Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

need tool for removing win32/spaxlgeneric

Started by sailorboo , Feb 12 2007 03:49 PM

  • This topic is locked This topic is locked

#1
sailorboo
Posted 12 February 2007 - 03:49 PM

sailorboo

    Member

  • Member
  • PipPip
  • 10 posts
i hope i am in the right place i have the trojan win32/spax in my computer. can any one help me please if i posted this in the wrong place i am sorry new to this stuff thanks
  • 0

Advertisements

#2
Flrman1
Posted 12 February 2007 - 05:10 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Hi sailorboo

Welcome to GTG! :whistling:

Please do this:

* Click here to download HJTsetup.exe
  • Save HJTsetup.exe to your desktop.
  • Doubleclick on the HJTsetup.exe icon on your desktop.
  • By default it will install to C:\Program Files\Hijack This.
  • Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
  • Put a check by Create a desktop icon then click Next again.
  • Continue to follow the rest of the prompts from there.
  • At the final dialogue box click Finish and it will launch Hijack This.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
* Also please post an uninstall list for me using the HijackThis Uninstall Manager:
  • Open HijackThis and click on the Open the Misc Tools section button.
  • Click on the Open Uninstall Manager button.
  • Click the Save List button.
  • After you click the "Save List" button, you will be asked where to save the file.
  • Pick a place to save it then the list should open in notepad.
  • Copy and paste that list in your next reply to this thread.

  • 0

#3
sailorboo
Posted 13 February 2007 - 09:17 AM

sailorboo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Logfile of HijackThis v1.99.1
Scan saved at 10:12:50 AM, on 2/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Security Manager\fws.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Video ActiveX Object\pmsngr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Bell\Security Manager\Rps.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Video ActiveX Object\pmmon.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Desktop\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Security Manager\pkR.dll
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Bell\Security Manager\FBHR.dll
O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - C:\Program Files\Video ActiveX Object\isaddon.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Protection Bar - {0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Security Manager] "C:\Program Files\Bell\Security Manager\Rps.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesca.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesca.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1159885585170
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/s...nfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai...l/installer.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F50279E-3570-4F80-92FF-09705CCEAB4E}: NameServer = 206.47.244.50 206.47.244.91
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: eupeptic - {8670ee50-01f9-47da-ac1e-cf8549e9e521} - C:\WINDOWS\system32\axlet.dll
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Security Manager Firewall (RP_FWS) - Radialpoint Inc. - C:\Program Files\Bell\Security Manager\fws.exe
  • 0

#4
sailorboo
Posted 13 February 2007 - 11:41 AM

sailorboo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
thanks for the help on this site by doing alot of reading and looking around on this site i found out what to do and the bugs seem to be all out of the computer thanks to all of you
  • 0

#5
Flrman1
Posted 13 February 2007 - 07:56 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
I realize that you think everything is clean, but in most cases there are leftover files and registry entries that need cleaning. I don't know exactly what you have already done so please bear with me and follow the directions below. I want to be certain that you are indeed clean before I send you on your way.

You definitely have an outdated version of Java installed and you may have more than one old vulnerable version installed so that needs to be dealt with. The best way for me to help you with that and posiibly other issues is to see the uninstall list that I asked you to post in my first post. Please post that uninstall list for me now:

* Post an uninstall list for me using the HijackThis Uninstall Manager:
  • Open HijackThis and click on the Open the Misc Tools section button.
  • Click on the Open Uninstall Manager button.
  • Click the Save List button.
  • After you click the "Save List" button, you will be asked where to save the file.
  • Pick a place to save it then the list should open in notepad.
  • Copy and paste that list in your next reply to this thread.
*** Before you post that uninstall list, go ahead and do the following:

* Click here to download SmitfraudFix.zip and save it to your desktop.
  • Unzip (extract) the contents of SmitfraudFix.zip to a new SmitfraudFix folder on your desktop.
  • Open the SmitfraudFix folder and double-click the smitfraudfix.cmd file.
  • Select option #1 - Search by typing 1 and press "Enter"
  • A text file will appear, which lists the infected files that it finds, if any.
  • Copy and paste the contents of that report into your next reply to this thread.
Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.


* Run ActiveScan online virus scan here

When the scan is finished, click on the "Save Report" button an save the results of the scan to your desktop.

Note: You have to use Internet Explorer to do the online scan.

Come back to this thread and post the following logs:
A new HiJackThis log
The results from ActiveScan
The Uninstall List
  • 0

#6
sailorboo
Posted 14 February 2007 - 12:06 PM

sailorboo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
SmitFraudFix v2.141

Scan done at 13:05:05.12, Wed 02/14/2007
Run from C:\Documents and Settings\Randy\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Randy


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Randy\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Randy\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End
  • 0

#7
sailorboo
Posted 14 February 2007 - 12:09 PM

sailorboo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Incident Status Location

Adware:adware/azesearch Not disinfected C:\Documents and Settings\Randy\Favorites\pharmacy\[bleep] Enlargement.url
Adware:adware/cws Not disinfected C:\Documents and Settings\Randy\Favorites\-Autos-
Adware:Adware/DownloadWare Not disinfected C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\updD.tmp[NE.dll]
Adware:Adware/WinTools Not disinfected C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\~536898.tmp
Adware:Adware/WinTools Not disinfected C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\~547882.tmp
Adware:Adware/WinTools Not disinfected C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\~583383.tmp
Adware:Adware/WinTools Not disinfected C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\~596372.tmp
Spyware:Cookie/Atlas DMT Not disinfected C:\Backup\Documents and Settings\RANDY\Cookies\[email protected][2].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Bailey\Cookies\[email protected][2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Bailey\Cookies\[email protected][2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Bailey\Cookies\[email protected][1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Bailey\Cookies\[email protected][2].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Bailey\Cookies\[email protected][1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Bailey\Cookies\[email protected][2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Jane\Cookies\[email protected][2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Jane\Cookies\[email protected][1].txt
Hacktool:Exploit/Metafile Not disinfected C:\Documents and Settings\Jane\Local Settings\Temporary Internet Files\Content.IE5\CLE5ZWH9\xpladv605[1].wmf
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Randy\Desktop\SmitfraudFix\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Randy\Desktop\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Randy\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Randy\Desktop\smitRem.exe[smitRem/Process.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Randy\Desktop\VirtumundoBeGone.exe[²ƒÇ]
Spyware:Cookie/2o7 Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Abetterinternet Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/PointRoll Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Apmebf Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/GoClick Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/CentrPort Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Twain-Tech Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Go Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Hitbox Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Internetfuel Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/DomainSponsor Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Maxserving Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/2o7 Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Overture Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Overture Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/QkSrv Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/WUpd Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Rn11 Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Santa Monica networks inc Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Statcounter Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Tickle Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/Advnt Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Eyeblaster Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/X10 Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Adserver Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][2].txt
Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc1\[email protected][1].txt
Spyware:Cookie/2o7 Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/2o7 Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][3].txt
Spyware:Cookie/AdDynamix Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/PointRoll Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Apmebf Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Falkag Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Atwola Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/bravenetA Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/BurstNet Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Enhance Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/GoClick Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/GoStats Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Ccbill Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/CentrPort Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][4].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][6].txt
Spyware:Cookie/Bridgetrack Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Com.com Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/cs.sexcounter Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Belnk Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Go Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Kmpads Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/2o7 Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/2o7 Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Overture Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/WegCash Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/WUpd Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Rn11 Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Searchportal Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/onestat.com Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Statcounter Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Tickle Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/Tucows Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/WebPower Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Adserver Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\S-1-5-21-1801674531-1645522239-682003330-1006\Dc2\[email protected][1].txt
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\Fifoed\A0020941.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\Fifoed\A0020942.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\Fifoed\A0020950.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\Fifoed\A0020951.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP195\A0021092.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP195\A0021093.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP196\A0021114.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP196\A0021115.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP196\A0021133.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP196\A0021134.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP197\A0021147.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP197\A0021153.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP197\A0021168.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP197\A0021169.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP198\A0022168.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP198\A0022169.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP198\A0022183.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP198\A0022184.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP199\A0022193.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP199\A0022194.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP200\A0022207.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP200\A0022208.exe
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP205\A0022222.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP205\A0022223.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP205\A0022232.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0023231.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0023232.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0023242.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0023243.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0024242.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0024243.exe
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0024253.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0025253.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0025254.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP208\A0025266.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP208\A0025267.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0025316.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0025317.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026322.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026323.exe
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026324.exe
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026331.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026332.dll
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026342.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026348.exe
Adware:Adware/VideoActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP214\A0026357.dll
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP214\A0026358.exe
Adware:Adware/ImageActiveXObject Not disinfected C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP214\A0026359.exe
  • 0

#8
sailorboo
Posted 14 February 2007 - 12:11 PM

sailorboo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Adobe Download Manager 2.0 (Remove Only)
Adobe Reader 7.0.8
Adobe Shockwave Player
ATI Display Driver
Creative Mass Storage Drivers
Google Toolbar for Internet Explorer
Hijackthis 1.99.1
HijackThis 1.99.1
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
J2SE Runtime Environment 5.0 Update 6
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
MSXML 4.0 SP2 (KB927978)
Panda ActiveScan
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Sympatico Security Advisor 1.4.10
Sympatico Security Manager
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB931836)
Windows Defender
Windows Defender Signatures
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
Yahoo! extras
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar
  • 0

#9
Flrman1
Posted 14 February 2007 - 07:27 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
* Go to Add/Remove programs and uninstall this old version of Java:

J2SE Runtime Environment 5.0 Update 6


* Click here to download ATF Cleaner by Atribune and save it to your desktop.


* Click Here and download Killbox and save it to your desktop.


* Click here for info on how to boot to safe mode if you don't already know how.


* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to.


* Restart your computer into safe mode now. Perform the following steps in safe mode:


* Double-click on Killbox.exe to run it.
  • Put a tick by Standard File Kill.
  • In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time:

    C:\Documents and Settings\Randy\Favorites\pharmacy\[bleep] Enlargement.url

    C:\Documents and Settings\Randy\Favorites\-Autos-

  • Click on the button that has the red circle with the X in the middle after you enter each file.
  • It will ask for confimation to delete the file.
  • Click Yes.
  • Continue with that procedure until you have pasted all of these in the "Paste Full Path of File to Delete" box.
  • Killbox may tell you that one or more files do not exist.
  • If that happens, just continue on with all the files. Be sure you don't miss any.
  • Exit the Killbox.
* Run ATF Cleaner:
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.
  • If you use Firefox:
  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera:
  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
[*]Click Exit on the Main menu to close the program.
[/list]* Restart back into Windows normally now.


* Go here and do the BitDefender online virus scan.
  • Click "I Agree" to agree to the EULA.
  • Allow the ActiveX control to install when prompted.
  • Click "Click here to scan" to begin the scan.
  • Please refrain from using the computer until the scan is finished.
  • When the scan is finished, click on "Click here to export the scan results"
  • Save the report to your desktop then come back here and attach it to your next reply along with a new Hijack This log..

  • 0

#10
Flrman1
Posted 14 February 2007 - 07:29 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
I had to edit my post. Please check it again before you proceed.
  • 0

Advertisements

#11
sailorboo
Posted 15 February 2007 - 08:15 AM

sailorboo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
BitDefender Online Scanner



Scan report generated at: Thu, Feb 15, 2007 - 09:07:56





Scan path: A:\;C:\;D:\;E:\;







Statistics

Time
01:02:48

Files
205180

Folders
5592

Boot Sectors
3

Archives
2534

Packed Files
9657




Results

Identified Viruses
3

Infected Files
50

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
50




Engines Info

Virus Definitions
421191

Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\~536898.tmp
Infected with: Trojan.Wintools.J

C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\~536898.tmp
Disinfection failed

C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\~536898.tmp
Deleted

C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\~547882.tmp
Infected with: Trojan.Wintools.J

C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\~547882.tmp
Disinfection failed

C:\Backup\Documents and Settings\BAILEY\Local Settings\Temp\~547882.tmp
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000450.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000450.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000450.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000474.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000474.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000474.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000477.dll
Infected with: Trojan.FakeAlert.AO

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000477.dll
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000477.dll
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000479.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000479.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP23\A0000479.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP3\A0000008.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP3\A0000008.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}\RP3\A0000008.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\Fifoed\A0020942.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\Fifoed\A0020942.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\Fifoed\A0020942.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\Fifoed\A0020951.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\Fifoed\A0020951.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\Fifoed\A0020951.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP195\A0021093.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP195\A0021093.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP195\A0021093.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP196\A0021115.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP196\A0021115.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP196\A0021115.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP196\A0021134.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP196\A0021134.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP196\A0021134.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP197\A0021153.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP197\A0021153.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP197\A0021153.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP197\A0021169.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP197\A0021169.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP197\A0021169.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP198\A0022169.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP198\A0022169.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP198\A0022169.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP198\A0022184.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP198\A0022184.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP198\A0022184.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP199\A0022194.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP199\A0022194.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP199\A0022194.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP200\A0022208.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP200\A0022208.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP200\A0022208.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP205\A0022222.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP205\A0022222.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP205\A0022222.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP205\A0022232.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP205\A0022232.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP205\A0022232.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0023232.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0023232.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0023232.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0023243.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0023243.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0023243.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0024243.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0024243.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0024243.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0024253.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0024253.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0024253.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0025254.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0025254.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP206\A0025254.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP208\A0025267.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP208\A0025267.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP208\A0025267.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0025317.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0025317.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0025317.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026323.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026323.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026323.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026331.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026331.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026331.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026348.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026348.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP213\A0026348.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP214\A0026358.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP214\A0026358.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP214\A0026358.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP215\A0026371.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP215\A0026371.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP215\A0026371.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP215\A0026385.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP215\A0026385.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP215\A0026385.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP216\A0026392.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP216\A0026392.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP216\A0026392.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP216\A0026402.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP216\A0026402.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP216\A0026402.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP217\A0026422.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP217\A0026422.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP217\A0026422.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026471.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026471.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026471.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026480.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026480.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026480.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026494.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026494.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026494.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026509.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026509.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP219\A0026509.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP220\A0027513.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP220\A0027513.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP220\A0027513.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP220\A0027521.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP220\A0027521.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP220\A0027521.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP221\A0027570.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP221\A0027570.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP221\A0027570.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP221\A0027605.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP221\A0027605.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP221\A0027605.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP221\A0027614.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP221\A0027614.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP221\A0027614.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP222\A0027636.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP222\A0027636.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP222\A0027636.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028636.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028636.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028636.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028650.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028650.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028650.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028659.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028659.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028659.exe
Deleted

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028675.exe
Infected with: Trojan.Zlob.2.Gen

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028675.exe
Disinfection failed

C:\System Volume Information\_restore{4357F834-276B-4FBF-856E-732FDC3AA0FA}(2)\RP223\A0028675.exe
Deleted
  • 0

#12
sailorboo
Posted 15 February 2007 - 08:16 AM

sailorboo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Logfile of HijackThis v1.99.1
Scan saved at 9:15:58 AM, on 2/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Security Manager\fws.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bell\Security Manager\Rps.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Documents and Settings\All Users\Desktop\Hijackthis\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Security Manager\pkR.dll
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Bell\Security Manager\FBHR.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Security Manager] "C:\Program Files\Bell\Security Manager\Rps.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesca.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesca.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1159885585170
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/s...nfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai...l/installer.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F50279E-3570-4F80-92FF-09705CCEAB4E}: NameServer = 206.47.244.50 206.47.244.91
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Security Manager Firewall (RP_FWS) - Radialpoint Inc. - C:\Program Files\Bell\Security Manager\fws.exe
  • 0

#13
sailorboo
Posted 15 February 2007 - 08:25 AM

sailorboo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
i hope this helps you i am not good at this stuff but still trying thanks for all the help so far .my windows defender needs to be reset i tryed to do it but with no luck any help on that would be a great help. and again thanks for everything you are doing for me. :whistling:
  • 0

#14
Flrman1
Posted 15 February 2007 - 06:42 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
You should be good to go now as far as the malware goes.

What do you mean "my windows defender needs to be reset"? I have no idea what this means.
  • 0

#15
sailorboo
Posted 16 February 2007 - 04:38 AM

sailorboo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
when i start up the computer a box come's up and say that windows defender is not running and to shut down and restart but that way does not work. or to reset it manually but i can not find how to reset it manually. and thank you for all the help you gave me.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP