Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

win32 p2p worm,altnetBDE and IBIS toolbar


  • Please log in to reply

#1
sunya

sunya

    New Member

  • Member
  • Pip
  • 2 posts
Logfile of HijackThis v1.99.1
Scan saved at 3:43:26 PM, on 9/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Promon.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\conime.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Documents and Settings\Shane\Desktop\hijackthis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\system\imginet.dll
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [V3Start] C:\Program Files\NeoWiz\V3Update\V3Start.exe
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE"
O4 - HKCU\..\Run: [a2pqRXM7j] exebvm60.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Verizon Online Control Pad\VerizonControlPad.Exe
O9 - Extra 'Tools' menuitem: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Verizon Online Control Pad\VerizonControlPad.Exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {29C13B62-B9F7-4CD3-8CEF-0A58A1A99441} (MSN Chat Control 4.1) - http://fdl.msn.com/p...t/msnchat41.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_1_0_0_44.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by14fd.bay14....es/MsnPUpld.cab
O16 - DPF: {6FE760D3-7851-4879-8838-62D9881D7177} (IniMasHandler Class) - http://www.bccard.co...niMasPlugin.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installen...gine/isetup.cab
O16 - DPF: {AD66F420-3AB3-43EE-B1E7-304D21084009} (view_card Class) - http://211.176.60.11.../letteecard.cab
O16 - DPF: {D5FC2094-4B01-4F6C-A07C-E247C9442E5A} (AvatarWeb Control) - http://www.msnplus.c...x/AvatarWeb.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.app.../ITDetector.cab
O20 - Winlogon Notify: imginet - C:\WINDOWS\system\imginet.dll
O20 - Winlogon Notify: infosys - C:\WINDOWS\repair\infosys.dll (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

i ran ad-aware and i have found that my computer has a p2pworm, altnetBDE and IBIS toolbar. please help, thanks in advance
  • 0

Advertisements


#2
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Download and unzip BFUzip from http://computercops..../Merijn/bfu.zip
Run the program and click the Web button as shown here:
Posted Image

Use this URL to copy into the address bar of the Download script window:
http://metallica.geekstogo.com/p2pnetwork.bfu

Execute the script by clicking the Execute button.

If you have any quetions about the use of BFU please read here:
http://metallica.gee...structions.html


Then download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to extract the files
  • This will create a VundoFix folder on your desktop.
  • After the files are extracted, please reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.
  • Once in safe mode open the VundoFix folder and doubleclick on KillVundo.bat
  • You will first be presented with a warning and a list of forums to seek help at.
    it should look like this

    VundoFix V2.1 by Atri
    By pressing enter you agree that you are using this at your own risk
    Please seek assistance at one of the following forums:
    http://www.atribune.org/forums
    http://www.247fixes.com/forums
    http://www.geekstogo.com/forum
    http://forums.net-integration.net

  • At this point press enter one time.
  • Next you will see:

    Type in the filepath as instructed by the forum staff
    Then Press Enter, Then F6, Then Enter Again to continue with the fix.

  • At this point please type the following file path (make sure to enter it exactly as below!):
    • C:\WINDOWS\system\imginet.dll
  • Press Enter, then press the F6 key, then press Enter one more time to continue with the fix.
  • Next you will see:

    Please type in the second filepath as instructed by the forum staff
    Then Press Enter, Then F6, Then Enter Again to continue with the fix.

  • At this point please type the following file path (make sure to enter it exactly as below!):C:\WINDOWS\system\tenigmi.* This will be the vundo filename spelt backwards. for example if the vundo dll was vundo.dll you would have the user enter odnuv.*
  • Press Enter, then press the F6 key, then press Enter one more time to continue with the fix.
  • The fix will run then HijackThis will open.
  • In HiJackThis, please place a check next to the following items and click FIX CHECKED:O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\system\imginet.dll

    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto

    O4 - HKCU\..\Run: [a2pqRXM7j] exebvm60.exe

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)

    O20 - Winlogon Notify: imginet - C:\WINDOWS\system\imginet.dll
    O20 - Winlogon Notify: infosys - C:\WINDOWS\repair\infosys.dll (file missing)
  • After you have fixed these items, close Hijackthis and Press any key to Force a reboot of your computer.
  • Pressing any key will cause a "Blue Screen of Death" this is normal, do not worry!
  • Once your machine reboots please continue with the instructions below.
Download and install CleanUp!

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Cleanup! All Users
Click OK
Press the CleanUp! button to start the program.

It may ask you to reboot at the end, click NO.

Then, please run this online virus scan: ActiveScan

Copy the results of the ActiveScan and paste them here along with a new HiJackThis log and the vundofix.txt file from the vundofix folder into this topic.

Regards,
  • 0

#3
sunya

sunya

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Logfile of HijackThis v1.99.1
Scan saved at 12:55:08 PM, on 9/18/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\Promon.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Shane\Desktop\hijackthis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [V3Start] C:\Program Files\NeoWiz\V3Update\V3Start.exe
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Verizon Online Control Pad\VerizonControlPad.Exe
O9 - Extra 'Tools' menuitem: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Verizon Online Control Pad\VerizonControlPad.Exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {29C13B62-B9F7-4CD3-8CEF-0A58A1A99441} (MSN Chat Control 4.1) - http://fdl.msn.com/p...t/msnchat41.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_1_0_0_44.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by14fd.bay14....es/MsnPUpld.cab
O16 - DPF: {6FE760D3-7851-4879-8838-62D9881D7177} (IniMasHandler Class) - http://www.bccard.co...niMasPlugin.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installen...gine/isetup.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O16 - DPF: {AD66F420-3AB3-43EE-B1E7-304D21084009} (view_card Class) - http://211.176.60.11.../letteecard.cab
O16 - DPF: {D5FC2094-4B01-4F6C-A07C-E247C9442E5A} (AvatarWeb Control) - http://www.msnplus.c...x/AvatarWeb.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.app.../ITDetector.cab
O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

VUNDOFIX.TXT

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Suspending PID 132 'smss.exe'
Threads [136][140][144]

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 732 'explorer.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Error, Cannot find a process with an image name of rundll32.exe

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 208 'winlogon.exe'
File Deleted sucessfully.
Files Deleted sucessfully.

Active Scan

Incident Status Location

Adware:adware/superspider No disinfected C:\WINDOWS\system32\jac.dll
Adware:Adware/Look2Me No disinfected C:\WINDOWS\system32\msguard.dll
Spyware:Spyware/Virtumonde No disinfected C:\WINDOWS\repair\__delete_on_reboot__infosys.dll
Virus:Trj/Dissec.A Disinfected C:\WINDOWS\20dab.exe
Virus:Bck/Agent.K Disinfected C:\WINDOWS\poiudvp.exe.tcf
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\WebCounter.jar-53ebf3b-7bf8b949.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\WebCounter.jar-53ebf3b-7bf8b949.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\WebCounter.jar-53ebf3b-7bf8b949.zip[WebCounter.class]
Virus:Trj/Shinwow.A Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\WebCounter.jar-53ebf3b-7bf8b949.zip[a.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-29348303.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-29348303.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-29348303.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-29348303.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\classload.jar-d350ec1-7b6c4254.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\classload.jar-d350ec1-7b6c4254.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\classload.jar-d350ec1-7b6c4254.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\classload.jar-d350ec1-7b6c4254.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\loaderadv292.jar-3778142a-4fb7e2fb.zip[Counter.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\loaderadv292.jar-3778142a-4fb7e2fb.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\loaderadv292.jar-3778142a-4fb7e2fb.zip[Matrix.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\loaderadv292.jar-3778142a-4fb7e2fb.zip[Parser.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\playup_ro.jar-45c6f3d0-72065384.zip[Bubble.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\playup_ro.jar-45c6f3d0-72065384.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\playup_ro.jar-45c6f3d0-72065384.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\playup_ro.jar-45c6f3d0-72065384.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\count4.jar-47cfe281-3c86c4d0.zip[BB.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\count4.jar-47cfe281-3c86c4d0.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\count4.jar-47cfe281-3c86c4d0.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\count4.jar-47cfe281-3c86c4d0.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\count4.jar-47cfe281-3c86c4d0.zip[BeyondInterface.class]
Adware:Adware/IST.ISTBar No disinfected C:\Documents and Settings\Shane\.jpi_cache\jar\1.0\javainstaller.jar-4514e5ea-5ae04b03.zip[InstallerApplet.class]
Virus:Trj/Classloader.B Disinfected C:\Documents and Settings\Shane\.jpi_cache\file\1.0\in_s.class-678329ec-7c6c2364.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\file\1.0\Dummy.class-774d507d-1148baab.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Shane\.jpi_cache\file\1.0\ok.class-602516f-323534d8.class
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Hypnosis for Beginners.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\FruityLoops Studio Producer Edition 5.02.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\SuperVideoCap 4.19.390.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Bat! 3.60.02.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Internet Download Accelerator 4.3.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Registry Cleaner 32 1.1.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\LeapFTP 2.7.6.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Rollercoaster World 2.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Celtic Kings The Punic Wars.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Stronghold 2.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\The Settlers Heritage of King.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Spider Solitaire Collection 6.0.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Aliens vs. Predator 2.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Jetfighter 2015.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Pinball Master 2.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Gamehouse Aloha Tripeaks 1.01.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Trackmania Sunrise.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Everest Home Edition 2.20.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\BreezeBrowser 2.9.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\GetDataBack for NTFS 2.31.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\GetDataBack for FAT 2.31.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Child Control 7.136.0.0.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Kingdia DVD Ripper Professional 2.4.6.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Kingdia DVD Audo Ripper 1.6.5.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\LimeWire Pro 4.9.28.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\QuickBooks Premier 2005.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\EyeCU 2.2 Professional.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Splats HTML 1.0.3.9.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\3DWebButton 1.7.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\HD Tune 2.50.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Bunty Aur Bubli (Hindi).zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Phir Milenge (Hindi).zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Dil Chahta Hai (Hindi).zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Parineeta (Hindi).zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\OmniPage Pro 15 Office.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Advanced RAR Password Recovery 1.52.48.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Ulead DVD MovieFactory 4.0.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\AoA DVD Copy 2.2.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Windows Mobile 5.0.zip[Setup.exe]
Virus:W32/Alcan.A.worm Disinfected C:\Documents and Settings\Shane\Complete\Advanced Uninstaller Pro 2005 7.0.zip[Setup.exe]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Kelly s\.jpi_cache\jar\1.0\ar3.jar-1f8b980f-3d59c280.zip[Gummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Kelly s\.jpi_cache\jar\1.0\ar3.jar-1f8b980f-3d59c280.zip[Counter.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Kelly s\.jpi_cache\jar\1.0\ar3.jar-1f8b980f-3d59c280.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Kelly s\.jpi_cache\jar\1.0\ar3.jar-5157872c-3bae471c.zip[Gummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Kelly s\.jpi_cache\jar\1.0\ar3.jar-5157872c-3bae471c.zip[Counter.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Kelly s\.jpi_cache\jar\1.0\ar3.jar-5157872c-3bae471c.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Kelly s\.jpi_cache\jar\1.0\classload.jar-227d9698-5f1dfccf.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Kelly s\.jpi_cache\jar\1.0\classload.jar-227d9698-5f1dfccf.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Kelly s\.jpi_cache\jar\1.0\classload.jar-227d9698-5f1dfccf.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Kelly s\.jpi_cache\jar\1.0\classload.jar-227d9698-5f1dfccf.zip[Installer.class]
Adware:Adware/SaveNow No disinfected C:\System Volume Information\_restore{CE6F2276-A2E8-42DC-A0DF-D97043A16423}\RP786\A0386415.exe
Virus:W32/Alcan.A.worm Disinfected C:\System Volume Information\_restore{CE6F2276-A2E8-42DC-A0DF-D97043A16423}\RP789\A0386692.exe
Virus:W32/Alcan.A.worm Disinfected C:\System Volume Information\_restore{CE6F2276-A2E8-42DC-A0DF-D97043A16423}\RP789\A0386767.exe
Virus:Bck/Agent.K Disinfected C:\System Volume Information\_restore{CE6F2276-A2E8-42DC-A0DF-D97043A16423}\RP789\A0386773.exe
Spyware:Spyware/Virtumonde No disinfected C:\System Volume Information\_restore{CE6F2276-A2E8-42DC-A0DF-D97043A16423}\RP790\A0386886.dll
Virus:Trj/Agent.AJK Disinfected C:\System Volume Information\_restore{CE6F2276-A2E8-42DC-A0DF-D97043A16423}\RP790\A0387092.dll
Virus:Trj/Dissec.A Disinfected C:\System Volume Information\_restore{CE6F2276-A2E8-42DC-A0DF-D97043A16423}\RP790\A0387093.exe

thanks a lot for helping me man, i mean it.
  • 0

#4
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Wow. If we were bowling that would be called a STRIKE I guess.

In my sport we call it 180 :tazz:

The log is clean.
Is your computer behaving accordingly?

Please do have a look at my site about removing and preventing spyware.

Regards,
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP