My computer was affected by winfixer and serveral other spyware. The biggest problem was that the hibernation and standing off features could not work.
I used many other anti-spyware program to fix the problem, but to no avail.
Then I used Spysweeper. According to the instruction posted here before, people need to follow several steps to complete the process of sweeping away the virus.
But i found that only after using the Spysweeper to scan the whole system, the problem was fixed. My computer can hiberate and stand off function is back again and work stably now.
So I wonder whether I have actually fixed the problem and sweepted the virus away from my system?
Here is the result after the scanning and cleaning:
12:23: | Start of Session, 24 November 2005 |
12:23: Spy Sweeper started
12:23: Sweep initiated using definitions version 575
12:23: Starting Memory Sweep
12:26: Memory Sweep Complete, Elapsed Time: 00:02:21
12:26: Starting Registry Sweep
12:26: Found Adware: virtumonde
12:26: HKCR\msevents.msevents\ (5 subtraces) (ID = 749130)
12:26: HKCR\msevents.msevents.1\ (3 subtraces) (ID = 749136)
12:26: HKLM\software\classes\msevents.msevents\ (5 subtraces) (ID = 749153)
12:26: HKLM\software\classes\msevents.msevents.1\ (3 subtraces) (ID = 749157)
12:26: Registry Sweep Complete, Elapsed Time:00:00:13
12:26: Starting Cookie Sweep
12:26: Found Spy Cookie: yieldmanager cookie
12:26: steven [email protected][1].txt (ID = 3751)
12:26: Found Spy Cookie: adknowledge cookie
12:26: steven sun@adknowledge[2].txt (ID = 2072)
12:26: Found Spy Cookie: specificclick.com cookie
12:26: steven [email protected][1].txt (ID = 3400)
12:26: Found Spy Cookie: adprofile cookie
12:26: steven sun@adprofile[1].txt (ID = 2084)
12:26: Found Spy Cookie: adultfriendfinder cookie
12:26: steven sun@adultfriendfinder[2].txt (ID = 2165)
12:26: Found Spy Cookie: belnk cookie
12:26: steven sun@belnk[1].txt (ID = 2292)
12:26: Found Spy Cookie: burstnet cookie
12:26: steven sun@burstnet[2].txt (ID = 2336)
12:26: Found Spy Cookie: gostats cookie
12:26: steven [email protected][2].txt (ID = 2748)
12:26: Found Spy Cookie: overture cookie
12:26: steven [email protected][1].txt (ID = 3106)
12:26: Found Spy Cookie: dealtime cookie
12:26: steven sun@dealtime[2].txt (ID = 2505)
12:26: Found Spy Cookie: did-it cookie
12:26: steven sun@did-it[1].txt (ID = 2523)
12:26: Found Spy Cookie: go.com cookie
12:26: steven [email protected][1].txt (ID = 2729)
12:26: steven [email protected][2].txt (ID = 2293)
12:26: steven sun@go[1].txt (ID = 2728)
12:26: Found Spy Cookie: 2o7.net cookie
12:26: steven [email protected][1].txt (ID = 1958)
12:26: steven [email protected][1].txt (ID = 1958)
12:26: steven [email protected][1].txt (ID = 1958)
12:26: Found Spy Cookie: nextag cookie
12:26: steven sun@nextag[2].txt (ID = 5014)
12:26: Found Spy Cookie: outster cookie
12:26: steven sun@outster[1].txt (ID = 3103)
12:26: Found Spy Cookie: partypoker cookie
12:26: steven sun@partypoker[2].txt (ID = 3111)
12:26: Found Spy Cookie: rc cookie
12:26: steven sun@rc[1].txt (ID = 3231)
12:26: steven [email protected][2].txt (ID = 2506)
12:26: Found Spy Cookie: reliablestats cookie
12:26: steven [email protected][2].txt (ID = 3254)
12:26: Found Spy Cookie: yadro cookie
12:26: steven sun@yadro[2].txt (ID = 3743)
12:26: Found Spy Cookie: zedo cookie
12:26: steven sun@zedo[1].txt (ID = 3762)
12:26: Cookie Sweep Complete, Elapsed Time: 00:00:02
12:26: Starting File Sweep
12:28: Warning: Failed to open file "c:\windows\winsxs\\msvcirt.dll". The system cannot find the file specified
12:28: Warning: Failed to open file "c:\windows\winsxs\\msvcrt.dll". The system cannot find the file specified
12:28: Warning: Failed to open file "c:\windows\winsxs\\msvcirt.dll". The system cannot find the file specified
12:28: Warning: Failed to open file "c:\windows\winsxs\\msvcrt.dll". The system cannot find the file specified
12:35: Found System Monitor: potentially rootkit-masked files
12:35: system.dat (ID = 0)
12:35: hints.dat (ID = 0)
12:35: sam (ID = 0)
12:35: system (ID = 0)
12:35: 258c5ea8-b6a6-4300-bd73-453a177dba66 (ID = 0)
12:35: businessart;abr=!webtv;sect=business;sect=p_top;sect=d_top;sect=business_p_top;sect=business_d_top;pos=v5_topbanner;sz=468x60;tile=2;dcopt=ist;ord=10663 (ID = 0)
12:35: credhist (ID = 0)
12:35: preferred (ID = 0)
12:35: credhist (ID = 0)
12:35: 258c5ea8-b6a6-4300-bd73-453a177dba66 (ID = 0)
12:35: preferred (ID = 0)
12:35: pu.dat (ID = 0)
12:35: credhist (ID = 0)
12:35: 258c5ea8-b6a6-4300-bd73-453a177dba66 (ID = 0)
12:35: preferred (ID = 0)
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:38: Warning: File not found
12:39: File Sweep Complete, Elapsed Time: 00:12:42
12:39: Full Sweep has completed. Elapsed time 00:15:20
12:39: Traces Found: 60
12:41: Removal process initiated
12:41: Quarantining All Traces: virtumonde
12:41: Quarantining All Traces: 2o7.net cookie
12:41: Quarantining All Traces: adknowledge cookie
12:41: Quarantining All Traces: adprofile cookie
12:41: Quarantining All Traces: adultfriendfinder cookie
12:41: Quarantining All Traces: belnk cookie
12:41: Quarantining All Traces: burstnet cookie
12:41: Quarantining All Traces: dealtime cookie
12:41: Quarantining All Traces: did-it cookie
12:41: Quarantining All Traces: go.com cookie
12:41: Quarantining All Traces: gostats cookie
12:41: Quarantining All Traces: nextag cookie
12:41: Quarantining All Traces: outster cookie
12:41: Quarantining All Traces: overture cookie
12:41: Quarantining All Traces: partypoker cookie
12:41: Quarantining All Traces: rc cookie
12:41: Quarantining All Traces: reliablestats cookie
12:41: Quarantining All Traces: specificclick.com cookie
12:41: Quarantining All Traces: yadro cookie
12:41: Quarantining All Traces: yieldmanager cookie
12:41: Quarantining All Traces: zedo cookie
12:41: Removal process completed. Elapsed time 00:00:05
********
12:17: | Start of Session, 24 November 2005 |
12:17: Spy Sweeper started
12:17: Sweep initiated using definitions version 575
12:17: Starting Memory Sweep
12:19: Memory Sweep Complete, Elapsed Time: 00:02:26
12:19: Starting Registry Sweep
12:19: Found Adware: virtumonde
12:19: HKCR\msevents.msevents\ (5 subtraces) (ID = 749130)
12:19: HKCR\msevents.msevents.1\ (3 subtraces) (ID = 749136)
12:19: HKLM\software\classes\msevents.msevents\ (5 subtraces) (ID = 749153)
12:19: HKLM\software\classes\msevents.msevents.1\ (3 subtraces) (ID = 749157)
12:19: Registry Sweep Complete, Elapsed Time:00:00:15
12:19: Starting Cookie Sweep
12:19: Found Spy Cookie: yieldmanager cookie
12:19: steven [email protected][1].txt (ID = 3751)
12:19: Found Spy Cookie: adknowledge cookie
12:19: steven sun@adknowledge[2].txt (ID = 2072)
12:19: Found Spy Cookie: specificclick.com cookie
12:19: steven [email protected][1].txt (ID = 3400)
12:19: Found Spy Cookie: adprofile cookie
12:19: steven sun@adprofile[1].txt (ID = 2084)
12:19: Found Spy Cookie: adultfriendfinder cookie
12:19: steven sun@adultfriendfinder[2].txt (ID = 2165)
12:19: Found Spy Cookie: belnk cookie
12:19: steven sun@belnk[1].txt (ID = 2292)
12:19: Found Spy Cookie: burstnet cookie
12:19: steven sun@burstnet[2].txt (ID = 2336)
12:19: Found Spy Cookie: gostats cookie
12:19: steven [email protected][2].txt (ID = 2748)
12:19: Found Spy Cookie: overture cookie
12:19: steven [email protected][1].txt (ID = 3106)
12:19: Found Spy Cookie: dealtime cookie
12:19: steven sun@dealtime[2].txt (ID = 2505)
12:19: Found Spy Cookie: did-it cookie
12:19: steven sun@did-it[1].txt (ID = 2523)
12:19: Found Spy Cookie: go.com cookie
12:19: steven [email protected][1].txt (ID = 2729)
12:19: steven [email protected][2].txt (ID = 2293)
12:19: steven sun@go[1].txt (ID = 2728)
12:19: Found Spy Cookie: 2o7.net cookie
12:19: steven [email protected][1].txt (ID = 1958)
12:19: steven [email protected][1].txt (ID = 1958)
12:19: steven [email protected][1].txt (ID = 1958)
12:19: Found Spy Cookie: nextag cookie
12:19: steven sun@nextag[2].txt (ID = 5014)
12:19: Found Spy Cookie: outster cookie
12:19: steven sun@outster[1].txt (ID = 3103)
12:20: Found Spy Cookie: partypoker cookie
12:20: steven sun@partypoker[2].txt (ID = 3111)
12:20: Found Spy Cookie: rc cookie
12:20: steven sun@rc[1].txt (ID = 3231)
12:20: steven [email protected][2].txt (ID = 2506)
12:20: Found Spy Cookie: reliablestats cookie
12:20: steven [email protected][2].txt (ID = 3254)
12:20: Found Spy Cookie: yadro cookie
12:20: steven sun@yadro[2].txt (ID = 3743)
12:20: Found Spy Cookie: zedo cookie
12:20: steven sun@zedo[1].txt (ID = 3762)
12:20: Cookie Sweep Complete, Elapsed Time: 00:00:04
12:20: Starting File Sweep
12:22: Warning: Failed to open file "c:\windows\winsxs\\msvcirt.dll". The system cannot find the file specified
12:22: Warning: Failed to open file "c:\windows\winsxs\\msvcrt.dll". The system cannot find the file specified
12:22: Warning: Failed to open file "c:\windows\winsxs\\msvcirt.dll". The system cannot find the file specified
12:22: Warning: Failed to open file "c:\windows\winsxs\\msvcrt.dll". The system cannot find the file specified
12:22: Sweep Canceled
12:22: File Sweep Complete, Elapsed Time: 00:02:35
12:22: Traces Found: 45
12:23: | End of Session, 24 November 2005 |
********
12:12: | Start of Session, 24 November 2005 |
12:12: Spy Sweeper started
12:12: Sweep initiated using definitions version 575
12:12: Starting Memory Sweep
12:13: Found Adware: virtumonde
12:13: Detected running threat: C:\WINDOWS\system32\jkhhg.dll (ID = 77)
12:13: Sweep Canceled
12:13: Memory Sweep Complete, Elapsed Time: 00:00:56
12:13: Traces Found: 1
12:13: Removal process initiated
12:14: Quarantining All Traces: virtumonde
12:14: virtumonde is in use. It will be removed on reboot.
12:14: C:\WINDOWS\system32\jkhhg.dll is in use. It will be removed on reboot.
12:14: Warning: Launched explorer.exe
12:14: Warning: Quarantine process could not restart Explorer.
12:14: Preparing to restart your computer. Please wait...
12:14: Removal process completed. Elapsed time 00:00:43
********
12:11: | Start of Session, 24 November 2005 |
12:11: Spy Sweeper started
12:11: Your spyware definitions have been updated.
12:12: | End of Session, 24 November 2005
Sign In
Create Account
