Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help me about.Brontok.A

Started by mordecai , May 30 2008 12:37 PM

  • Please log in to reply

#16
mordecai
Posted 23 June 2008 - 06:01 AM

mordecai

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
here am some prolblems that am still haveing the internet exploer is acting up here is an example of what happens when i close it

problem_that_occours_when_shuting_down_internet_exploer.JPG
and the internet still is going slow

heres all of the thing thats you requested

http://www.megaupload.com/?d=MJAWC3MA that is the cureit file beacsue is it was too big to send

Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: file "C:\docume~1\morde\locals~1\temp\ssqrq.dll" not found!
Deletion of file "C:\docume~1\morde\locals~1\temp\ssqrq.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\documents and settings\morde\local settings\temp\malqbsgx.dll" deleted successfully.
File "C:\WINDOWS\bm3fdffbe8.xml" deleted successfully.
File "C:\WINDOWS\shellnew\bronstab.exe" deleted successfully.
File "C:\WINDOWS\tasks\at1.job" deleted successfully.
File "C:\Documents and Settings\virus clean\desktop\shortcut to ares.lnk" deleted successfully.
File "C:\Documents and Settings\virus clean\local settings\application data\bron.tok.a9.em.bin" deleted successfully.
File "C:\Documents and Settings\virus clean\local settings\application data\lsass.exe" deleted successfully.
File "C:\Documents and Settings\virus clean\local settings\application data\services.exe" deleted successfully.
File "C:\Documents and Settings\virus clean\local settings\application data\smss.exe" deleted successfully.
File "C:\Documents and Settings\virus clean\local settings\application data\winlogon.exe" deleted successfully.
File "C:\Documents and Settings\virus clean\start menu\programs\startup\empty.pif" deleted successfully.
File "c:\documents and settings\all users\application data\microsoft\network\downloader\qmgr0.dat" deleted successfully.
File "c:\documents and settings\all users\application data\microsoft\network\downloader\qmgr1.dat" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\ares" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-5" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\loc.mail.bron.tok" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\ok-sendmail-bron-tok" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.


Explorer killed successfully
[Processes - Non-Microsoft Only]
Process winlogon.exe killed successfully.
C:\Documents and Settings\virus clean\Local Settings\Application Data\winlogon.exe moved successfully.
Process services.exe killed successfully.
C:\Documents and Settings\virus clean\Local Settings\Application Data\services.exe moved successfully.
Process lsass.exe killed successfully.
C:\Documents and Settings\virus clean\Local Settings\Application Data\lsass.exe moved successfully.
[Registry - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\BM3fdffbe8 deleted successfully.
File C:\Documents and Settings\Morde\Local Settings\Temp\malqbsgx.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Bron-Spizaetus deleted successfully.
C:\WINDOWS\ShellNew\bronstab.exe moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Tok-Cirrhatus deleted successfully.
C:\Documents and Settings\virus clean\Local Settings\Application Data\smss.exe moved successfully.
C:\Documents and Settings\virus clean\Start Menu\Programs\Startup\Empty.pif moved successfully.
File ~EmptyValue not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:Explorer.exe "C:\WINDOWS\eksplorasi.exe" deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E9A67D6-12B6-4F4E-B2AB-6ADC181D5AA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E9A67D6-12B6-4F4E-B2AB-6ADC181D5AA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{514A5C49-0C7D-42c3-A71B-38864A269B7A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{514A5C49-0C7D-42c3-A71B-38864A269B7A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6aa6ef62-4486-48b1-b537-02f4ee530301}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6aa6ef62-4486-48b1-b537-02f4ee530301}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B22464DD-8981-498B-A834-E39220C36CCC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B22464DD-8981-498B-A834-E39220C36CCC}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
[Registry - Additional Scans - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages:C:\DOCUME~1\Morde\LOCALS~1\Temp\ssqrq.dll deleted successfully.
File C:\DOCUME~1\Morde\LOCALS~1\Temp\ssqrq.dll not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\Program Files\Ares\Ares.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Morde\My Documents\Ares\Ares.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Morde\My Documents\voeh\VeohClient.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\virus clean\Desktop\Ares.exe deleted successfully.
[Files/Folders - Created Within 30 days]
File C:\WINDOWS\BM3fdffbe8.xml not found!
C:\WINDOWS\WіnSxS folder moved successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
[Files Created - Additional Folder Scans - Non-Microsoft Only]
C:\Documents and Settings\virus clean\Local Settings\Application Data\Ares\Data folder moved successfully.
C:\Documents and Settings\virus clean\Local Settings\Application Data\Ares folder moved successfully.
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-5 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Loc.Mail.Bron.Tok not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Ok-SendMail-Bron-tok not found!
File C:\Documents and Settings\virus clean\Desktop\Shortcut to Ares.lnk not found!
C:\Program Files\Common Files\Оracle folder moved successfully.
[Files/Folders - Modified Within 30 days]
File C:\WINDOWS\BM3fdffbe8.xml not found!
File C:\WINDOWS\WіnSxS not found!
File C:\WINDOWS\tasks\At1.job not found!
File move failed. C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat scheduled to be moved on reboot.
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Ares not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-5 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok.A9.em.bin not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Loc.Mail.Bron.Tok not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Ok-SendMail-Bron-tok not found!
File C:\Documents and Settings\virus clean\Desktop\Shortcut to Ares.lnk not found!
File C:\Program Files\Common Files\Оracle not found!
[Extra Files]
< Purity >
[Empty Temp Folders]
File delete failed. C:\Documents and Settings\virus clean\Local Settings\Temp\~DF8CAE.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
RecycleBin -> emptied.
Explorer started successfully
< End of fix log >
OTScanIt by OldTimer - Version 1.0.15.12 fix logfile created on 06192008_192932

Files moved on Reboot...
File move failed. C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat scheduled to be moved on reboot.
C:\Documents and Settings\virus clean\Local Settings\Temp\~DF8CAE.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.

Attached Files


  • 0

Advertisements

#17
mordecai
Posted 23 June 2008 - 07:58 AM

mordecai

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
i also can not view the folder options in the control pannel and i cannot view the regedit because it say it has been disabled
  • 0

#18
OldTimer
Posted 23 June 2008 - 10:07 AM

OldTimer

    Global Moderator

  • Global Moderator
  • 3,273 posts
Hi mordecai. I've never seen a Curit log that big lol. We still have some things to remove:

Step #1

Please download The Avenger by Swandog46 to your Desktop.
  • Click on Avenger.zip to open the file
  • Extract avenger.exe to your desktop

Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Files to delete:
%userprofile%\local settings\application data\update.9.bron.tok.bin
%userprofile%\my documents\distrow brotonk.doc
Folders to delete:
%userprofile%\local settings\application data\bron.tok-9-10
%userprofile%\local settings\application data\bron.tok-9-11
%userprofile%\local settings\application data\bron.tok-9-12
%userprofile%\local settings\application data\bron.tok-9-13
%userprofile%\local settings\application data\bron.tok-9-14
%userprofile%\local settings\application data\bron.tok-9-15
%userprofile%\local settings\application data\bron.tok-9-16
%userprofile%\local settings\application data\bron.tok-9-17
%userprofile%\local settings\application data\bron.tok-9-18
%userprofile%\local settings\application data\bron.tok-9-19
%userprofile%\local settings\application data\bron.tok-9-6
%userprofile%\local settings\application data\bron.tok-9-9

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Now, start The Avenger program by clicking on its icon on your desktop.
  • Click in the window labeled Input Scrupt Here and paste the text copied to the clipboard into it by pressing (Ctrl+V).
  • Click the Execute button
  • Answer "Yes" twice when prompted.

The Avenger will automatically do the following:
  • It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

Step #2

Start OTScanIt. Copy/Paste the information in the codebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Kill Explorer]
[Unregister Dlls]
[Registry - Non-Microsoft Only]
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions -> 1
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableCMD -> 0
[Files Created - Additional Folder Scans - Non-Microsoft Only]
NY -> Bron.tok-9-10 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-10
NY -> Bron.tok-9-11 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-11
NY -> Bron.tok-9-12 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-12
NY -> Bron.tok-9-13 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-13
NY -> Bron.tok-9-14 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-14
NY -> Bron.tok-9-15 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-15
NY -> Bron.tok-9-16 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-16
NY -> Bron.tok-9-17 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-17
NY -> Bron.tok-9-18 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-18
NY -> Bron.tok-9-19 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-19
NY -> Bron.tok-9-6 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-6
NY -> Bron.tok-9-9 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-9
NY -> Update.9.Bron.Tok.bin -> %UserProfile%\Local Settings\Application Data\Update.9.Bron.Tok.bin
NY -> Distrow brotonk.doc -> %UserProfile%\My Documents\Distrow brotonk.doc
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
NY -> Bron.tok-9-10 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-10
NY -> Bron.tok-9-11 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-11
NY -> Bron.tok-9-12 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-12
NY -> Bron.tok-9-13 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-13
NY -> Bron.tok-9-14 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-14
NY -> Bron.tok-9-15 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-15
NY -> Bron.tok-9-16 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-16
NY -> Bron.tok-9-17 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-17
NY -> Bron.tok-9-18 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-18
NY -> Bron.tok-9-19 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-19
NY -> Bron.tok-9-6 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-6
NY -> Bron.tok-9-9 -> %UserProfile%\Local Settings\Application Data\Bron.tok-9-9
NY -> Update.9.Bron.Tok.bin -> %UserProfile%\Local Settings\Application Data\Update.9.Bron.Tok.bin
NY -> Distrow brotonk.doc -> %UserProfile%\My Documents\Distrow brotonk.doc
[Empty Temp Folders]
[Start Explorer]

The fix should only take a very short time. When the fix is completed a message box will popup either telling you that it is finished, or that a reboot is needed to complete the fix. If the fix is complete, click the Ok button and Notepad will open with a log of actions taken during the fix. Post that log back here in your next reply.

If a reboot is required, click the "Yes" button to reboot the machine. After the reboot, OTScanIt will finish moving any files that could not be moved during the fix and NotePad will open with the final results at that time. Post that log back here in your next reply.

Step #3

Run a new OTScanIt scan with the following options

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.

  • Close ALL OTHER PROGRAMS.
  • Open the OTScanIt folder and double-click on OTScanIt.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).
  • Under Additional Scans click the checkboxes in front of the following items to select them:
    • File - Additional Folder Scans
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it and close Notepad (save changes if necessary).
  • Close OTScanIt and locate the OTScanIt.txt file in the folder where OTScanIt.exe is located.
  • Attach that file back here in your next reply.

Step #4

Copy/paste the following back here in your next reply:
  • The Avenger report (c:\Avenger.txt)
  • The latest OTScanIt fix log (look in the OTScanIt folder for the MovedFiles folder. In that folder will be a file with a name in the form of mmddyyyy_hhmmss.log for month, day, year, hours, minutes, and seconds that the scan was run. )

Attach the following back here in your next reply:
  • The new OTScanIt scan log

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
  • 0

#19
mordecai
Posted 23 June 2008 - 05:57 PM

mordecai

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Explorer killed successfully
[Registry - Non-Microsoft Only]
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableCMD deleted successfully.
[Files Created - Additional Folder Scans - Non-Microsoft Only]
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-10 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-11 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-12 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-13 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-14 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-15 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-16 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-17 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-18 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-19 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-6 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-9 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Update.9.Bron.Tok.bin not found!
File C:\Documents and Settings\virus clean\My Documents\Distrow brotonk.doc not found!
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-10 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-11 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-12 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-13 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-14 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-15 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-16 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-17 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-18 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-19 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-6 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Bron.tok-9-9 not found!
File C:\Documents and Settings\virus clean\Local Settings\Application Data\Update.9.Bron.Tok.bin not found!
File C:\Documents and Settings\virus clean\My Documents\Distrow brotonk.doc not found!
[Empty Temp Folders]
File delete failed. C:\Documents and Settings\virus clean\Local Settings\Temp\~DF12BF.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\virus clean\Local Settings\Temp\~DF2269.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\virus clean\Local Settings\Temp\~DF22A7.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\virus clean\Local Settings\Temp\~DF6582.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\virus clean\Local Settings\Temp\~DF659A.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
RecycleBin -> emptied.
Explorer started successfully
< End of fix log >
OTScanIt by OldTimer - Version 1.0.15.12 fix logfile created on 06232008_211655

Files moved on Reboot...
C:\Documents and Settings\virus clean\Local Settings\Temp\~DF12BF.tmp moved successfully.
File C:\Documents and Settings\virus clean\Local Settings\Temp\~DF2269.tmp not found!
File C:\Documents and Settings\virus clean\Local Settings\Temp\~DF22A7.tmp not found!
File C:\Documents and Settings\virus clean\Local Settings\Temp\~DF6582.tmp not found!
File C:\Documents and Settings\virus clean\Local Settings\Temp\~DF659A.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.

Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\Documents and Settings\virus clean\local settings\application data\update.9.bron.tok.bin" deleted successfully.
File "C:\Documents and Settings\virus clean\my documents\distrow brotonk.doc" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-10" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-11" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-12" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-13" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-14" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-15" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-16" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-17" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-18" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-19" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-6" deleted successfully.
Folder "C:\Documents and Settings\virus clean\local settings\application data\bron.tok-9-9" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
  • 0

#20
mordecai
Posted 23 June 2008 - 05:59 PM

mordecai

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
here is the ost scan report

Attached Files


Edited by mordecai, 23 June 2008 - 06:01 PM.

  • 0

#21
OldTimer
Posted 24 June 2008 - 10:53 AM

OldTimer

    Global Moderator

  • Global Moderator
  • 3,273 posts
Hi mordecai. Everything looks good at the moment. It does look like some cracked somftware was downloaded so if you get re-infected from that you are on your own.

Go ahead and run the system normally for a couple of days and then get back with me and let me know if there are any continuing issues. If everything is Ok at that time, then we have some final cleanup to do and you'll be good to go.

Cheers.

OT
  • 0

#22
mordecai
Posted 24 June 2008 - 12:56 PM

mordecai

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Thanks ever so much. i appreashate all the help u shold be expecting a donationtion from me as soon as possible :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP