Mourning the loss of our friend, WhitPhil.
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
 
Malware Removal & HijackThis Logs
Tag Cloud
access audio black screen blue screen boot bsod connection crash dell desktop drivers dvd email error excel excel 2003 firefox hard drive hardware hijackthis internet keyboard laptop malware monitor motherboard network networking outlook problem ram recovery router safe mode screen slow sound spyware tdlwsp.dll trojan vba video virus vista vundo windows windows 7 windows vista windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Malware Removal & HijackThis Logs >
I dont know (New)

Tip: Click here to scan for System Errors and Optimize PC performance
[ Sponsored Link ]

Closed Thread
Page 7 of 7 « First 456 7
 
Thread Tools
Sekaidus's Avatar
Member with 96 posts.
  
Join Date: Jan 2006
Experience: Intermediate
28-Nov-2006, 07:49 PM #91
running off of the command line version I get ...is not recognized as an internal or external command, operable program or batch file.
I'm gonna dl the user interface version.
Register for free to hide this ad!
Sekaidus's Avatar
Member with 96 posts.
  
Join Date: Jan 2006
Experience: Intermediate
28-Nov-2006, 07:55 PM #92
that worked.

11/28/06 19:50:14 [Info]: BlackLight Engine 1.0.47 initialized
11/28/06 19:50:14 [Info]: OS: 5.1 build 2600 (Service Pack 2)
11/28/06 19:50:14 [Note]: 7019 4
11/28/06 19:50:14 [Note]: 7005 0
11/28/06 19:50:18 [Note]: 7006 0
11/28/06 19:50:18 [Note]: 7011 1768
11/28/06 19:50:18 [Note]: 7026 0
11/28/06 19:50:18 [Note]: 7026 0
11/28/06 19:50:26 [Note]: FSRAW library version 1.7.1020
11/28/06 19:53:51 [Note]: 2000 1012
11/28/06 19:55:01 [Note]: 7007 0
Sekaidus's Avatar
Member with 96 posts.
  
Join Date: Jan 2006
Experience: Intermediate
28-Nov-2006, 08:10 PM #93
Thinking back on it, I believe it was the panda scan that recognized the rootkit.
Sekaidus's Avatar
Member with 96 posts.
  
Join Date: Jan 2006
Experience: Intermediate
28-Nov-2006, 09:01 PM #94
To me this seems like an advert, but it was panda that found a rootkit. The #'s quadrupled.

Incident Status Location

Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/awtqo.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/awtsq.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/awvtt.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/ddabb.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/ddcyv.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/geebc.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/jkhfe.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/jkkll.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/mllmj.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/mllmm.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/mllmn.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/pmnnm.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/ssqrq.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/ssqrr.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/ssttq.dll]
Possible Virus. Not disinfected C:\avenger\backup.zip[avenger/ssttt.dll]
Virus:Trj/Nebule.A Disinfected C:\avenger\backup.zip[avenger/winmbj32.dll]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@2o7[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adrevolver[3].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ads.addynamix[1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ads.pointroll[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@advertising[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@as-us.falkag[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@atwola[2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@azjmp[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@belnk[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@bluestreak[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@cgi-bin[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@com[1].txt
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@counter.hitslink[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@doubleclick[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@drivecleaner[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ehg-dig.hitbox[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@fastclick[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@go[2].txt
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@hc2.humanclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@hitbox[2].txt
Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@hotlog[1].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@i.screensavers[2].txt
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@landing.domainsp onsor[1].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@maxserving[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@questionmarket[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@realmedia[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@searchportal.inf ormation[1].txt
Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@spylog[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@statcounter[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@stats.driveclean er[2].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@statse.webtrends live[2].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@toplist[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@tribalfusion[1].txt
Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@tucows[2].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@www.systemdoctor[1].txt
Spyware:Cookie/Virusbursters Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@www.virusburster s[2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@zedo[1].txt
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\New Folder\SmitfraudFix\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\New Folder\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Possible Virus. Not disinfected C:\sUBs\TSF\swreg.exe
Possible Virus. Not disinfected C:\VundoFix Backups\vtsqr.dll.bad
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
Sekaidus's Avatar
Member with 96 posts.
  
Join Date: Jan 2006
Experience: Intermediate
10-Dec-2006, 01:08 PM #95
I somehow glossed over your last set of instructions. Seemingly, by far the easiest explination ultimately was the correct one. Somthing I'd disabled at startup was the culprit.
Thx D
dvk01's Avatar
Moderator with 27,655 posts.
  
Join Date: Dec 2002
Location: Loughton, Essex, UK
10-Dec-2006, 01:39 PM #96
there is nothing showing bad in the panda log

all it finds are those that have been deleted and in backup folders

if everything is OK now then

Turn off system restore by following instructions here
http://www.thespykiller.co.uk/forum/index.php?page=8
That will purge the restore folder and clear any malware that has been put in there. Then reboot & then re-enable sytem restore & create a new restore point.

go here http://forums.techguy.org/t208517/s.html for info on how to tighten your security settings and how to help prevent future attacks.

and pay an urgent visit to windows update & make sure you are fully updated & get the bunch of new updates that are alleged to plug the security holes that let these pests on in the first place

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 5.0 Update 10.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.
__________________
Derek Microsoft MVP/Windows - Security Thespykiller | Security & Privacy
I am helping you, please help me by donating to help keep the Hedgehog Rescue Centre running
Sekaidus's Avatar
Member with 96 posts.
  
Join Date: Jan 2006
Experience: Intermediate
10-Dec-2006, 05:44 PM #97
Everything does seem OK. Though I don't like the Explorer 7point setup.
dvk01's Avatar
Moderator with 27,655 posts.
  
Join Date: Dec 2002
Location: Loughton, Essex, UK
11-Dec-2006, 02:44 AM #98
Sorry can you explain

if you don't want IE7 yet then say no when it offers it

It's not compulsory but I do recommend it as it is better than IE6 on XP & somewhat less vulnerable to many avenues of attack
Closed Thread Bookmark and Share
Page 7 of 7 « First 456 7

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Smart Search

Find your solution!


« Previous Thread | Malware Removal & HijackThis Logs | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.

Thread Tools


Twitter Twitter! | Podcast | Mobile | Advertise
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -5. The time now is 03:37 PM.
Copyright © 1996 - 2009 TechGuy, Inc. All rights reserved.
Powered by vBulletin, Copyright © 2000 - 2009, Jelsoft Enterprises Ltd.
 Powered by Cermak Technologies, Inc.