hijack this log file

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

ih8spyware22

Thread Starter
Joined
Nov 21, 2005
Messages
12
i seem to have had some spyware installed onto my computer that i cant seem to get rid of. if someone could take a look at my hijack this log file and give me some idea of what to do. i would greatly appreciate it



ogfile of HijackThis v1.99.1
Scan saved at 3:22:28 PM, on 1/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\AvidSDMService.exe
E:\Program Files\security suite\ewidoctrl.exe
C:\windows\system32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\Program Files\Filseclab\xfilter\xfilter.exe
C:\windows\SOUNDMAN.EXE
C:\windows\ALCWZRD.EXE
C:\windows\smss.exe
E:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\explorer.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
E:\Program Files\security suite\SecuritySuite.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ADMIN.COOLMOED-0SWUGL\Desktop\spyware\hijackthis\HijackThis.exe
C:\Program Files\MSN Messenger\msnmsgr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mytelus.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [ipTray.exe] "C:\Program Files\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [XFILTER] "C:\Program Files\Filseclab\xfilter\xfilter.exe" -a
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Microsoft Windows Session Manager Subsystem] C:\windows\smss.exe
O4 - HKLM\..\Run: [Microsoft Windows Logon Process] C:\windows\winlogon.exe
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\Office\Office10\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121228196608
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\windows\system32\AvidSDMService.exe
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\windows\system32\AvidStartup.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - E:\Program Files\Norton\navapsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
 

ih8spyware22

Thread Starter
Joined
Nov 21, 2005
Messages
12
hi sorry that was a bit of a bad description, i just dont know to much about this.
i opened microsoft antispyware and immediately boxes popped up telling me to block a bunch of spyware so i did. but the only option was block i couldnt remove. i was just wondering if my hijack this file says i have anything bad, i dont know how to read it.
thanks!
 

ih8spyware22

Thread Starter
Joined
Nov 21, 2005
Messages
12
ok scanned with AVG here is the log




Logfile of HijackThis v1.99.1
Scan saved at 1:04:34 PM, on 1/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\Filseclab\xfilter\xfilter.exe
C:\windows\SOUNDMAN.EXE
C:\windows\ALCWZRD.EXE
E:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
E:\PROGRA~1\AVGFRE~1\avgcc.exe
E:\PROGRA~1\AVGFRE~1\avgamsvr.exe
E:\PROGRA~1\AVGFRE~1\avgupsvc.exe
E:\PROGRA~1\AVGFRE~1\avgemc.exe
C:\windows\system32\AvidSDMService.exe
E:\Program Files\security suite\ewidoctrl.exe
C:\windows\system32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\wuauclt.exe
C:\Documents and Settings\ADMIN.COOLMOED-0SWUGL\Desktop\spyware\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mytelus.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [ipTray.exe] "C:\Program Files\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [XFILTER] "C:\Program Files\Filseclab\xfilter\xfilter.exe" -a
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Microsoft Windows Session Manager Subsystem] C:\windows\smss.exe
O4 - HKLM\..\Run: [Microsoft Windows Logon Process] C:\windows\winlogon.exe
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\AVGFRE~1\avgcc.exe /STARTUP
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\Office\Office10\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121228196608
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - E:\PROGRA~1\AVGFRE~1\avgemc.exe
O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\windows\system32\AvidSDMService.exe
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\windows\system32\AvidStartup.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - E:\Program Files\Norton\navapsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
 
Joined
Sep 7, 2004
Messages
49,014
Fix these with HJT – mark them, close IE, click fix checked

O4 - HKLM\..\Run: [Microsoft Windows Session Manager Subsystem] C:\windows\smss.exe

O4 - HKLM\..\Run: [Microsoft Windows Logon Process] C:\windows\winlogon.exe

DownLoad http://www.downloads.subratam.org/KillBox.zip

Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

C:\windows\smss.exe
C:\windows\winlogon.exe

Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

START – RUN – type in %temp% OK - Edit – Select all – File – Delete

Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

Empty the recycle bin
Boot and post a new log from normal NOT safe mode

Please give feedback on what worked/didn’t work and the current status of your system
 

ih8spyware22

Thread Starter
Joined
Nov 21, 2005
Messages
12
ok i did what you said. deleted those 2 files from HJT.
but when i restarted in safe mode
and tried to remove the files
C:\windows\smss.exe
C:\windows\winlogon.exe
it coudlnt find them, and i tried looking for them myself and couldnt find them

i opened run and typed in %temp% and was able to delete 4 of the files but
~DF7BF4.tmp
~DF569E.tmp
~DF803D.tmi
coudlnt be deleted...
and there was nothing in C:\Windows\Temp
so i emptied the recylce bin and restarted



here is my new log




Logfile of HijackThis v1.99.1
Scan saved at 1:40:12 PM, on 1/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\Filseclab\xfilter\xfilter.exe
C:\windows\SOUNDMAN.EXE
C:\windows\ALCWZRD.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
E:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
E:\PROGRA~1\AVGFRE~1\avgcc.exe
E:\PROGRA~1\AVGFRE~1\avgamsvr.exe
E:\PROGRA~1\AVGFRE~1\avgupsvc.exe
E:\PROGRA~1\AVGFRE~1\avgemc.exe
C:\windows\system32\AvidSDMService.exe
E:\Program Files\security suite\ewidoctrl.exe
C:\windows\system32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\Program Files\Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ADMIN.COOLMOED-0SWUGL\Desktop\spyware\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mytelus.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [ipTray.exe] "C:\Program Files\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [XFILTER] "C:\Program Files\Filseclab\xfilter\xfilter.exe" -a
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\AVGFRE~1\avgcc.exe /STARTUP
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\Office\Office10\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121228196608
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - E:\PROGRA~1\AVGFRE~1\avgemc.exe
O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\windows\system32\AvidSDMService.exe
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\windows\system32\AvidStartup.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - E:\Program Files\Norton\navapsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
 

ih8spyware22

Thread Starter
Joined
Nov 21, 2005
Messages
12
here are the results of the scan



-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, January 07, 2006 17:50:22
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 7/01/2006
Kaspersky Anti-Virus database records: 159428
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 61769
Number of viruses found: 2
Number of infected objects: 3
Number of suspicious objects: 1
Duration of the scan process: 4021 sec

Infected Object Name - Virus Name
C:\System Volume Information\_restore{75EF8429-FAC4-42D3-9856-A51E6ED77145}\RP155\A0036879.exe Suspicious: Trojan-Spy.Win32.Sters.f
C:\System Volume Information\_restore{75EF8429-FAC4-42D3-9856-A51E6ED77145}\RP156\A0036895.exe Infected: Trojan-Downloader.Win32.Small.cbf
C:\System Volume Information\_restore{75EF8429-FAC4-42D3-9856-A51E6ED77145}\RP170\A0037331.exe Infected: Trojan-Downloader.Win32.Small.cbf
C:\System Volume Information\_restore{75EF8429-FAC4-42D3-9856-A51E6ED77145}\RP170\A0037337.exe Infected: Trojan-Downloader.Win32.Small.cbf

Scan process completed.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top