[Browneyedgirl79]

User returned.

Could you please follow steps 1 - 3 in post #13.

Working on it, Thank you for your understanding

[Advertisements]

[hammerman]

[Browneyedgirl79]

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b311709c-a359-11de-a3d8-0019db23048b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b311709c-a359-11de-a3d8-0019db23048b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b311709c-a359-11de-a3d8-0019db23048b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b311709c-a359-11de-a3d8-0019db23048b}\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: Marcy
->Temp folder emptied: 5359136 bytes
->Temporary Internet Files folder emptied: 249281364 bytes
->Java cache emptied: 51587211 bytes
->FireFox cache emptied: 66016216 bytes
->Google Chrome cache emptied: 6304961 bytes
->Flash cache emptied: 2546881 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1315967 bytes
%systemroot%\System32 .tmp files removed: 22653952 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1763611 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 28521216 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 415.00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: Marcy
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.4.1 log created on 05282010_005138

Files\Folders moved on Reboot...
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\VPNX054D\history_manager[3].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\PQC7KN74\My-PC-SO-slow-full-spyware-t276102[1].html moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\MUVVS679\favicon[2].ico moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\MUVVS679\photo[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\LSKVFXCV\iframe[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\LSKVFXCV\im[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\LSKVFXCV\InboxLight[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\LSKVFXCV\tab[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\KKVY7TXL\10[4].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\KKVY7TXL\favicon[1].ico moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\H7SO5UNS\favicon[1].ico moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\H7SO5UNS\profile[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\FJA2P205\01[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\FJA2P205\default[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\FJA2P205\tab[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\8T55SM6S\BuddyList[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\8T55SM6S\ToastFull[2].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\8T55SM6S\ToastMini[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\30B6RIQ9\facebook_com[1].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\2FGWKM6R\favicon[2].ico moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\2FGWKM6R\profile[2].htm moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\Content.IE5\2FGWKM6R\redirectiframe[1].html moved successfully.
C:\Documents and Settings\Marcy\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\WINDOWS\temp\logishrd\LVPrcInj01.dll moved successfully.

Registry entries deleted on Reboot...





Friday, May 28, 2010
Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Friday, May 28, 2010 02:32:13
Records in database: 4191443


Scan settings
scan using the following database extended
Scan archives yes
Scan e-mail databases yes

Scan area My Computer
A:\
C:\
D:\
E:\
F:\
G:\
I:\

Scan statistics
Objects scanned 101044
Threats found 1
Infected objects found 2
Suspicious objects found 0
Scan duration 02:24:54

File name Threat Threats count
C:\Documents and Settings\Marcy\My Documents\My Music\sing me back home - greatest hits.wma Infected: Trojan-Downloader.WMA.Wimad.n 1

C:\Documents and Settings\Marcy\My Documents\My Music\ti whatever you like ring tone.wma Infected: Trojan-Downloader.WMA.Wimad.n 1

Selected area has been scanned.

[hammerman]

hi,

Could you please give me an update on how your computer's running.


-- Step 1 --

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :Files
  C:\Documents and Settings\Marcy\My Documents\My Music\sing me back home - greatest hits.wma
  C:\Documents and Settings\Marcy\My Documents\My Music\ti whatever you like ring tone.wma
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [start explorer]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• This fix will produce a report. Please add this to your reply.

-- Step 2 --

Run OTL and select Minimal Output. Use the Quick Scan button to start a scan.
Please post the OTL report in your reply.

[hammerman]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.