Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Dr Watson Postmortem Debugger error


  • Please log in to reply

#1
Calipepe

Calipepe

    Member

  • Member
  • PipPip
  • 12 posts
Sometimes I am a little too trusting! With my Norton 2005 Antivirus updated and enabled, I opened what looked to be a jpeg file. Legs.f5434.exe is its name to be exact, or A.K.A Worm.Bagle.br. This e-mail was sent on 6-27 at 1:49pm from kgb705@hanmail.net. My brother is an IS guy, and he checked his work logs and they had gotten it at the same time. Ewido rocks! I ran Ad-aware and Spybot, and my Norton Anti-Virus, and Norton said it was clean. Rundll is now having a fit loading the WildTangent game file, and Norton was kicking out an error that said it had a problem with the Integrator. Any thoughts? Thank You. Here is my Ewido report:

-------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 7:50:20 AM, 6/30/2005
+ Report-Checksum: 13A88CBB

+ Date of database: 6/30/2005
+ Version of scan engine: v3.0

+ Duration: 48 min
+ Scanned Files: 158136
+ Speed: 54.23 Files/Second
+ Infected files: 36
+ Removed files: 36
+ Files put in quarantine: 36
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0

+ Binder: Yes
+ Crypter: Yes
+ Archives: Yes

+ Scanned items:
C:\

+ Scan result:
C:\Documents and Settings\Administrator.YOUR-041D0AB995\Cookies\administrator@atdmt[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Administrator.YOUR-041D0AB995\Cookies\administrator@cgi-bin[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Administrator.YOUR-041D0AB995\Cookies\administrator@com[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Administrator.YOUR-041D0AB995\Cookies\administrator@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Administrator.YOUR-041D0AB995\Cookies\administrator@spylog[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@cgi-bin[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@com[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@search.msn[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@zedo[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1 for Legs.zip\f5434.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP1\A0000168.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP1\A0000174.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP1\A0000180.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP1\A0001180.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP2\A0002254.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP2\A0002286.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP2\A0002677.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP3\A0002812.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP3\A0003809.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP4\A0003821.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP4\A0003829.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP4\A0005872.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP4\A0006303.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP4\A0006392.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP5\A0006749.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP5\A0007776.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP5\A0008777.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP5\A0009811.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP6\A0009829.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume Information\_restore{CF79470C-79F7-4821-8E34-8E6EA7D3E7B5}\RP6\A0010829.exe -> Worm.Bagle.br -> Cleaned with backup
C:\System Volume
  • 0

Advertisements


#2
ilago

ilago

    Visiting Staff

  • Visiting Consultant
  • 363 posts
Hi Calipepe

Could you please do a HijackThis log as explained here http://www.geekstogo...?showtopic=2852 The instructions for using HijackThis are towards the end of the topic.

This will help us see what is happening on your computer so we can help.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP