New Topic.
 
You must log in or register to reply here.
Back
Top