Solved: A Big Huge PROBLEM, Help please.Thanxs

Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.
H

HappyAss

Thread Starter
Joined
Apr 23, 2004
Messages
73
Okay, I scanned my computer with adware, It came up with some spyware etc, but i got rid of them, I scanned my pc with pc cilling it came up with 0 infect files etc. i scanned my computer with panda soft it came up with some, aprently they were suppose to be deleated, well okay, nothing still worked. i scanned my computer with hjt and it didnt come up with anything to bad i guess, but then i scanned with bit defender and well all hell broke loose you myswell say, okay and now it wont let me get rid of any of the files,why someone help im so fusterated

here is my log from bit defender. :( :confused:

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079125.exe
Infected with: GenPack:Trojan.Downloader.Dyfuca.EI

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079125.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079125.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079130.exe
Infected with: Trojan.Downloader.Istbar.JM

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079130.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079130.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079132.exe
Infected with: Trojan.Downloader.Istbar.GI

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079132.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079132.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079137.dll
Infected with: Trojan.Isbar.294

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079137.dll
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0079137.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083257.exe
Infected with: Trojan.Downloader.Istbar.GI

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083257.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083257.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083267.exe
Infected with: Trojan.Downloader.IstBar.JM

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083267.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083302.exe
Infected with: GenPack:Trojan.Downloader.Dyfuca.EI

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083302.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083302.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083318.dll
Infected with: Trojan.Isbar.294

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083318.dll
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP112\A0083318.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP116\A0089415.exe
Infected with: Trojan.Downloader.Small.ASF

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP116\A0089415.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP116\A0089415.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0095432.exe
Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0095432.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0095432.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0097491.exe
Infected with: Trojan.Dropper.Agent.GZ

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0097491.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0097491.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0097492.dll
Infected with: Trojan.Spy.Qukart.S

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0097492.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0097493.dll
Infected with: Trojan.Spy.Qukart.S

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0097493.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100514.exe
Infected with: Trojan.Downloader.Small.AXH

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100514.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100514.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100516.exe
Infected with: Trojan.Dropper.Agent.HG

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100516.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100516.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100523.exe=>(NSIS o)=>zlib_nsis0001
Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100523.exe=>(NSIS o)=>zlib_nsis0001
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100523.exe=>(NSIS o)=>zlib_nsis0001
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100523.exe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100526.exe
Infected with: Worm.Winad.40448.A

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100526.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100526.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100527.dll
Infected with: Trojan.Winad.65024.DLL

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100527.dll
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100527.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100528.exe
Infected with: Trojan.Winad.18035.A

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100528.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100528.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100529.exe
Infected with: Trojan.Downloader.VB.DF

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100529.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100529.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100530.exe
Infected with: Trojan.Dropper.Small.QN

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100530.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100530.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100531.exe
Detected with: Adware.Prevad.A.Dropper

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0100531.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102562.ocx
Infected with: Trojan.Downloader.Agent.MT

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102562.ocx
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102562.ocx
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102563.exe
Infected with: Trojan.Downloader.1959.A

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102563.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102563.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102571.exe
Detected with: Adware.Prevad.A.Dropper

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102571.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102573.exe
Infected with: Worm.Winad.40448.A

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102573.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102573.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102574.dll
Infected with: Trojan.Winad.65024.DLL

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102574.dll
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102574.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102575.exe
Infected with: Trojan.Winad.18035.A

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102575.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102575.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102576.exe
Infected with: Trojan.Downloader.VB.DF

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102576.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102576.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102577.ocx
Infected with: Trojan.Downloader.Agent.MT

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102577.ocx
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102577.ocx
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102579.exe
Infected with: GenPack:Trojan.Downloader.Dyfuca.EI

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102579.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102579.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102580.exe
Infected with: Trojan.Downloader.IstBar.JM

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102580.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102581.exe
Infected with: Trojan.Dropper.Small.QN

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102581.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102581.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102586.exe=>(NSIS o)=>zlib_nsis0001
Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102586.exe=>(NSIS o)=>zlib_nsis0001
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102586.exe=>(NSIS o)=>zlib_nsis0001
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP117\A0102586.exe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000708.exe
Detected with: Adware.Swizzor.ML

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000708.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000708.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000710.exe
Infected with: Trojan.Downloader.Swizzor.CA

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000710.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000710.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000711.exe
Infected with: Trojan.Downloader.Swizzor.CB

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000711.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000711.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000713.exe
Infected with: Trojan.Downloader.Swizzor.BO

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000713.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000753.exe
Infected with: Trojan.Lopad.C

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000753.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP38\A0000753.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002151.exe
Infected with: Backdoor.Radmin.J

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002151.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002151.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002153.exe
Infected with: Backdoor.RBot.71600C9C

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002153.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002155.exe
Infected with: Trojan.Dropper.Agent.GZ

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002155.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002155.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002156.exe
Infected with: Trojan.Downloader.Small.AFQ

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002156.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002157.exe
Infected with: Backdoor.RBot.CFF67EB2

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002157.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002159.exe
Infected with: Trojan.Dropper.Agent.GZ

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002159.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002159.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002160.exe
Infected with: Backdoor.RBot.71600C9C

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002160.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002161.exe
Infected with: Trojan.Downloader.Small.AOQ

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002161.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002162.exe
Infected with: Backdoor.RBot.BC80212A

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP55\A0002162.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP81\A0046040.exe
Infected with: Trojan.Pakes.AG

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP81\A0046040.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP81\A0046040.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP81\A0046041.dll
Infected with: Trojan.Pakes.AH

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP81\A0046041.dll
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP81\A0046041.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046057.dll
Infected with: Trojan.Pakes.AC

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046057.dll
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046057.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046058.dll
Infected with: Trojan.Pakes.AF

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046058.dll
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046058.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046060.exe
Infected with: Trojan.Pakes.AL

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046060.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046060.exe
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046061.dll
Infected with: Trojan.Pakes.AE

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046061.dll
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046061.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046062.dll
Infected with: Trojan.Pakes.AD

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046062.dll
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046062.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046115.dll
Infected with: Trojan.Downloader.Small.AMG

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046115.dll
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046115.dll
Deleted

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046116.exe
Infected with: Trojan.Dropper.Agent.HH

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046116.exe
Disinfection failed

C:\System Volume Information\_restore{4CC1889C-FEBC-49D9-8B39-1B257B6909FD}\RP82\A0046116.exe
Deleted

C:\WINDOWS\system32\.pif
Infected with: Backdoor.BotGet.FtpB.Gen

C:\WINDOWS\system32\.pif
Deleted

C:\WINDOWS\system32\pro.exe
Infected with: Trojan.Statblasterad.C

C:\WINDOWS\system32\pro.exe
Disinfection failed

C:\WINDOWS\system32\pro.exe
Deleted
 
K

khazars

Joined
Feb 15, 2004
Messages
12,302
hi, welcome to TSG.

Download hijack this from the link below.Please do this. Click here:

http://www.thespykiller.co.uk/files/hijackthis_sfx.exe

to download HijackThis. Click scan and save a logfile, then post it here so
we can take a look at it for you. Don't click fix on anything in hijack this
as most of the files are legitimate.

don't worry, they're in system restore so they aint going anywhere!




you should now turn off system restore to flush out the bad restore points and
then re-enable it and make a new clean restore point.


How to turn off system restore

http://service1.symantec.com/SUPPOR...2001111912274039?OpenDocument&src=sec_doc_nam


http://support.microsoft.com/default.aspx?scid=kb;[LN];310405
 
H

HappyAss

Thread Starter
Joined
Apr 23, 2004
Messages
73
Logfile of HijackThis v1.99.1
Scan saved at 1:10:25 PM, on 7/16/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\My Documents\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gatewaybiz.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gatewaybiz.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway\Gateway Ink Monitor\GWInkMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\adwarealert.Exe -boot
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - Global Startup: palstart.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c9.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O21 - SSODL: DIGCFFBG - {6381290F-4EB7-0EB2-4018-0B54310678AB} - C:\WINDOWS\System32\Jefnpjdj.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
 
K

khazars

Joined
Feb 15, 2004
Messages
12,302
go to add/remove and uninstall SurfSideKick 3, AdwareAlert and Media Gateway, delete their folders from C:\program files.


download ccleaner

http://www.ccleaner.com/


* Install CCleaner
* Launch CCleaner and look in the upper right corner and click on the "Options" button.
* Click "Advanced" and remove the check by "Only delete files in Windows temp folders older than 48 hours".
* Click OK
* Do not run CCleaner yet. You will run it later in safe mode.




Download the pocket killbox

http://www.bleepingcomputer.com/files/killbox.php



have hijack this fix these entries. close all browsers and programmes before
clicking FIX.

O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\adwarealert.Exe -boot
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O21 - SSODL: DIGCFFBG - {6381290F-4EB7-0EB2-4018-0B54310678AB} - C:\WINDOWS\System32\Jefnpjdj.dll (file missing)

Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill.
In the Full Path of File to Delete box, copy and paste each of the following
lines one at a time then click on the button that has the red circle with the
X in the middle after you enter each file. It will ask for confirmation to
delete the file. Click Yes. Continue with that same procedure until you have
copied and pasted all of these in the Paste Full Path of File to Delete box.



Note: It is possible that Killbox will tell you that one or more files do not
exist. If that happens, just continue on with all the files. Be sure you
don't miss any.



C:\WINDOWS\pxwma.dll
C:\Program Files\Media Gateway\MediaGateway.exe
C:\Program Files\SurfSideKick 3\Ssk.exe
C:\Program Files\AdwareAlert\adwarealert.Exe
%windir%\bdoscandel.exe


Exit the Killbox.




* Download the trial version of Ewido Security Suite here


http://www.ewido.net/en/

* Install ewido.
* During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
* Launch ewido
* It will prompt you to update click the OK button and it will go to the main screen
* On the left side of the main screen click update
* Click on Start and let it update.
* DO NOT run a scan yet. You will do that later in safe mode.



* Click here for info on how to boot to safe mode if you don't already know
how.


How to boot to safe mode

http://service1.symantec.com/SUPPOR...2001052409420406?OpenDocument&src=sec_doc_nam


* Now copy these instructions to notepad and save them to your desktop. You
will need them to refer to in safe mode.


* Restart your computer into safe mode now. Perform the following steps in
safe mode:


* Run Ewido:

* Click on scanner
* Click Complete System Scan and the scan will begin.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop



Now run ccleaner.


post another log and the ewido log
 
H

HappyAss

Thread Starter
Joined
Apr 23, 2004
Messages
73
Ok aprently these files do not exist.

C:\WINDOWS\pxwma.dll
C:\Program Files\Media Gateway\MediaGateway.exe
C:\Program Files\SurfSideKick 3\Ssk.exe
C:\Program Files\AdwareAlert\adwarealert.Exe
%windir%\bdoscandel.exe


hjt log:

Logfile of HijackThis v1.99.1
Scan saved at 5:26:09 PM, on 7/16/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Owner\My Documents\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gatewaybiz.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gatewaybiz.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway\Gateway Ink Monitor\GWInkMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - Global Startup: palstart.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c9.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS

ewido log :

ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 5:20:34 PM, 7/16/2005
+ Report-Checksum: 1542EBC9

+ Scan result:

HKLM\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\res -> Spyware.WebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\motoin -> Spyware.Delfin : Cleaned with backup
C:\CABS\Internet\AOL\comps\coach\aolcinst.exe/.\Data\player\aolnysev.exe -> Heuristic.Win32.Hijacker1 : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.252:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\zr7u8iks.slt\cookies.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[2].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@linksynergy[1].txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@overture[2].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@servedby.advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@statse.webtrendslive[1].txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@trafficmp[2].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@www.sidefind[2].txt -> Spyware.Cookie.Sidefind : Cleaned with backup
 
K

khazars

Joined
Feb 15, 2004
Messages
12,302
clean log.



you should now turn off system restore to flush out the bad restore points and
then re-enable it and make a new clean restore point.


How to turn off system restore

http://service1.symantec.com/SUPPOR...2001111912274039?OpenDocument&src=sec_doc_nam


http://support.microsoft.com/default.aspx?scid=kb;[LN];310405



here's some free tools to keep you from getting infected in the future.


to stop reinfection get these two tools, spywareguard and spywareblaster
from

www.javacoolsoftware.com


get the hosts file from here.

put it into :


Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC
Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC
Win 98\ME = C:\WINDOWS

http://www.mvps.org/winhelp2002/hosts.htm


ie-spyad.Puts over 5000 sites in your restricted zone so you'll be protected

when you visit innocent-looking sites that aren't actually innocent at all.

https://netfiles.uiuc.edu/ehowes/www/resource.htm



http://www.winpatrol.com/winpatrol.html


prevX: it stops spyware

http://www.prevx.com/prevxhome.asp


Use spybot's immunize button and use spywareblaster' enable
protection once you update it. you can put spybot's hosts file into
your own and lock it. Plus you can also turn on spybot's tea timer
for added protection against pests.

I would also suggest switching to Mozilla's firefox browser, it's safer, has a built in pop up blocker, blocks cookies and adds.

http://www.mozilla.org/


Read here to see how to tighten your security:

http://forums.techguy.org/t208517.html


A good overall guide for firewalls, anti-virus, and anti-trojans as well as
regular spyware cleaners.

http://www.firewallguide.com/anti-trojan.htm



you can mark your own thread solved through thread tools at the top of
the page.
 
H

HappyAss

Thread Starter
Joined
Apr 23, 2004
Messages
73
Thanks for your help and patients, the computer works alot better now, you guys are awsome.
 
Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Total: 308 (members: 11, guests: 297)
Top