1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

How do I get rid of Tesllar A? Is it a Trojan?

Discussion in 'Virus & Other Malware Removal' started by AMD25, Jul 12, 2007.

Thread Status:
Not open for further replies.
  1. AMD25

    AMD25 Thread Starter

    Joined:
    Jul 12, 2007
    Messages:
    1
    I am posting my hijackthis log below. Can anyone help?

    OS: Windows XP

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/12/2007 at 01:13 PM

    Application Version : 3.9.1008

    Core Rules Database Version : 3259
    Trace Rules Database Version: 1270

    Scan type : Quick Scan
    Total Scan Time : 00:20:26

    Memory items scanned : 427
    Memory threats detected : 3
    Registry items scanned : 799
    Registry threats detected : 51
    File items scanned : 14408
    File threats detected : 295

    Adware.webHancer
    C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WEBHDLL.DLL
    C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WEBHDLL.DLL
    SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001
    SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002
    SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000034
    C:\Program Files\WEBHANCER\Programs\sporder.dll
    C:\Program Files\WEBHANCER\Programs\whagent.exe
    C:\Program Files\WEBHANCER\Programs\whiehlpr.dll
    C:\Program Files\WEBHANCER\Programs\whinstaller.exe
    C:\Program Files\WEBHANCER\Programs
    C:\Program Files\WEBHANCER

    Trojan.Update-Mcboo
    C:\PROGRAM FILES\COMMON FILES\{10155A79-0AE5-1033-1222-030429200001}\UPDATE.EXE
    C:\PROGRAM FILES\COMMON FILES\{10155A79-0AE5-1033-1222-030429200001}\UPDATE.EXE

    Trojan.Unknown Origin
    C:\PROGRAM FILES\COMMON FILES\{10155A79-0AE5-1033-1222-030429200001}\SYSTEM.DLL
    C:\PROGRAM FILES\COMMON FILES\{10155A79-0AE5-1033-1222-030429200001}\SYSTEM.DLL
    C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\B129.EXE

    Unclassified.Unknown Origin
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}
    HKCR\CLSID\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}
    HKCR\CLSID\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}
    HKCR\CLSID\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}\InprocServer32
    HKCR\CLSID\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}\InprocServer32#ThreadingModel
    HKCR\CLSID\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}\ProgID
    HKCR\CLSID\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}\Programmable
    HKCR\CLSID\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}\TypeLib
    HKCR\CLSID\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}\VersionIndependentProgID
    C:\PROGRAM FILES\WINBUDGET\BIN\MATRIX.DLL

    Adware.Viewpoint Toolbar
    HKLM\Software\Microsoft\Internet Explorer\Toolbar#{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
    HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
    HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
    HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\InProcServer32
    HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\InProcServer32#ThreadingModel
    HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\ProgID
    HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\Programmable
    HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\TypeLib
    HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\VersionIndependentProgID
    HKCR\ViewBar.ViewBar.1
    HKCR\ViewBar.ViewBar.1\CLSID
    HKCR\ViewBar.ViewBar
    HKCR\ViewBar.ViewBar\CLSID
    HKCR\ViewBar.ViewBar\CurVer
    HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}
    HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}\1.0
    HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}\1.0\0
    HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}\1.0\0\win32
    HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}\1.0\FLAGS
    HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}\1.0\HELPDIR
    C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL

    Adware.Tracking Cookie
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][5].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][3].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][5].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected]ediaplex[1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected]=1_[2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][3].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected]tdmt[2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt

    Adware.Apropos Media
    C:\WINDOWS\system32\auto_update_uninstall.log

    Adware.Sandboxer (MemoryWatcher)
    C:\Program Files\MemoryWatcher\EULA.URL
    C:\Program Files\MemoryWatcher

    Adware.Starware
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindIt.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindItHot.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\findithotxp.png
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\finditxp.png
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\Highlight.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\HighlightHot.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlighthotxp.png
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlightxp.png
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\logo.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\logoxp.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\Reference.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\ReferenceHot.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\referencehotxp.png
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\referencexp.png
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\screensaver.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\Screensavers0.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\Weather.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\weatherhotxp.png
    C:\Documents and Settings\All Users\Application Data\Starware\buttons\weatherxp.png
    C:\Documents and Settings\All Users\Application Data\Starware\buttons
    C:\Documents and Settings\All Users\Application Data\Starware\contexts\error.xml
    C:\Documents and Settings\All Users\Application Data\Starware\contexts\related.xml
    C:\Documents and Settings\All Users\Application Data\Starware\contexts\travel.xml
    C:\Documents and Settings\All Users\Application Data\Starware\contexts
    C:\Documents and Settings\All Users\Application Data\Starware\images\walertXP.bmp
    C:\Documents and Settings\All Users\Application Data\Starware\images
    C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml
    C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml.backup
    C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml
    C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml.backup
    C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml
    C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml.backup
    C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate
    C:\Documents and Settings\All Users\Application Data\Starware

    Adware.Toolbar888
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\888Bar
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\888Bar#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\888Bar#UninstallString

    Adware.ClearSearch
    C:\Program Files\ClearSearch\control.dat
    C:\Program Files\ClearSearch\csie_checks.dat
    C:\Program Files\ClearSearch\csie_dictionaryd.dat
    C:\Program Files\ClearSearch\csie_edomains.dat
    C:\Program Files\ClearSearch\csie_idomainsd.dat
    C:\Program Files\ClearSearch\csie_patterns.dat
    C:\Program Files\ClearSearch\csie_rules.dat
    C:\Program Files\ClearSearch\csie_srchrule.dat
    C:\Program Files\ClearSearch

    Adware.ClickSpring/Yazzle
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#UninstallString
    HKLM\Software\Cowabanga
    C:\Program Files\Cowabanga\Cowabanga.exe
    C:\Program Files\Cowabanga\License.txt
    C:\Program Files\Cowabanga\uninstaller.exe
    C:\Program Files\Cowabanga

    Adware.IPWins
    C:\Program Files\ipwindows\ipwins.dll
    C:\Program Files\ipwindows\ipwins.exe
    C:\Program Files\ipwindows\UnInstall.exe
    C:\Program Files\ipwindows
    C:\RECYCLER\S-1-5-21-2079678237-3579277873-2178953646-1005\DC77\IPWINS.EXE

    Malware.DriveCleaner
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}#SystemComponent
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}#Installer
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}\Contains
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}\Contains\Files
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}\Contains\Files#C:\WINDOWS\Downloaded Program Files\UDC6_0001_D19M1908NetInstaller.exe
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}\Contains\Files#C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UDC6_0001_D19M1908NetInstaller.exe
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}\DownloadInformation
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}\DownloadInformation#CODEBASE
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}\DownloadInformation#INF
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}\InstalledVersion
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6}\InstalledVersion#LastModified
    C:\Program Files\Common Files\DriveCleaner 2006 Free\bak\udcpas.exe
    C:\Program Files\Common Files\DriveCleaner 2006 Free\bak\udcsdr.exe
    C:\Program Files\Common Files\DriveCleaner 2006 Free\bak
    C:\Program Files\Common Files\DriveCleaner 2006 Free
    C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\UDC6_0001_D19M2808\INSTALLER.EXE

    Trojan.Freeprod
    C:\DOCUMENTS AND SETTINGS\USER\DESKTOP\02.EXE

    Trojan.SpySheriff
    C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\1168966630CGXBA.EXE

    Trojan.Downloader-Gen/Installer
    C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\B103.EXE
    C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\B104.EXE
    C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\B136.EXE

    Unclassified.Unknown Origin/System
    C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\B116.EXE

    Adware.WildMedia/WinFetcher
    C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\EFLNQCWKO.EXE

    TargetSaver, Inc. Process
    C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\TSUPDATE_4_0_4_1_B3.EXE
    C:\WINDOWS\SYSTEM32\TSUNINST.EXE

    Trojan.Rootkit-TnCore
    C:\WINDOWS\SYSTEM32\DRIVERS\CORE.SYS

    Trojan.Downloader-Gen/Win
    C:\WINDOWS\SYSTEM32\UNSVCHOSTS.LZMA
     
  2. Frank4d

    Frank4d Retired Trusted Advisor

    Joined:
    Sep 10, 2006
    Messages:
    9,126
    I am surprised it still runs. I have asked Mods to move this to the Security Forum wher you will get help.
     
  3. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Run SAS again since you had so much and then post a hijack log


    Click here to download HJTInstall.exe
    • Save HJTInstall.exe to your desktop.
    • Doubleclick on the HJTInstall.exe icon on your desktop.
    • By default it will install to C:\Program Files\Trend Micro\HijackThis .
    • Click on Install.
    • It will create a HijackThis icon on the desktop.
    • Once installed, it will launch Hijackthis.
    • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and Paste the log in your next reply.
    • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/595076

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice