Tech Support Forum - View Single Post

jasont · 06-17-2009, 02:50 PM

ATF Cleaner run successfully.

Panda ActiveScan completed and log below.

With regard to question on how things are running I have avoided using Laptop whilst you are helping me. Would you rather I use as normal? When I have been using to complete tasks requested by you I didn't receive any errors or AVG warnings last night but encountered one earlier this evening. However, not as frequent as before when it was happening every 5 minutes.

Continuing thanks,
Jase

;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-06-17 21:34:23
PROTECTIONS: 1
MALWARE: 6
SUSPECTS: 2
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG Anti-Virus Free 8.5 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00040538 adware/zango Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}
00040538 adware/zango Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{99410cde-6f16-42ce-9d49-3807f78f0287}
00447834 Adware/Lop Adware No 0 Yes No C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A7535D2.EXE
00447834 Adware/Lop Adware No 0 Yes No C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A6463E4.EXE
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP4\A0000534.SYS
03074964 Trj/CI.A Virus/Trojan No 0 Yes Yes C:\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP5\A0001633.EXE
03074964 Trj/CI.A Virus/Trojan No 0 Yes Yes C:\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP4\A0000375.EXE
03074964 Trj/CI.A Virus/Trojan No 0 Yes Yes C:\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP5\A0001632.EXE
04199562 Generic Trojan Virus/Trojan No 0 Yes Yes C:\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP4\A0000446.EXE
05140035 Adware/WebSearch Adware No 0 Yes No C:\Program Files\Orange\SETUP\Orange_icons.EXE
;===================================================================================================================================================================================
SUSPECTS
Sent Location �K
;===================================================================================================================================================================================
No C:\Documents and Settings\Jason\Local Settings\Temporary Internet Files\Content.IE5\HXW88A5A\╨***vk#
No C:\Documents and Settings\Jason\Local Settings\Temporary Internet Files\Content.IE5\HXW88A5A\╨***vk#
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description �K
;===================================================================================================================================================================================
;===================================================================================================================================================================================

06-17-2009, 02:50 PM	#6 (permalink)
jasont Registered User Join Date: Jun 2009 Posts: 6 OS: xp home edition ver2002 service pack 3	Re: can't get rid of trojan horse downloader ATF Cleaner run successfully. Panda ActiveScan completed and log below. With regard to question on how things are running I have avoided using Laptop whilst you are helping me. Would you rather I use as normal? When I have been using to complete tasks requested by you I didn't receive any errors or AVG warnings last night but encountered one earlier this evening. However, not as frequent as before when it was happening every 5 minutes. Continuing thanks, Jase ;********************************************************************************************************************************************************************************* ANALYSIS: 2009-06-17 21:34:23 PROTECTIONS: 1 MALWARE: 6 SUSPECTS: 2 ;******************************************************************************************************************************************************************************* PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== AVG Anti-Virus Free 8.5 No Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00040538 adware/zango Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} 00040538 adware/zango Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{99410cde-6f16-42ce-9d49-3807f78f0287} 00447834 Adware/Lop Adware No 0 Yes No C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A7535D2.EXE 00447834 Adware/Lop Adware No 0 Yes No C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A6463E4.EXE 02885963 Rootkit/Booto.C Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP4\A0000534.SYS 03074964 Trj/CI.A Virus/Trojan No 0 Yes Yes C:\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP5\A0001633.EXE 03074964 Trj/CI.A Virus/Trojan No 0 Yes Yes C:\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP4\A0000375.EXE 03074964 Trj/CI.A Virus/Trojan No 0 Yes Yes C:\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP5\A0001632.EXE 04199562 Generic Trojan Virus/Trojan No 0 Yes Yes C:\System Volume Information\_restore{9B7BB700-9269-4E60-AD1A-F3FF79A0262A}\RP4\A0000446.EXE 05140035 Adware/WebSearch Adware No 0 Yes No C:\Program Files\Orange\SETUP\Orange_icons.EXE ;=================================================================================================================================================================================== SUSPECTS Sent Location �K ;=================================================================================================================================================================================== No C:\Documents and Settings\Jason\Local Settings\Temporary Internet Files\Content.IE5\HXW88A5A\╨vk# No C:\Documents and Settings\Jason\Local Settings\Temporary Internet Files\Content.IE5\HXW88A5A\╨**vk# ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description �K ;=================================================================================================================================================================================== ;===================================================================================================================================================================================