Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

AntiVirus XP 2008 - Please HELP! [CLOSED]


  • This topic is locked This topic is locked

#16
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello Yooniexchic,

No problem we have a number of alternatives. Here is one. Lets try it and see how you go.

For what it's worth I don't think this is Kaspersky's fault. It could be a conflict but it could also be malware interfering.

Panda only works if you are using Internet Explorer.

Please go HERE to run Panda's ActiveScan
" Once you are on the Panda site click the Scan your PC button
" A new window will open...click the Check Now button
" Enter your Country
" Enter your State/Province
" Enter your e-mail address and click send
" Select either Home User or Company
" Click the big Scan Now button
" If it wants to install an ActiveX component allow it
" It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
" When download is complete, click on My Computer to start the scan
" When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report
  • 0

Advertisements


#17
Yooniexchic

Yooniexchic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Hiii!
Here is the Panda ActiveScan results:

;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-08-29 12:11:36
PROTECTIONS: 1
MALWARE: 11
SUSPECTS: 5
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
Kaspersky Anti-Virus 8.0.0.454 No Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Enoch\Cookies\[email protected][2].txt
00139535 Application/Processor HackTools No 0 Yes No C:\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Enoch\Desktop\SmitfraudFix\SmitfraudFix\Process.exe
00139535 Application/Processor HackTools No 0 No No C:\Software\SDFix.exe[C:\Software\SDFix.exe][SDFix\apps\Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe
00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\Enoch\Desktop\SmitfraudFix.exe[C:\Documents and Settings\Enoch\Desktop\SmitfraudFix.exe][SmitfraudFix\Process.exe]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Enoch\Cookies\[email protected][2].txt
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Enoch\Application Data\Mozilla\Firefox\Profiles\evx9vdkf.default\cookies.txt[.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Enoch\Application Data\Mozilla\Firefox\Profiles\evx9vdkf.default\cookies.txt[.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Enoch\Application Data\Mozilla\Firefox\Profiles\evx9vdkf.default\cookies.txt[.did-it.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Enoch\Cookies\[email protected][1].txt
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Documents and Settings\Enoch\Desktop\SmitfraudFix\SmitfraudFix\Reboot.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 No No C:\Documents and Settings\Enoch\Desktop\SmitfraudFix.exe[C:\Documents and Settings\Enoch\Desktop\SmitfraudFix.exe][SmitfraudFix\Reboot.exe]
02930446 Generic Trojan Virus/Trojan No 0 Yes No C:\Software\Winamp.Pro.v5.54.Multilingual.Incl.Keymaker-CORE\keygen.exe
02930446 Generic Trojan Virus/Trojan No 0 No No C:\Software\winamp.pro.v5.54.multilingual.incl.keymaker-core.rar[Winamp.Pro.v5.54.Multilingual.Incl.Keymaker-CORE\keygen.exe]
03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\blphcafaj0er5p.scr.vir
03408118 Application/AntivirusXP2008 HackTools No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\pphcafaj0er5p.exe.vir
03445477 Adware/MalwareAlarm Adware No 1 No No C:\Documents and Settings\Enoch\Desktop\SmitfraudFix.exe[C:\Documents and Settings\Enoch\Desktop\SmitfraudFix.exe][SmitfraudFix\IEDFix.exe]
03477685 Generic Worm Virus/Worm No 0 Yes No C:\Documents and Settings\Enoch\Desktop\SmitfraudFix.exe
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location j
;===============================================================================
=================================================================================
===================
No C:\Documents and Settings\Enoch\Desktop\ComboFix.exe j
No C:\Program Files\VideoCacheView\VideoCacheView.exe j
No C:\QooBox\Quarantine\C\Program Files\RichVideoCodec\MultiLoader.dll.vir j
No C:\Software\NERO 8\Nero 8.x Keymaker - EMBRACE\Nero 8.x KeyGen.exe j
No C:\Software\videocacheview_setup.exe[VideoCacheView.exe] j
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description j
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
  • 0

#18
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello Yooniexchic,

Use of Keygens always results in infection. You will not receive help again from here if you persist in using these programs.

Please download DirLook by jpshortstuff from here.
  • Double-click DirLook.exe to run it.
  • Ensure that Show Hidden Files/Folders and BBCode Ouput are both checked.
  • Copy the content of the following codebox into the main textfield:

    C:\Software
  • Click the DirLook button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply. (Note: The log can also be found at C:\dl_log.txt)
Note: Scanning may take longer for large folders.

Now
  • Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    [kill explorer]
    C:\Software\NERO 8\Nero 8.x Keymaker - EMBRACE
    C:\Software\Winamp.Pro.v5.54.Multilingual.Incl.Keymaker-CORE
    purity
    EmptyTemp
    [start explorer]
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

When you return please post
  • OTMoveIt report
  • a fresh HijackThis log

  • 0

#19
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP