Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

AURORA SPYWARE [RESOLVED]


  • This topic is locked This topic is locked

#16
Mattoman_501

Mattoman_501

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
I think ive beaten Aurora beacuse i havnt seen it for awhile im scanning now on that site thanks mate
  • 0

Advertisements


#17
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
No problem.

Let me know what it finds. Then we can have another go at your log.

Regards,
  • 0

#18
Mattoman_501

Mattoman_501

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Results:
We have detected 10 infected file(s) with 16 virus(es) on your computer. Only 0 out of 0 infected files are displayed: - 0 virus(es) passed, 16 virus(es) no action available
- 0 virus(es) cleaned, 0 virus(es) uncleanable
- 0 virus(es) deleted, 0 virus(es) undeletable
- 0 virus(es) not found, 0 virus(es) unaccessible
Detected File Associated Virus Name Action Taken
F:\Documents and Settings\Matt\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-2fa9f21f-51083672.zip
- GetAccess.class JAVA_BYTEVER.A No action available
- InsecureClassLoader.class JAVA_BYTEVER.A No action available
- Dummy.class JAVA_BYTEVER.A No action available
- Installer.class JAVA_BYTEVER.A No action available
F:\Documents and Settings\Matt\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-652b4e66-2d4cd636.zip
- Beyond.class JAVA_BYTEVER.A No action available
F:\Documents and Settings\Matt\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6699b1e6-283b97bd.zip
- Beyond.class JAVA_BYTEVER.A No action available
F:\Documents and Settings\Matt\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\msjld.jar-6604b080-3cc7cae3.zip
- GetAccess.class JAVA_BYTEVER.A No action available
- InsecureClassLoader.class JAVA_BYTEVER.A No action available
- Dummy.class JAVA_BYTEVER.A No action available
- Installer.class JAVA_BYTEVER.A No action available
F:\Documents and Settings\Matt\Desktop\Matts Stuff\RollerCoaster Tycoon - Added Attractions + 01 Trainer\RollerCoaster Tycoon - Added Attractions + 01 Trainer.exe TROJ_MULDROP.420 No action available
F:\Documents and Settings\Matt\Local Settings\Temp\THI6900.tmp\twaintec.cab
- polall1m.exe TROJ_AGENT.EG No action available
F:\Documents and Settings\Matt\Local Settings\Temp\alchem.cab
- alchem.exe TROJ_ALCHEMIC.A No action available
F:\Documents and Settings\Matt\Local Settings\Temp\satmat.cab
- satmat.exe TROJ_STUBBY.D No action available
F:\Documents and Settings\Matt\Local Settings\Temp\twaintec.cab
- polall1m.exe TROJ_AGENT.EG No action available
F:\Documents and Settings\Matt\My Documents\My Received Files\^KooL^piK^.exe JOKE_GHOST.A No action available

\
\
\

What we checked:
Malicious activity by a Trojan horse program. Although a Trojan seems like a harmless program, it contains malicious code and once installed can cause damage to your computer.
Results:
We have detected 7 Trojan horse program(s) and worm(s) on your computer. Only 0 out of 0 Trojan horse programs and worms are displayed: - 0 worm(s)/Trojan(s) passed, 7 worm(s)/Trojan(s) no action available
- 0 Worm(s)/Trojan(s) deleted, 0 worm(s)/Trojan(s) undeletable
Trojan/Worm Name Trojan/Worm Type Action Taken
WORM_RBOT.AZ Worm No action available
WORM_SDBOT.QV Worm No action available
WORM_RBOT.LV Worm No action available
WORM_WOOTBOT.S Worm No action available
WORM_WOOTBOT.DF Worm No action available
WORM_WOOTBOT.DU Worm No action available
WORM_SDBOT-5 Worm No action available




Spyware Check

What we checked:
Whether personal information was tracked and reported by spyware. Spyware is often installed secretly with legitimate programs downloaded from the Internet.
Results:
We have detected 0 spyware(s) on your computer. Only 0 out of 0 spywares are displayed: - 0 spyware(s) passed, 0 spyware(s) no action available
- 0 spyware(s) removed, 0 spyware(s) unremovable
Spyware Name Spyware Type Action Taken




Microsoft Vulnerability Check

What we checked:
Microsoft known security vulnerabilities. These are issues Microsoft has identified and released Critical Updates to fix.
Results:
We have detected 0 vulnerability/vulnerabilities on your computer. Only 0 out of 0 vulnerabilities are displayed.
Risk Level Issue How to Fix




I think it didnt clean them
  • 0

#19
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Check the items listed below in HijackThis, close all windows except HijackThis and click Fix checked:

O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - F:\WINDOWS\2_0_1browserhelper2.dll (file missing)

O4 - HKCU\..\Run: [$WindowsRegKey%update] IEXPLORE.EXE
O4 - HKCU\..\Run: [Task manager] TikTo.exe

O4 - Global Startup: KODAK Software Updater.lnk = F:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe

O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolba...006_regular.cab

Reboot and update Windows and IE to SP1.

Post back with a new log.
Will you be renewing the KAV updates?

Regards,
  • 0

#20
Mattoman_501

Mattoman_501

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Unfortunatly i cant update IE to SP1 sue to invalid CD KEY, everything is all good now exept the viruses that online scanner picked up. I might go out and buy norton or somthing for future defense

Thanks again for all your help, I would be pulling my hair out otherwise
  • 0

#21
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP