Solved: Having a small problem - Page 2

Smokes · 15-May-2008, 02:36 PM **#16**

ty for the help heres the logs,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:34:13 PM, on 5/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\acs.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dan Cox\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: ICOOExternal Class - {0519A9C9-064A-4cbc-BC47-D0EACD581477} - C:\Program Files\ICOO Loader\addons\icooue.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ICOODManager Class - {465A59EC-20E5-4fca-A38A-E5EC3C480218} - C:\Program Files\ICOO Loader\addons\icoou.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanc...instmodule.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://myspotismine.spaces.msn.com//...d/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1156535440453
O16 - DPF: {7557F5AA-D486-401D-BE55-0163FA78B5B8} (SkyFex Expert Object) - https://skyfex.com/download/SkyFexExpert.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {A609CB6E-FEB5-47C3-966C-1B916842BD01} (Nlopflash Class) - http://poker.nlop.com/poker/PokerCreations.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/game...Plugin9USA.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {F84E0B64-1E86-4640-8094-5B38CEB28C1E} (SkyFex Client Object) - https://skyfex.com/download/SkyFexClient.cab
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: VET Message Service (VETMSGNT) - Unknown owner - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe (file missing)

--
End of file - 7656 bytes

KASPERSKY ONLINE SCANNER REPORT
Thursday, May 15, 2008 2:33:12 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 14/05/2008
Kaspersky Anti-Virus database records: 773829
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 235416
Number of viruses found 17
Number of infected objects 58
Number of suspicious objects 0
Duration of the scan process 02:56:19

Infected Object Name Virus Name Last Action
C:\Bux.to_Auto_Clicker2.0\Bux.to_Auto_Clicker.zip/Bux.to_Auto_Clicker.exe Infected: Trojan-Clicker.Win32.Agent.abf skipped
C:\Bux.to_Auto_Clicker2.0\Bux.to_Auto_Clicker.zip ZIP: infected - 1 skipped
C:\Bux.to_Auto_Clicker2.0\Bux.to_Auto_Clicker2.0.exe Infected: Trojan-Clicker.Win32.Agent.abf skipped
C:\Bux.to_Auto_Clicker2.0\Bux.to_Auto_Clicker2.0.zip/Bux.to_Auto_Clicker2.0.exe Infected: Trojan-Clicker.Win32.Agent.abf skipped
C:\Bux.to_Auto_Clicker2.0\Bux.to_Auto_Clicker2.0.zip ZIP: infected - 1 skipped
C:\crackingstuff\AFC\AFC\AFC.exe Infected: Backdoor.Win32.VB.cus skipped
C:\crackingstuff\AFC.zip/AFC/AFC.exe Infected: Backdoor.Win32.VB.cus skipped
C:\crackingstuff\AFC.zip ZIP: infected - 1 skipped
C:\crackingstuff\Hackahoo-Ultimate-Crack-Gear-3.2-Full\Hackahoo Ultimate Crack Gear 3.2 Full\Hackahoo Ultimate Crack Gear 3.2 Demo.exe Infected: Virus.Win32.Alman.b skipped
C:\crackingstuff\Hackahoo-Ultimate-Crack-Gear-3.2-Full.zip/Hackahoo Ultimate Crack Gear 3.2 Full/Hackahoo Ultimate Crack Gear 3.2 Demo.exe Infected: Virus.Win32.Alman.b skipped
C:\crackingstuff\Hackahoo-Ultimate-Crack-Gear-3.2-Full.zip ZIP: infected - 1 skipped
C:\crackingstuff\IMG ****ing Cracker.exe Infected: HackTool.Win32.VB.uk skipped
C:\crackingstuff\infocrackerv6.zip/infocracker/Info Cracker.exe Infected: HackTool.Win32.VB.mn skipped
C:\crackingstuff\infocrackerv6.zip ZIP: infected - 1 skipped
C:\crackingstuff\PuddysOrginalRuntimeInstaller.zip/RuntimeInstaller.msi/Instal01.cab/_F6241207262C4CA1BB01C06019C8A6A3 Infected: HackTool.Win32.VB.ml skipped
C:\crackingstuff\PuddysOrginalRuntimeInstaller.zip/RuntimeInstaller.msi/Instal01.cab/PO1_5CFACF00F4B14A85B2ED2C6BAB3CA76A_B8C47A00B8EF46FC82BF55BEE3CBFC06 Infected: HackTool.Win32.VB.mm skipped
C:\crackingstuff\PuddysOrginalRuntimeInstaller.zip/RuntimeInstaller.msi/Instal01.cab/_369F071CA14F4BC4BB2DB9C248CDFF86 Infected: HackTool.Win32.VB.mj skipped
C:\crackingstuff\PuddysOrginalRuntimeInstaller.zip/RuntimeInstaller.msi/Instal01.cab/_448903B6C7484A7A81F2E035BCFB07E7 Infected: HackTool.Win32.VB.mi skipped
C:\crackingstuff\PuddysOrginalRuntimeInstaller.zip/RuntimeInstaller.msi/Instal01.cab Infected: HackTool.Win32.VB.mi skipped
C:\crackingstuff\PuddysOrginalRuntimeInstaller.zip/RuntimeInstaller.msi Infected: HackTool.Win32.VB.mi skipped
C:\crackingstuff\PuddysOrginalRuntimeInstaller.zip ZIP: infected - 6 skipped
C:\Documents and Settings\All Users\Application Data\ESET\ESET Smart Security\Charon\CACHE.NDB Object is locked skipped
C:\Documents and Settings\All Users\Application Data\ESET\ESET Smart Security\Logs\epfwlog.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\ESET\ESET Smart Security\Logs\virlog.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\ESET\ESET Smart Security\Logs\warnlog.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Documents\Windows Vista Activator + vista key.rar/Windows Vista Activator + vista key/Windows Vista Activator.exe/data0000.cab/active.exe Infected: Trojan-Spy.Win32.BZub.brl skipped
C:\Documents and Settings\All Users\Documents\Windows Vista Activator + vista key.rar/Windows Vista Activator + vista key/Windows Vista Activator.exe/data0000.cab Infected: Trojan-Spy.Win32.BZub.brl skipped
C:\Documents and Settings\All Users\Documents\Windows Vista Activator + vista key.rar/Windows Vista Activator + vista key/Windows Vista Activator.exe Infected: Trojan-Spy.Win32.BZub.brl skipped
C:\Documents and Settings\All Users\Documents\Windows Vista Activator + vista key.rar RAR: infected - 3 skipped
C:\Documents and Settings\Dan Cox\Application Data\Mozilla\Firefox\Profiles\mzuutpfi.default\cert8.db Object is locked skipped
C:\Documents and Settings\Dan Cox\Application Data\Mozilla\Firefox\Profiles\mzuutpfi.default\history.dat Object is locked skipped
C:\Documents and Settings\Dan Cox\Application Data\Mozilla\Firefox\Profiles\mzuutpfi.default\key3.db Object is locked skipped
C:\Documents and Settings\Dan Cox\Application Data\Mozilla\Firefox\Profiles\mzuutpfi.default\parent.lock Object is locked skipped
C:\Documents and Settings\Dan Cox\Application Data\Mozilla\Firefox\Profiles\mzuutpfi.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Dan Cox\Application Data\Mozilla\Firefox\Profiles\mzuutpfi.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Dan Cox\awc_Smokes\log.txt Object is locked skipped
C:\Documents and Settings\Dan Cox\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Dan Cox\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Dan Cox\Desktop\SmitfraudFix.exe/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Dan Cox\Desktop\SmitfraudFix.exe RAR: infected - 1 skipped
C:\Documents and Settings\Dan Cox\Desktop\[38]-Submit_2008-05-11@22.51.zip/kol.dll Infected: Trojan-Downloader.Win32.Peregar.cp skipped
C:\Documents and Settings\Dan Cox\Desktop\[38]-Submit_2008-05-11@22.51.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Dan Cox\Desktop\[38]-Submit_2008-05-14@8.35.zip/Suspect_b2new.exe.vir Infected: Trojan-Downloader.Win32.Agent.otg skipped
C:\Documents and Settings\Dan Cox\Desktop\[38]-Submit_2008-05-14@8.35.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Dan Cox\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Dan Cox\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Dan Cox\Local Settings\Application Data\Mozilla\Firefox\Profiles\mzuutpfi.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Dan Cox\Local Settings\Application Data\Mozilla\Firefox\Profiles\mzuutpfi.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Dan Cox\Local Settings\Application Data\Mozilla\Firefox\Profiles\mzuutpfi.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Dan Cox\Local Settings\Application Data\Mozilla\Firefox\Profiles\mzuutpfi.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Dan Cox\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Dan Cox\Local Settings\Temp\hsperfdata_Dan Cox\1824 Object is locked skipped
C:\Documents and Settings\Dan Cox\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Dan Cox\ntuser.dat Object is locked skipped
C:\Documents and Settings\Dan Cox\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2008-05-14.16-15-30.log Object is locked skipped
C:\Program Files\ARES\areszip\areszip.zip/areszip/uninstall.exe Infected: not-a-virus:AdTool.Win32.WhenU.l skipped
C:\Program Files\ARES\areszip\areszip.zip ZIP: infected - 1 skipped
C:\Program Files\ARES\areszip\uninstall.exe Infected: not-a-virus:AdTool.Win32.WhenU.l skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack\Super Internet TV v7.2 Full + Crack\onlinetv7.2.exe/data0000.cab/unins000.exe/data0000.cab/UNINS0~1.EXE Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack\Super Internet TV v7.2 Full + Crack\onlinetv7.2.exe/data0000.cab/unins000.exe/data0000.cab Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack\Super Internet TV v7.2 Full + Crack\onlinetv7.2.exe/data0000.cab/unins000.exe Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack\Super Internet TV v7.2 Full + Crack\onlinetv7.2.exe/data0000.cab Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack\Super Internet TV v7.2 Full + Crack\onlinetv7.2.exe Rsrc-Package: infected - 4 skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack.rar/Super Internet TV v7.2 Full + Crack/onlinetv7.2.exe/data0000.cab/unins000.exe/data0000.cab/UNINS0~1.EXE Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack.rar/Super Internet TV v7.2 Full + Crack/onlinetv7.2.exe/data0000.cab/unins000.exe/data0000.cab Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack.rar/Super Internet TV v7.2 Full + Crack/onlinetv7.2.exe/data0000.cab/unins000.exe Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack.rar/Super Internet TV v7.2 Full + Crack/onlinetv7.2.exe/data0000.cab Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack.rar/Super Internet TV v7.2 Full + Crack/onlinetv7.2.exe Infected: Trojan.Win32.Monder.gen skipped
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack.rar RAR: infected - 5 skipped
C:\Program Files\Puddys-World\Runtime Installer\Runtime Installer.exe Infected: HackTool.Win32.VB.mm skipped
C:\QooBox\Quarantine\C\WINDOWS\b2new.exe.vir Infected: Trojan-Downloader.Win32.Agent.otg skipped
C:\QooBox\Quarantine\C\WINDOWS\default.htm.vir Infected: not-virus:Hoax.HTML.Secureinvites.b skipped
C:\QooBox\Quarantine\C\WINDOWS\lfn.exe.vir Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\urqOIyxW.dll.vir Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\wmsdkns.exe.vir Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP123\A0024475.exe Infected: Trojan-Clicker.Win32.Agent.abf skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP139\A0037090.exe/data0000.cab/is152854.exe Infected: Trojan.Win32.Monder.gen skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP139\A0037090.exe/data0000.cab/_launcher.exe Infected: Trojan-Clicker.MSIL.Xone.r skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP139\A0037090.exe/data0000.cab/_1.exe Infected: Trojan.Win32.Monder.gen skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP139\A0037090.exe/data0000.cab Infected: Trojan.Win32.Monder.gen skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP139\A0037090.exe Rsrc-Package: infected - 4 skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP140\A0037595.exe Object is locked skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP140\A0037596.exe Object is locked skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP140\A0037598.dll Object is locked skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP145\A0038305.exe Infected: Trojan-Downloader.Win32.Agent.otg skipped
C:\System Volume Information\_restore{CF8A54B3-00DE-4AA7-AEA8-9EB54C29EA21}\RP145\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SEA9BC562.tmp Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\Puddys-World Updater.exe Infected: HackTool.Win32.VB.ml skipped
C:\WINDOWS\system32\PuddySerialLib.dll Infected: HackTool.Win32.VB.mi skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.

**dvk01** · 15-May-2008, 06:12 PM **#17**

delete all these

C:\Bux.to_Auto_Clicker2.0\Bux.to_Auto_Clicker.zip
C:\Bux.to_Auto_Clicker2.0\Bux.to_Auto_Clicker2.0.exe
C:\Bux.to_Auto_Clicker2.0\Bux.to_Auto_Clicker2.0.zip
C:\crackingstuff\AFC\AFC\AFC.exe
C:\crackingstuff\AFC.zip
C:\crackingstuff\Hackahoo-Ultimate-Crack-Gear-3.2-Full\Hackahoo Ultimate Crack Gear 3.2 Full\Hackahoo Ultimate Crack Gear 3.2 Demo.exe
C:\crackingstuff\Hackahoo-Ultimate-Crack-Gear-3.2-Full.zip
C:\crackingstuff\IMG ****ing Cracker.exe
C:\crackingstuff\infocrackerv6.zip
C:\crackingstuff\PuddysOrginalRuntimeInstaller.zip
C:\Documents and Settings\All Users\Documents\Windows Vista Activator + vista key.rar
C:\Program Files\ARES\areszip\areszip.zip
C:\Program Files\ARES\areszip\uninstall.exe
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack\Super Internet TV v7.2 Full + Crack\onlinetv7.2.exe
C:\Program Files\Azureus\Super Internet TV v7.2 Full + Crack.rar
C:\Program Files\Puddys-World\Runtime Installer\Runtime Installer.exe
C:\WINDOWS\system32\Puddys-World Updater.exe
C:\WINDOWS\system32\PuddySerialLib.dll

the one with the **** has been got by the swear filter but I am sure you can work out which one it is

using P2P & cracks is extremely dangerous as you have now found out

Smokes · 16-May-2008, 12:03 AM **#18**

i know what they are and what they do ty for your help im marking this as solved

**dvk01** · 16-May-2008, 04:11 AM **#19**

now it seems clean
*Follow these steps to uninstall Combofix and tools used in the removal of malware*
* Click *START* then *RUN*
* Now type *Combofix /u* in the runbox and click *OK*. Note the *space* between the *X* and the *U*, it needs to be there.
[img] http://i189.photobucket.com/albums/z...CF_Cleanup.png [/img]

then
Turn off system restore by following instructions here
for XP http://www.thespykiller.co.uk/index.php?page=8
or for Vista http://www.bleepingcomputer.com/tuto...torial143.html

That will purge the restore folder and clear any malware that has been put in there. Then reboot & then re-enable system restore & create a new restore point. Now Empty Recycle bin on desktop

go here http://www.thespykiller.co.uk/index.php?page=3 for info on how to tighten your security settings and how to help prevent future attacks.

and scan here http://secunia.com/software_inspector/ for out of date & vulnerable common applications on your computer

Then pay an urgent visit to windows update & make sure you are fully updated, that will help to plug the security holes that let these pests on in the first place

Smokes · 16-May-2008, 03:37 PM **#20**

ok thanks a lot for the help

Search
Search in:
Show Threads Show Posts
Advanced Search

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)