Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Covered the steps, here's the hijack log

Started by Jeffmellinger , Mar 21 2005 12:07 AM

  • This topic is locked This topic is locked

#1
Jeffmellinger
Posted 21 March 2005 - 12:07 AM

Jeffmellinger

    Member

  • Member
  • PipPip
  • 11 posts
Ok. I've been using Adwarefilter for awhile and have been very clean until Friday night...don't know what happened, but TONS of malware/spyware just appeared. I didn't go to any sites I've never been to and I didn't open anything I know not to. Spent most of Saturday trying to rid the comp. Have Trend AV and Microsoft AntiSpyware now too. Still getting a few pop-ups: Partypoker, and the ironic ones that tell me I might have spyware (no kidding).
Here's the hijack log:
Logfile of HijackThis v1.99.0
Scan saved at 10:01:36 PM, on 3/20/2005
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\atiptaxx.exe
C:\WINNT\System32\desk95.exe
C:\WINNT\essspk.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Trend Micro\Antivirus\pccguide.exe
C:\Program Files\Trend Micro\Antivirus\PCClient.exe
C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\AdwareFilter\AdwareFilter.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = WWW.ESPN.COM
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = WWW.ESPN.COM
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.yahoo.com"); (C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\prefs.js)
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O3 - Toolbar: AdwareFilter - {1028F737-81E7-452B-A860-E50CAD90A08C} - C:\Program Files\AdwareFilterToolBar\AdwareFilter.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HydarVisionDesktopManager] desk95.exe
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [cd6rs9ix] C:\Program Files\cd6rs9ix\cd6rs9ix.exe
O4 - HKLM\..\Run: [BMan] C:\Documents and Settings\All Users\Application Data\msw\BMan1.exe
O4 - HKLM\..\Run: [exp.exe] C:\WINNT\System32\exp.exe
O4 - HKLM\..\Run: [SystemCheck] C:\WINNT\SysCheckBop32
O4 - HKLM\..\Run: [sys012654108] C:\WINNT\sys012654108.exe
O4 - HKLM\..\Run: [etbrun] C:\winnt\system32\eliteeju32.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Antivirus\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Antivirus\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe" /run
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [sysmonnt] C:\WINNT\System32\sysmonnt
O4 - Startup: Netscp.lnk = C:\Program Files\Netscape\Netscape\Netscp.exe
O4 - Global Startup: AdwareFilter Background Protection.lnk = C:\Program Files\AdwareFilter\AdwareFilter.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\program files\partypoker\IEExtension.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Trend NT Realtime Service - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: ZESOFT - Unknown - C:\WINNT\zeta.exe (file missing)

thanks
jeff
  • 0

Advertisements

#2
Guest_thatman_*
Posted 24 March 2005 - 09:17 AM

Guest_thatman_*
  • Guest
Hi Jeffmellinger

Welcome to geekstogo!

Please read through the instructions before you start (you may want to print this out).

You are running an out-of-date version of HijackThis; can you please download a new copy (there is a link in my signature), unzip it, and replace your existing copy with the new version.

Download CW-Shredder at the link below: CWShredder

Run CWShredder to fix your CWS problem.

Please set your system to show all files; please see here if you're unsure how to do this.

Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
O3 - Toolbar: AdwareFilter - {1028F737-81E7-452B-A860-E50CAD90A08C} - C:\Program Files\AdwareFilterToolBar\AdwareFilter.dll
O4 - HKLM\..\Run: [cd6rs9ix] C:\Program Files\cd6rs9ix\cd6rs9ix.exe
O4 - HKLM\..\Run: [BMan] C:\Documents and Settings\All Users\Application Data\msw\BMan1.exe
O4 - HKLM\..\Run: [exp.exe] C:\WINNT\System32\exp.exe
O4 - HKLM\..\Run: [SystemCheck] C:\WINNT\SysCheckBop32
O4 - HKLM\..\Run: [sys012654108] C:\WINNT\sys012654108.exe
O4 - HKLM\..\Run: [etbrun] C:\winnt\system32\eliteeju32.exe
O4 - HKCU\..\Run: [sysmonnt] C:\WINNT\System32\sysmonnt
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O23 - Service: ZESOFT - Unknown - C:\WINNT\zeta.exe (file missing)
Click on Fix Checked when finished and exit HijackThis.

Reboot into Safe Mode: please see here if you are not sure how to do this.

Using Windows Explorer, locate the following files/folders, and delete them:

C:\Program Files\AdwareFilterToolBar <--Delete this folder
C:\Program Files\cd6rs9ix <--Delete this folder
C:\Documents and Settings\All Users\Application Data\msw <--Delete this folder
C:\WINNT\System32\exp.exe<--Delete this file
C:\WINNT\SysCheckBop32<--Delete this file
C:\WINNT\sys012654108.exe <--Delete this file
C:\winnt\system32\eliteeju32.exe <--Delete this file
C:\WINNT\System32\sysmonnt <--Delete this file
C:\WINNT\web\related.htm <--Delete this file
C:\WINNT\zeta.exe <--Delete this file

Exit Explorer,

Reboot into normal mode.

Please run the following free, online virus scans.
http://www.pandasoft...n_principal.htm
http://housecall.tre.../start_corp.asp

Please post the logs From both virus scans and HJT.log we will need them to remove previous infections that have left files on your system.

Kc :tazz:
  • 0

#3
Jeffmellinger
Posted 25 March 2005 - 01:58 PM

Jeffmellinger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I DL'd a new hijack version. Ran CWShredder, it found nothing. Ran new Hijack. Put checkmarks and fixed everything I was told to. Went into safemode, deleted AdwareFilterToolbar folder, Cd6rs9ix folder, msw folder, elieteeju32.exe and related.htm. Those were the only ones listed that I found. Then I ran the Panda Scan, here are the results: Incident Status Location

Spyware:Spyware/New.net No disinfected C:\WINNT\NDNuninstall*.exe
Adware:Adware/SaveNow No disinfected Windows Registry
Adware:Adware/Sqwire No disinfected C:\WINNT\System32\tsuninst.exe
Spyware:Spyware/TVMedia No disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\sskknwrd.dll
Adware:Adware/IPInsight No disinfected C:\WINNT\inf\farmmext.inf
Adware:Adware/EliteBar No disinfected C:\WINNT\EliteSideBar
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\sskknwrd.dll
Adware:Adware/BTGrab No disinfected Windows Registry
Adware:Adware/Transponder No disinfected C:\WINNT\dlmax.dll
Spyware:Spyware/ISTbar No disinfected C:\Documents and Settings\Jeff Mellinger\.jpi_cache\jar\1.0\javainstaller.jar-4514e5ea-16c793ce.zip[InstallerApplet.class]
Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\eibi.exe
Virus:Trj/Win.Bearded Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[beard.EXE]
Virus:W32/Happy Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~003295.@x@][Happy99.exe]
Virus:W32/Happy Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~009603.@x@][Happy99.exe]
Virus:JS/Kak.Worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~022790.txt]
Virus:JS/Kak.Worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~022810.txt]
Virus:JS/Kak.Worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~024582.txt]
Virus:JS/Kak.Worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~024585.txt]
Virus:JS/Kak.Worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~039395.txt]
Virus:W32/Klez.I Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[snoopy.bat]
Virus:W32/Sobig.E Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[your_details.zip][details.pif]
Virus:W32/Gibe.B Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[patch692.exe]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[movie0045.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[your_details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[your_document.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[document_all.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[wicked_scr.scr]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[document_all.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[document_9446.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[your_document.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[your_details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[document_all.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[document_9446.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[application.pif]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100569.txt]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100591.txt]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100609.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[diie.pif]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[installation9.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100614.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[fgvwyw.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[pack.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100620.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[eiijp.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100626.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[cvqpuat.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100627.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[fbld.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100628.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[ecys.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100629.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[azsxjg.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100630.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[beebed.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100631.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[flmueuf.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100636.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[haozxpa.exe]
Virus:W32/Sobig Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[Untitled1.pif]
Virus:W32/Magistr.B Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[NEUTRAL.bat]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[INSTALLER3.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100651.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[bapvgari.exe]
Virus:W32/Magistr.B Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[enter.com]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[pack578.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[Q374732.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100668.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[cxmuck.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[install384.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100693.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[hxsdpyad.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[Install.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100698.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[ceho.scr]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[install.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[Pack713.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100715.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[dkkqkly.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100734.@x@]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100738.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[dsoq.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100743.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[cukpw.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[UPGRADE.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[pack4634.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[install779.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100761.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[fyii.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100762.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[ceapjqkx.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100769.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[cstpva.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[Patch154.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100777.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[ebqtsevc.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[Q571865.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100804.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[cgze.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[patch661.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[Upgrade773.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100827.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[fnxjyxu.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100828.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[becau.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100829.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[dlvvs.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[~100830.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[gihvm.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Inbox[qegoi.exe]
Virus:Trj/Win.Bearded Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Sent[Beard.exe]
Virus:W32/Sobig.E Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[your_details.zip][details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[movie0045.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[your_details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[document_all.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[your_document.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[wicked_scr.scr]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[document_all.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[document_9446.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[your_document.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[your_details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[your_document.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[your_details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[document_all.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[document_9446.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[your_details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[document_all.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[your_details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[wicked_scr.scr]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[your_document.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[movie0045.pif]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000172.txt]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000177.txt]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000184.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[diie.pif]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000185.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[fgvwyw.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000187.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[eiijp.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[pack.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[installation9.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000204.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[cvqpuat.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000205.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[fbld.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000206.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[ecys.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000207.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[azsxjg.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000208.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[beebed.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000209.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[flmueuf.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000210.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[haozxpa.exe]
Virus:W32/Sobig Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[Untitled1.pif]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[INSTALLER3.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles&
  • 0

#4
Jeffmellinger
Posted 25 March 2005 - 02:05 PM

Jeffmellinger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Apparently it wouldn't fit everything on that last post: Here is the remainder of the Panda Scan
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[INSTALLER3.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000219.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[bapvgari.exe]
Virus:W32/Magistr.B Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[NEUTRAL.bat]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[pack578.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[Q374732.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000230.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[cxmuck.exe]
Virus:W32/Magistr.B Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[enter.com]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[install384.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000249.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[hxsdpyad.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[Install.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000254.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[ceho.scr]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[install.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[Pack713.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000267.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[dkkqkly.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000271.@x@]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[Q162797.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[Installation9.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000284.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[dsoq.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000285.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[cukpw.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[UPGRADE.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[pack4634.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[install779.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000298.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[fyii.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000299.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[ceapjqkx.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000300.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[cstpva.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[Q935788.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[Patch154.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000310.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[ebqtsevc.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[Q571865.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000327.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[cgze.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[patch661.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[Upgrade773.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000337.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[fnxjyxu.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000338.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[becau.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000339.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[dlvvs.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[~000340.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[gihvm.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\astound.net\Trash[qegoi.exe]
Virus:Trj/Win.Bearded Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[beard.EXE]
Virus:W32/Happy Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~003295.@x@][Happy99.exe]
Virus:W32/Happy Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~009603.@x@][Happy99.exe]
Virus:JS/Kak.Worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~022790.txt]
Virus:JS/Kak.Worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~022810.txt]
Virus:JS/Kak.Worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~024582.txt]
Virus:JS/Kak.Worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~024585.txt]
Virus:JS/Kak.Worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~039395.txt]
Virus:W32/Klez.I Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[snoopy.bat]
Virus:W32/Sobig.E Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[your_details.zip][details.pif]
Virus:W32/Gibe.B Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[patch692.exe]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[movie0045.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[your_details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[your_document.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[document_all.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[wicked_scr.scr]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[document_all.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[document_9446.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[your_document.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[application.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[thank_you.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[your_details.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[document_all.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[document_9446.pif]
Virus:W32/Sobig.F Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[application.pif]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100569.txt]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100591.txt]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100609.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[diie.pif]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[installation9.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100614.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[fgvwyw.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[pack.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100620.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[eiijp.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100626.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[cvqpuat.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100627.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[fbld.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100628.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[ecys.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100629.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[azsxjg.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100630.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[beebed.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100631.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[flmueuf.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100636.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[haozxpa.exe]
Virus:W32/Sobig Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Untitled1.pif]
Virus:W32/Magistr.B Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[NEUTRAL.bat]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[INSTALLER3.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100651.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[bapvgari.exe]
Virus:W32/Magistr.B Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[enter.com]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[pack578.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Q374732.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100668.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[cxmuck.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[install384.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100693.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[hxsdpyad.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Install.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100698.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[ceho.scr]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[install.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Pack713.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100715.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[dkkqkly.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100734.@x@]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100738.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[dsoq.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100743.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[cukpw.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[UPGRADE.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[pack4634.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[install779.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100761.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[fyii.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100762.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[ceapjqkx.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100769.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[cstpva.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Patch154.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100777.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[ebqtsevc.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Q571865.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100804.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[cgze.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[patch661.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Upgrade773.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100827.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[fnxjyxu.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100828.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[becau.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100829.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[dlvvs.exe]
Virus:Exploit/iFrame Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~100830.txt]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[gihvm.exe]
Virus:W32/Gibe.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[qegoi.exe]
Virus:W32/Mydoom.A.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[body.zip][body.pif]
Virus:W32/Mydoom.A.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[doc.scr]
Virus:W32/Mydoom.A.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[file.pif]
Virus:W32/Mydoom.A.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[text.exe]
Virus:W32/Mydoom.A.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[readme.pif]
Virus:W32/Bagle.C.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[baabaabcdc.zip][fucpvisj.exe]
Virus:W32/Bagle.J.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Information.pif]
Virus:W32/Bagle.pwdzip Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Attach.zip]
Virus:W32/Bagle.J.worm Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Message.pif]
Virus:W32/Bagle.pwdzip Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[TextFile.zip]
Virus:W32/Bagle.pwdzip Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[TextDocument.zip]
Virus:W32/Bagle.pwdzip Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Information.zip]
Virus:W32/Bagle.pwdzip Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Attach.zip]
Virus:W32/Bagle.pwdzip Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Readme.zip]
Virus:W32/Bagle.pwdzip Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[Message.zip]
Virus:Trj/Citifraud.A Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~106866.@x@]
Virus:Trj/Citifraud.A Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~106868.@x@]
Virus:Trj/Citifraud.A Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~107819.@x@]
Virus:Trj/Citifraud.A Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~107821.@x@]
  • 0

#5
Jeffmellinger
Posted 25 March 2005 - 02:06 PM

Jeffmellinger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
More of the Panda Scan:

Virus:Trj/Citifraud.A Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~108045.@x@]
Virus:Trj/Citifraud.A Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~108125.@x@]
Virus:Trj/Citifraud.A Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~108581.@x@]
Virus:Trj/Citifraud.A Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Inbox[~108583.@x@]
Virus:Trj/Win.Bearded Disinfected C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\Mail\mail.ca.astound.net\Sent[Beard.exe]
Adware:Adware/nCase No disinfected C:\Documents and Settings\Jeff Mellinger\Local Settings\Temp\Del5A.tmp
Spyware:Spyware/ISTbar No disinfected C:\Documents and Settings\Jeff Mellinger\Local Settings\Temp\GLFBDGLFBD.EXE
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Jeff Mellinger\Local Settings\Temp\i169.tmp
Virus:Trj/TedapuNews.A Disinfected C:\Documents and Settings\Jeff Mellinger\Local Settings\Temporary Internet Files\Content.IE5\OFK503AD\winupdt[1].exe
Virus:Trj/Downloader.KW Disinfected C:\Documents and Settings\Jeff Mellinger\Local Settings\Temporary Internet Files\Content.IE5\OLQZKTQJ\mmviewer_101[1].cab
Adware:Adware/EliteBar No disinfected C:\WINNT\EliteToolBar\EliteToolBar version 59.dll
Adware:Adware/BTGrab No disinfected C:\WINNT\inf\btgrab.inf
Adware:Adware/IPInsight No disinfected C:\WINNT\inf\farmmext.inf
Adware:Adware/StartPage.DD No disinfected C:\WINNT\system32\eliteewz32.exe
Adware:Adware/StartPage.DD No disinfected C:\WINNT\system32\eliteggo32.exe
Adware:Adware/StartPage.DD No disinfected C:\WINNT\system32\elitekmz32.exe
Adware:Adware/Startpage.CM No disinfected C:\WINNT\system32\elitemik32.exe
Adware:Adware/StartPage.DD No disinfected C:\WINNT\system32\elitessp32.exe
Spyware:Spyware/ISTbar No disinfected C:\WINNT\system32\tsuninst.exe
Virus:Trj/Win.Bearded Disinfected D:\C drive stuff\Netscape from C\Inbox[beard.EXE]
Virus:W32/Happy Disinfected D:\C drive stuff\Netscape from C\Inbox[~003295.@x@][Happy99.exe]
Virus:W32/Happy Disinfected D:\C drive stuff\Netscape from C\Inbox[~009603.@x@][Happy99.exe]
Virus:JS/Kak.Worm Disinfected D:\C drive stuff\Netscape from C\Inbox[~022790.txt]
Virus:JS/Kak.Worm Disinfected D:\C drive stuff\Netscape from C\Inbox[~022810.txt]
Virus:JS/Kak.Worm Disinfected D:\C drive stuff\Netscape from C\Inbox[~024582.txt]
Virus:JS/Kak.Worm Disinfected D:\C drive stuff\Netscape from C\Inbox[~024585.txt]
Virus:JS/Kak.Worm Disinfected D:\C drive stuff\Netscape from C\Inbox[~039395.txt]
Virus:W32/Klez.I Disinfected D:\C drive stuff\Netscape from C\Inbox[snoopy.bat]
Virus:W32/Sobig.E Disinfected D:\C drive stuff\Netscape from C\Inbox[your_details.zip][details.pif]
Virus:W32/Gibe.B Disinfected D:\C drive stuff\Netscape from C\Inbox[patch692.exe]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[application.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[thank_you.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[movie0045.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[your_details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[your_document.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[application.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[document_all.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[thank_you.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[wicked_scr.scr]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[document_all.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[document_9446.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[your_document.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[application.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[thank_you.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[your_details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[document_all.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[document_9446.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Inbox[application.pif]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100569.txt]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100591.txt]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100609.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[diie.pif]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[installation9.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100614.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[fgvwyw.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[pack.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100620.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[eiijp.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100626.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[cvqpuat.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100627.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[fbld.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100628.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[ecys.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100629.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[azsxjg.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100630.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[beebed.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100631.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[flmueuf.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100636.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[haozxpa.exe]
Virus:W32/Sobig Disinfected D:\C drive stuff\Netscape from C\Inbox[Untitled1.pif]
Virus:W32/Magistr.B Disinfected D:\C drive stuff\Netscape from C\Inbox[NEUTRAL.bat]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[INSTALLER3.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100651.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[bapvgari.exe]
Virus:W32/Magistr.B Disinfected D:\C drive stuff\Netscape from C\Inbox[enter.com]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[pack578.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[Q374732.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100668.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[cxmuck.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[install384.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100693.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[hxsdpyad.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[Install.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100698.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[ceho.scr]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[install.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[Pack713.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100715.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[dkkqkly.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100734.@x@]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100738.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[dsoq.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100743.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[cukpw.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[UPGRADE.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[pack4634.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[install779.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100761.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[fyii.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100762.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[ceapjqkx.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100769.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[cstpva.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[Patch154.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100777.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[ebqtsevc.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[Q571865.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100804.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[cgze.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[patch661.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[Upgrade773.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100827.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[fnxjyxu.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100828.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[becau.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100829.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[dlvvs.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Inbox[~100830.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[gihvm.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Inbox[qegoi.exe]
Virus:Trj/Win.Bearded Disinfected D:\C drive stuff\Netscape from C\Sent[Beard.exe]
Virus:W32/Sobig.E Disinfected D:\C drive stuff\Netscape from C\Trash[your_details.zip][details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[application.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[thank_you.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[movie0045.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[your_details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[thank_you.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[document_all.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[application.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[your_document.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[wicked_scr.scr]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[document_all.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[document_9446.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[your_document.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[application.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[thank_you.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[your_details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[your_document.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[your_details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[document_all.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[application.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[document_9446.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[thank_you.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[your_details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[thank_you.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[document_all.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[your_details.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[wicked_scr.scr]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[your_document.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[application.pif]
Virus:W32/Sobig.F Disinfected D:\C drive stuff\Netscape from C\Trash[movie0045.pif]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000172.txt]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000177.txt]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000184.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[diie.pif]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000185.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[fgvwyw.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000187.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[eiijp.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[pack.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[installation9.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000204.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[cvqpuat.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000205.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[fbld.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000206.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[ecys.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000207.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[azsxjg.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000208.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[beebed.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000209.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[flmueuf.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000210.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[haozxpa.exe]
Virus:W32/Sobig Disinfected D:\C drive stuff\Netscape from C\Trash[Untitled1.pif]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[INSTALLER3.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000219.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[bapvgari.exe]
Virus:W32/Magistr.B Disinfected D:\C drive stuff\Netscape from C\Trash[NEUTRAL.bat]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[pack578.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[Q374732.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000230.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[cxmuck.exe]
Virus:W32/Magistr.B Disinfected D:\C drive stuff\Netscape from C\Trash[enter.com]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[install384.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000249.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape f
  • 0

#6
Jeffmellinger
Posted 25 March 2005 - 02:08 PM

Jeffmellinger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Alrighty then, here is the LAST bit of the Panda Scan:
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[hxsdpyad.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[Install.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000254.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[ceho.scr]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[install.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[Pack713.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000267.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[dkkqkly.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000271.@x@]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[Q162797.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[Installation9.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000284.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[dsoq.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000285.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[cukpw.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[UPGRADE.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[pack4634.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[install779.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000298.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[fyii.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000299.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[ceapjqkx.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000300.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[cstpva.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[Q935788.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[Patch154.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000310.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[ebqtsevc.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[Q571865.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000327.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[cgze.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[patch661.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[Upgrade773.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000337.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[fnxjyxu.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000338.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[becau.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000339.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[dlvvs.exe]
Virus:Exploit/iFrame Disinfected D:\C drive stuff\Netscape from C\Trash[~000340.txt]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[gihvm.exe]
Virus:W32/Gibe.C.worm Disinfected D:\C drive stuff\Netscape from C\Trash[qegoi.exe]
Virus:Trj/Downloader.AXU Disinfected H:\downloads\JackSchitt.exe
  • 0

#7
Jeffmellinger
Posted 25 March 2005 - 02:11 PM

Jeffmellinger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
So the Panda Scan is pretty long. However, it messed up my email!! I had 19,000 in my inbox now there are 224,000! It made about 6 copies of EVERY email! There are a bunch of garbage emails in there now with just jibberish too. Tell me you can help me return it to normal.

Finally, I tried running the Trend Micro Housecall but it kept telling me it couldn't find Netscape's plug-in directory even though I told it exactly where it was.

Here is the latest Hijackthis log.
Logfile of HijackThis v1.99.1
Scan saved at 11:50:50 AM, on 3/25/2005
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\atiptaxx.exe
C:\WINNT\System32\desk95.exe
C:\WINNT\essspk.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Trend Micro\Antivirus\pccguide.exe
C:\Program Files\Trend Micro\Antivirus\PCClient.exe
C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\AdwareFilter\AdwareFilter.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINNT\system32\ntvdm.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = WWW.ESPN.COM
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = WWW.ESPN.COM
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.yahoo.com"); (C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\prefs.js)
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HydarVisionDesktopManager] desk95.exe
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Antivirus\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Antivirus\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe" /run
O4 - HKLM\..\Run: [etbrun] C:\winnt\system32\eliteeju32.exe
O4 - HKLM\..\RunOnce: [MicrosoftAntiSpywareCleaner] C:\Program Files\Microsoft AntiSpyware\gcASCleaner.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - Startup: Netscp.lnk = C:\Program Files\Netscape\Netscape\Netscp.exe
O4 - Global Startup: AdwareFilter Background Protection.lnk = C:\Program Files\AdwareFilter\AdwareFilter.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe

Jeff
  • 0

#8
Guest_thatman_*
Posted 25 March 2005 - 02:19 PM

Guest_thatman_*
  • Guest
Hi Jeffmellinger

That was some list off virus/trojans

Reboot into safemode

Using Windows Explorer delete the following files and folders.

C:\WINNT\NDNuninstall*.exe<--Delete this file
C:\WINNT\System32\tsuninst.exe<--Delete this file
C:\Documents and Settings\Jeff Mellinger\Application Data\sskknwrd.dll<--Delete this file
C:\WINNT\inf\farmmext.inf<--Delete this file
C:\WINNT\EliteSideBar<--Delete the whole folder
C:\Documents and Settings\Jeff Mellinger\Application Data\sskknwrd.dll<--Delete this file
C:\WINNT\dlmax.dll<--Delete this file
C:\Documents and Settings\Jeff Mellinger\.jpi_cache\jar\1.0\javainstaller.jar-4514e5ea-16c793ce.zip<--Delete this file
C:\Documents and Settings\Jeff Mellinger\Application Data\eibi.exe<--Delete this file

Reboot your Pc.

Please run the following free, online virus scans.
http://www.pandasoft...n_principal.htm

Please post the logs From PANDA virus scan and HJT.log we will need them to remove previous infections that have left files on your system.

Kc :tazz:
  • 0

#9
Jeffmellinger
Posted 25 March 2005 - 03:06 PM

Jeffmellinger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Ok, went into safemode, deleted all those files.

I would like to fix my email. It is a mess. Can you help with that? I don't understand why Panda would scan it and then jumble it all up like that. I've got a lot of important back emails in there that I would like to remain intact.

thanks for the help
Jeff
  • 0

#10
Guest_thatman_*
Posted 25 March 2005 - 11:57 PM

Guest_thatman_*
  • Guest
Hi Jeffmellinger

You forgot to post the logs

Panda and HJT.logs Please

Kc :tazz:
  • 0

#11
Jeffmellinger
Posted 26 March 2005 - 02:01 AM

Jeffmellinger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Sorry about that
Here is the hijack log
Logfile of HijackThis v1.99.1
Scan saved at 11:52:45 PM, on 3/25/2005
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\atiptaxx.exe
C:\WINNT\System32\desk95.exe
C:\WINNT\essspk.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Trend Micro\Antivirus\pccguide.exe
C:\Program Files\Trend Micro\Antivirus\PCClient.exe
C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\AdwareFilter\AdwareFilter.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = WWW.ESPN.COM
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = WWW.ESPN.COM
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.yahoo.com"); (C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\default\ckq6lrhg.slt\prefs.js)
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HydarVisionDesktopManager] desk95.exe
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Antivirus\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Antivirus\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe" /run
O4 - HKLM\..\Run: [etbrun] C:\winnt\system32\eliteeju32.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - Startup: Netscp.lnk = C:\Program Files\Netscape\Netscape\Netscp.exe
O4 - Global Startup: AdwareFilter Background Protection.lnk = C:\Program Files\AdwareFilter\AdwareFilter.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe

Here is the 2nd Panda Scan results:
ncident Status Location

Adware:Adware/SaveNow No disinfected Windows Registry
Adware:Adware/IPInsight No disinfected C:\WINNT\farmmext.ini
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Jeff Mellinger\Local Settings\Temporary Internet Files\Ssk.log
Adware:Adware/BTGrab No disinfected Windows Registry
Adware:Adware/nCase No disinfected C:\Documents and Settings\Jeff Mellinger\Local Settings\Temp\Del5A.tmp
Spyware:Spyware/ISTbar No disinfected C:\Documents and Settings\Jeff Mellinger\Local Settings\Temp\GLFBDGLFBD.EXE
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Jeff Mellinger\Local Settings\Temp\i169.tmp
Spyware:Spyware/ISTbar No disinfected C:\RECYCLER\S-1-5-21-776561741-789336058-1708537768-1000\Dc12.zip[InstallerApplet.class]
Adware:Adware/IPInsight No disinfected C:\RECYCLER\S-1-5-21-776561741-789336058-1708537768-1000\Dc6.inf
Spyware:Spyware/ISTbar No disinfected C:\RECYCLER\S-1-5-21-776561741-789336058-1708537768-1000\Dc7.exe
Adware:Adware/PurityScan No disinfected C:\RECYCLER\S-1-5-21-776561741-789336058-1708537768-1000\Dc9.exe
Adware:Adware/BTGrab No disinfected C:\WINNT\inf\btgrab.inf

Obviously much better, but if my email is going to remain this way, I'd have to say I'd rather not have ran the Panda Scan in the first place. I emailed the Panda Tech Support and they said to "remove all of those infected emails and run the scan again". well I deleted the funky ones that had senders/subjects I'd never seen before and were listed as new (does panda group infected emails like that) but it still lists 224,000+ as number of emails when it should be abotu 19,000. All the senders and subjects and dates are still there but 2/3 of the emails are blank. The remaining are either correct or just contain garbage like this:
<TR>
<TD><IMG height=1 src="http://images.ed4.ne...09_b1g3/px.gif" width=40></TD>
<TD><BR>
<FONT face="verdana, arial, helvetica, sans-serif" c
  • 0

#12
Jeffmellinger
Posted 26 March 2005 - 02:11 AM

Jeffmellinger

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
One other thing
I looked at the folder that contains my Inbox file and there are now TWO inbox files which look as follows:
1) C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\Default\ckq6lrhg.slt\Mail\Astound.net
This one states that it's size is 353,129KB and last modified 3/25/2005 1:51am (around the time the Panda Scan would have ended because I let it scan while I went to sleep)
2) C:\Documents and Settings\Jeff Mellinger\Application Data\Mozilla\Profiles\Default\ckq6lrhg.slt\Mail\mail.ca.astound.net
This one states that it's size is 522,688KB and last modified 3/25/2005 11:51pm...which is the last time I checked and received new email....

Does it appear one was created immediately following the scan and is now in use as the current file (the one with all the blanks and messed up emails)?
  • 0

#13
Guest_thatman_*
Posted 26 March 2005 - 04:07 AM

Guest_thatman_*
  • Guest
Hi Jeffmellinger

Welcome to geekstogo

You complain about losing important e-mails, think about the people you have infected.
Every e-mail sent from your system had infected those people, are you going to inform them that your system was full off viruses and they need to get help from a forum like this. And for every one you have contacted when they reply back to you, your system will be infected again with viruses. This is just a merry go round.
How can you say Panda infected me that is not the case Panda scan has cleaned out the Malware on your system

Please read through the instructions before you start (you may want to print this out).

Please set your system to show all files; please see here if you're unsure how to do this.

Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:
O4 - HKLM\..\Run: [etbrun] C:\winnt\system32\eliteeju32.exe
Click on Fix Checked when finished and exit HijackThis.

Reboot into Safe Mode: please see here if you are not sure how to do this.

Using Windows Explorer, locate the following files/folders, and delete them:
C:\winnt\system32\eliteeju32.exe<--Delete this file
C:\WINNT\inf\btgrab.inf<--Delete this file
C:\WINNT\farmmext.ini<--Delete this file
C:\WINNT\system32\eliteewz32.exe<--Delete this file
C:\WINNT\system32\eliteggo32.exe<--Delete this file
C:\WINNT\system32\elitekmz32.exe<--Delete this file
C:\WINNT\system32\elitemik32.exe<--Delete this file
C:\WINNT\system32\elitessp32.exe<--Delete this file
C:\WINNT\system32\tsuninst.exe<--Delete this file
C:\WINNT\NDNuninstall*.exe<--Delete this file
C:\WINNT\System32\tsuninst.exe<--Delete this file
C:\WINNT\EliteSideBar<--Delete this whole folder
C:\WINNT\dlmax.dll<--Delete this file

Exit Explorer.

If you were unable to find any of the files then please follow these additional instructions:
Download Pocket Killbox and unzip it; save it to your Desktop.
Run killbox and click the radio button that says Delete a file on reboot. For each of the files you could not delete, paste them one at a time into the full path of file to delete box and click the red circle with a white cross in it.
The program will ask you if you want to reboot; say No each time until the last one has been pasted in whereupon you should answer Yes.
Let the system reboot.
C:\winnt\system32\eliteeju32.exe
C:\WINNT\inf\btgrab.inf
C:\WINNT\farmmext.ini
C:\WINNT\inf\[b]btgrab.inf
C:\WINNT\inf\[b]farmmext.inf
C:\WINNT\system32\eliteewz32.exe
C:\WINNT\system32\eliteggo32.exe
C:\WINNT\system32\elitekmz32.exe
C:\WINNT\system32\elitemik32.exe
C:\WINNT\system32\elitessp32.exe
C:\WINNT\system32\tsuninst.exe
C:\WINNT\NDNuninstall*.exe
C:\WINNT\System32\tsuninst.exe
C:\WINNT\EliteSideBar
C:\WINNT\dlmax.dll
End off killbox files


Post back a fresh HijackThis log and we will take another look.

Kc :tazz:
  • 0

#14
Guest_thatman_*
Posted 15 April 2005 - 11:18 AM

Guest_thatman_*
  • Guest
No reply from user

Topic closed

Kc
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP