Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My girlfriend needs help [CLOSED]

Started by PimpMasta_McNasty , Mar 15 2006 05:11 PM

  • This topic is locked This topic is locked

#1
PimpMasta_McNasty
Posted 15 March 2006 - 05:11 PM

PimpMasta_McNasty

    Member

  • Member
  • PipPip
  • 11 posts
Hi, my girlfriend needs some help and she's having trouble getting rid of this annoying virus and some other stuff. It was my fault cuz I turned off her firewall really momentarily to access Google Earth and BAM, this program comes out of nowhere called SpyFalcon. Right from the get go I knew it was fake. Problem is, HijackThis and Adaware don't see this thing. Only PandaSoftware but it won't remove for free. Can you recommend anything? Need Help! Here's a log of things it found.





Incident
Status Location

Virus:Trj/Lowzones.QF
Not disinfected Operating system
Adware:adware/securityerror
Not disinfected C:\WINDOWS\system32\nvctrl.exe
Adware:adware/securityerror
Not disinfected C:\WINDOWS\SYSTEM32\mssearchnet.exe
Dialer:dialer.avv
Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM
FILES\gdnUS250.exe
Adware:adware/securitytoolbar
Not disinfected C:\PROGRAM FILES\Security Toolbar
Potentially unwanted tool:application/winantivirus2006
Not disinfected C:\PROGRAM FILES\WinAntiVirus Pro 2006
Adware:adware/spywarestrike
Not disinfected C:\WINDOWS\SYSTEM32\1024
Adware:adware/spyfalcon
Not disinfected Windows Registry
Spyware:Cookie/64.62.232
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][3].txt
Spyware:Cookie/YieldManager
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/YieldManager
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][3].txt
Spyware:Cookie/adultfriendfinder
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@adultfriendfinder[1].txt
Spyware:Cookie/adultfriendfinder
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@adultfriendfinder[2].txt
Spyware:Cookie/Belnk
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Azjmp
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@azjmp[1].txt
Spyware:Cookie/Banner
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@banner[1].txt
Spyware:Cookie/Banner
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@banner[2].txt
Spyware:Cookie/Belnk
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@belnk[1].txt
Spyware:Cookie/BurstNet
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@burstnet[2].txt
Spyware:Cookie/Ccbill
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@ccbill[2].txt
Spyware:Cookie/Com.com
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@com[2].txt
Spyware:Cookie/Belnk
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Entrepreneur
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@entrepreneur[2].txt
Spyware:Cookie/GoStats
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@gostats[2].txt
Spyware:Cookie/go
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@go[2].txt
Spyware:Cookie/MediaTickets
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@kinghost[1].txt
Spyware:Cookie/Media-motor
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Paypopup
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@paypopup[1].txt
Spyware:Cookie/SpywareStormer
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@spywarestormer[2].txt
Spyware:Cookie/Reliablestats
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Reliablestats
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Target
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@target[2].txt
Spyware:Cookie/Target
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@target[3].txt
Spyware:Cookie/Com.com
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Toplist
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@toplist[1].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@winfixer[2].txt
Spyware:Cookie/BurstBeacon
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Buzztone
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Spyfalcon
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Yadro
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@yadro[2].txt
Potentially unwanted tool:Application/SpyFalcon
Not disinfected C:\Documents and
Settings\HP_Owner\Application Data\Netscape\NSB\Profiles\nyqdhuvc.default\Cache\82F3E8E1d01
Spyware:Cookie/2o7.net
Not disinfected C:\Documents and
Settings\HP_Owner\Application Data\Netscape\NSB\Profiles\nyqdhuvc.default\cookies.txt[]
Virus:Exploit/ByteVerify
Not disinfected C:\Documents and
Settings\HP_Owner\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-30536a68-59d34a23.zip[Dummy.class]
Virus:Exploit/ByteVerify
Not disinfected C:\Documents and
Settings\HP_Owner\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-53103be1-69f82b93.zip[Dummy.class]
Spyware:Cookie/64.62.232
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][3].txt
Spyware:Cookie/YieldManager
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/YieldManager
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][3].txt
Spyware:Cookie/adultfriendfinder
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@adultfriendfinder[1].txt
Spyware:Cookie/adultfriendfinder
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@adultfriendfinder[2].txt
Spyware:Cookie/Belnk
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Azjmp
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@azjmp[1].txt
Spyware:Cookie/Banner
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@banner[1].txt
Spyware:Cookie/Banner
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@banner[2].txt
Spyware:Cookie/Belnk
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@belnk[1].txt
Spyware:Cookie/BurstNet
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@burstnet[2].txt
Spyware:Cookie/Ccbill
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@ccbill[2].txt
Spyware:Cookie/Com.com
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@com[2].txt
Spyware:Cookie/Belnk
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Entrepreneur
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@entrepreneur[2].txt
Spyware:Cookie/GoStats
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@gostats[2].txt
Spyware:Cookie/go
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@go[2].txt
Spyware:Cookie/MediaTickets
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@kinghost[1].txt
Spyware:Cookie/Media-motor
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Paypopup
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@paypopup[1].txt
Spyware:Cookie/SpywareStormer
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@spywarestormer[2].txt
Spyware:Cookie/Reliablestats
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Reliablestats
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Target
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@target[2].txt
Spyware:Cookie/Target
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@target[3].txt
Spyware:Cookie/Com.com
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Toplist
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@toplist[1].txt
Spyware:Cookie/WinFixer
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@winfixer[2].txt
Spyware:Cookie/BurstBeacon
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Buzztone
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Spyfalcon
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Yadro
Not disinfected C:\Documents and
Settings\HP_Owner\Cookies\hp_owner@yadro[2].txt
Potentially unwanted tool:Application/SpyFalcon
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temp\sa2A2.exe
Potentially unwanted tool:Application/SpyFalcon
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temp\sa5CE.exe
Potentially unwanted tool:Application/SpyFalcon
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temp\sa61.exe
Potentially unwanted tool:Application/SpyFalcon
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temp\~nsu.tmp\Au_.exe
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\25FZCZ7X\connect[1].htm
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\25FZCZ7X\connect[2].htm
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\25FZCZ7X\connect[3].htm
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\25FZCZ7X\connect[4].htm
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\25FZCZ7X\connect[5].htm
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\25FZCZ7X\connect[6].htm
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\25FZCZ7X\gdnUS250[1].exe
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\25FZCZ7X\gdnUS250[2].exe
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\25FZCZ7X\gdnUS250[3].exe
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\25FZCZ7X\gdnUS250[4].exe
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\89187574\gdnUS250[1].exe
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\BXPZME2T\connect[1].htm
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\GTYB4PIV\connect[1].htm
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\GTYB4PIV\gdnUS250[1].exe
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\NA8ZR1O5\connect[1].htm
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\NA8ZR1O5\gdnUS250[1].exe
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\PBFTJ134\connect[1].htm
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\PBFTJ134\gdnUS250[1].exe
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\PHP2FRPM\connect[1].htm
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\PHP2FRPM\gdnUS250[1].exe
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\QFC73WX4\connect[1].htm
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\QFC73WX4\gdnUS250[1].exe
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\U8ILNXC4\connect[1].htm
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\U8ILNXC4\connect[2].htm
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\U8ILNXC4\connect[3].htm
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\U8ILNXC4\gdnUS250[1].exe
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\U8ILNXC4\gdnUS250[2].exe
Dialer:Dialer.BEW
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\XBVVX5SE\connect[1].htm
Dialer:Dialer.NO
Not disinfected C:\Documents and Settings\HP_Owner\Local
Settings\Temporary Internet Files\Content.IE5\XBVVX5SE\gdnUS250[1].exe
Potentially unwanted tool:Application/KillApp.B
Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/Winantivirus2006
Not disinfected C:\Program Files\Common
Files\WinAntiVirus Pro 2006\WapCHK.dll
Potentially unwanted tool:Application/SpyFalcon
Not disinfected C:\Program Files\SpyFalcon\SpyFalcon.exe
Potentially unwanted tool:Application/SpyFalcon
Not disinfected C:\Program Files\SpyFalcon\uninst.exe
Adware:Adware/SpywareStrike
Not disinfected
C:\RECYCLER\S-1-5-21-3110143667-3613461463-1555923625-1009\Dc28.tmp
Virus:Trj/Lowzones.QF
Not disinfected
C:\RECYCLER\S-1-5-21-3110143667-3613461463-1555923625-1009\Dc29.exe
Potentially unwanted tool:Application/SpyFalcon
Not disinfected
C:\RECYCLER\S-1-5-21-3110143667-3613461463-1555923625-1009\Dc30.exe
Dialer:Dialer.NO
Not disinfected C:\WINDOWS\Downloaded Program
Files\gdnUS250.exe
Adware:Adware/SpywareStrike
Not disinfected C:\WINDOWS\system32\1024\ldD83D.tmp
Possible Virus.
Not disinfected C:\WINDOWS\system32\hpE8B8.tmp
Adware:Adware/SecurityError
Not disinfected C:\WINDOWS\system32\ld6ED2.tmp
Virus:Trj/Lowzones.QF
Not disinfected C:\WINDOWS\system32\lich.exe
Virus:Trj/Lowzones.QF
Not disinfected C:\zdj.exe
  • 0

Advertisements

#2
MasterJ
Posted 15 March 2006 - 05:16 PM

MasterJ

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,623 posts
Please Click here!, and follow the recommendations in the guide.

If you're still having trouble, We'll need you to use a free diagnostic tool, Hijack This. Follow the instructions in step five of this guide, and reply here with your log.

Most of what Hijack This lists lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
  • 0

#3
MasterJ
Posted 29 March 2006 - 04:03 PM

MasterJ

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,623 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP