Thread: My Malware
View Single Post
Old 08-09-2007, 09:41 PM   #2 (permalink)
abthere2
Registered User
 
Join Date: Aug 2007
Posts: 13
OS: xp


Re: My Malware
Forgot to include this report from activescan. thanks!



Incident Status Location

Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\ftocwdxy.dll
Adware:Adware/Zenosearch Not disinfected c:\windows\system32\nwinqmdt.exe
Virus:Trj/Spamta.ABL Disinfected Operating system
Adware:Adware/Zenosearch Not disinfected c:\windows\system32\lpdsrngm.exe
Virus:Trj/Downloader.PJT Disinfected Operating system
Virus:Trj/Downloader.PCQ Disinfected Operating system
Virus:Generic Malware Disinfected Operating system
Virus:Trj/Downloader.MDW Disinfected Operating system
Adware:Adware/TTC Not disinfected C:\Program Files\Common Files\hoketoz5555.dll
Virus:Generic Malware Disinfected Operating system
Adware:Adware/DigInk Not disinfected C:\WINDOWS\g4356cbvy63.exe
Virus:Trj/Passtealer.ED Disinfected Operating system
Adware:adware/commad Not disinfected c:\windows\system32\atmtd.dll
Adware:adware/sqwire Not disinfected Windows Registry
Potentially unwanted tool:application/mywebsearch Not disinfected hkey_classes_root\clsid\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Adware:adware/statblaster Not disinfected Windows Registry
Adware:Adware/Yazzle Not disinfected C:\1BF.tmp[¦++\Yazzle1552OinAdmin.exe]
Virus:Trj/Downloader.MDW Not disinfected C:\1C1.tmp[BndDrive.dll]
Virus:Trj/Downloader.PNC Disinfected C:\1C4.tmp
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Guest\Cookies\guest@fastclick[1].txt
Adware:Adware/DigInk Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun1.exe[g4356cbvy63.exe]
Adware:Adware/DigInk Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun1.exe[uni_eh44.exe]
Adware:Adware/DigInk Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun1.exe[uninst1014.exe]
Adware:Adware/NSISMedia Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun1.exe[²îÇ\NSIS.Library.RegTool.v2.²áÇ.exe]
Adware:Adware/Zenosearch Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun2.exe
Possible Virus. Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun8.exe
Adware:Adware/DigInk Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun1.exe[g4356cbvy63.exe]
Adware:Adware/DigInk Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun1.exe[uni_eh44.exe]
Adware:Adware/DigInk Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun1.exe[uninst1014.exe]
Adware:Adware/NSISMedia Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun1.exe[²îÇ\NSIS.Library.RegTool.v2.²áÇ.exe]
Possible Virus. Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun17.exe
Adware:Adware/DigInk Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun2.exe[g4356cbvy63.exe]
Adware:Adware/DigInk Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun2.exe[uni_eh44.exe]
Adware:Adware/DigInk Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun2.exe[uninst1014.exe]
Adware:Adware/NSISMedia Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun2.exe[²îÇ\NSIS.Library.RegTool.v2.²áÇ.exe]
Adware:Adware/Zenosearch Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun3.exe
Adware:Adware/Zenosearch Not disinfected C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun4.exe
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@ad.yieldmanager[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@adrevolver[1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@ads.pointroll[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@advertising[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@atdmt[2].txt
Spyware:Cookie/nCase Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@banners.searchingbooth[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@bravenet[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@burstnet[2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@c5.zedo[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@casalemedia[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@com[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@counter1.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@counter13.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@counter3.sextracker[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@doubleclick[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@drivecleaner[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@fastclick[2].txt
Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@hotlog[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@overture[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@searchportal.information[1].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@server.iad.liveperson[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@sextracker[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@stats.drivecleaner[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@tribalfusion[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@www.drivecleaner[2].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@www.myaffiliateprogram[1].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@yadro[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Thomas Barrie\Cookies\thomas_barrie@zedo[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temp\Cookies\thomas barrie@adrevolver[3].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temp\Cookies\thomas barrie@cgi-bin[1].txt
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temp\Morpheus532_b1062.exe[mymorpheusToolbar.exe]
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temp\Morpheus54_b1088.exe[mymorpheusToolbar.exe]
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temporary Internet Files\Content.IE5\34RG04VQ\nauj_20070726[1]
Virus:Trj/Downloader.PCQ Disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temporary Internet Files\Content.IE5\3P0NINLO\adfcook[1]
Hacktool:Exploit/MS06-006 Not disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temporary Internet Files\Content.IE5\3P0NINLO\movie[1].qtl
Adware:Adware/CWS Not disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temporary Internet Files\Content.IE5\8ABPL67P\83122[1].exe
Adware:Adware/TTC Not disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temporary Internet Files\Content.IE5\8ABPL67P\tk58[1].exe
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temporary Internet Files\Content.IE5\8ABPL67P\_affvm[1]
Virus:Trj/Downloader.PJT Disinfected C:\Documents and Settings\Thomas Barrie\Local Settings\Temporary Internet Files\Content.IE5\IOK6LPNC\kcehc_eicooc20070702[1]
Adware:Adware/Yazzle Not disinfected C:\Program Files\Common Files\Yazzle1552OinAdmin.exe
Adware:Adware/Yazzle Not disinfected C:\Program Files\Common Files\Yazzle1552OinUninstaller.exe
Virus:Generic Malware Disinfected C:\Program Files\ComPlus Applications\lavunabiq.dll
Virus:Generic Malware Disinfected C:\Program Files\Internet Explorer\lavunabiq356.dll
Virus:Generic Malware Disinfected C:\Program Files\Internet Explorer\lavunabiq460.dll
Virus:Generic Malware Disinfected C:\Program Files\Internet Explorer\lavunabiq509.dll
Virus:Generic Malware Disinfected C:\Program Files\Internet Explorer\lavunabiq828.dll
Virus:Generic Malware Disinfected C:\Program Files\Internet Explorer\lavunabiq978.dll
Virus:Generic Malware Disinfected C:\Program Files\Internet Explorer\lavunabiq993.dll
Virus:Trj/Downloader.MDW Disinfected C:\Program Files\ISM\BndDrive.dll
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\Morpheus\morpheustoolbar.exe
Adware:Adware/OuterInfo Not disinfected C:\Program Files\Outerinfo\OinUninstall.exe
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\RECYCLER\S-1-5-21-359194424-2608733597-1854331037-1005\Dc182.exe
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\RECYCLER\S-1-5-21-359194424-2608733597-1854331037-1005\Dc183.exe
Adware:Adware/Winpopup Not disinfected C:\WINDOWS\b122.exe
Virus:Trj/Downloader.PLQ Disinfected C:\WINDOWS\b138.exe
Adware:Adware/NSISMedia Not disinfected C:\WINDOWS\Setup167.exe[²îÇ\NSIS.Library.RegTool.v2.²áÇ.exe]
Adware:Adware/DollarRevenue Not disinfected C:\WINDOWS\system32\atmtd.dll._
Spyware:Cookie/Humanclick Not disinfected C:\WINDOWS\system32\config\systemprofile\Cookies\system@hc2.humanclick[1].txt
Adware:Adware/DigInk Not disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\534B9DT6\Setup155[1].exe[g4356cbvy63.exe]
Adware:Adware/DigInk Not disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\534B9DT6\Setup155[1].exe[uni_eh44.exe]
Adware:Adware/DigInk Not disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\534B9DT6\Setup155[1].exe[uninst1014.exe]
Adware:Adware/NSISMedia Not disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\534B9DT6\Setup155[1].exe[²îÇ\NSIS.Library.RegTool.v2.²áÇ.exe]
Adware:Adware/CWS Not disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\9GELMECV\83122[1].exe
Virus:Trj/Downloader.PNC Not disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\9GELMECV\bass[1].exe[w71.exe]
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\9GELMECV\bass[1].exe[rr25.exe]
Adware:Adware/Zenosearch Not disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\9GELMECV\bass[1].exe[x55.exe]
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\9GELMECV\is67718[1].exe
Adware:Adware/TTC Not disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\9SNRJ2OD\TTC-5555[1].exe
Virus:Trj/Downloader.PNC Disinfected C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SKXAQRJH\wr-1-361[1].exe
Virus:Generic Malware Disinfected C:\WINDOWS\system32\drivers\core.sys
Adware:Adware/Zenosearch Not disinfected C:\WINDOWS\system32\dwdsrngt.exe
Virus:Generic Malware Disinfected C:\WINDOWS\system32\hblbdnun\hblbdnun1.exe
Virus:Trj/Clicker.WM Disinfected C:\WINDOWS\system32\hblbdnun\hblbdnun2.exe
Adware:Adware/DigInk Not disinfected C:\WINDOWS\system32\Setup155.exe[g4356cbvy63.exe]
Adware:Adware/DigInk Not disinfected C:\WINDOWS\system32\Setup155.exe[uni_eh44.exe]
Adware:Adware/DigInk Not disinfected C:\WINDOWS\system32\Setup155.exe[uninst1014.exe]
Adware:Adware/NSISMedia Not disinfected C:\WINDOWS\system32\Setup155.exe[²îÇ\NSIS.Library.RegTool.v2.²áÇ.exe]
Virus:Trj/Passtealer.ED Disinfected C:\WINDOWS\system32\tuvvusr.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\vknmfgfw.dll
Virus:Trj/Downloader.PNC Disinfected C:\WINDOWS\system32\waverevenue.exe
Virus:Trj/Downloader.PNC Disinfected C:\WINDOWS\system32\win\w71.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\wvuspqr.dll
Adware:Adware/DigInk Not disinfected C:\WINDOWS\Temp\stdrun1.exe[g4356cbvy63.exe]
Adware:Adware/DigInk Not disinfected C:\WINDOWS\Temp\stdrun1.exe[uni_eh44.exe]
Adware:Adware/DigInk Not disinfected C:\WINDOWS\Temp\stdrun1.exe[uninst1014.exe]
Adware:Adware/NSISMedia Not disinfected C:\WINDOWS\Temp\stdrun1.exe[²îÇ\NSIS.Library.RegTool.v2.²áÇ.exe]
Adware:Adware/Zenosearch Not disinfected C:\WINDOWS\Temp\stdrun2.exe
Possible Virus. Not disinfected C:\WINDOWS\Temp\stdrun9.exe
Adware:Adware/TTC Not disinfected C:\WINDOWS\tk58.exe
Adware:Adware/TTC Not disinfected C:\WINDOWS\TTC-5555.exe
Adware:Adware/DigInk Not disinfected C:\WINDOWS\uninst1014.exe
abthere2 is offline