Tech Support Forum - View Single Post

tristan_m43 · 06-29-2007, 03:24 PM

Here is the bitdefender log. I changed the ActiveX options in IE and I can run the Kaspersky too and post the log in another post.

It looks like I have lots of other bad stuff on my computer.

Thanks for your continued support.
"Statistics
Time
00:50:08
Files
239043
Folders
8426
Boot Sectors
3
Archives
5639
Packed Files
10278
Results
Identified Viruses
25
Infected Files
64
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
0
Engines Info
Virus Definitions
607600
Engine build
AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Report
Second Action
None
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv55.jar-13af7ed2-422418f7.zip=>Counter.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv55.jar-13af7ed2-422418f7.zip=>Dummy.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv55.jar-13af7ed2-422418f7.zip=>Matrix.class
Infected with: Java.Trojan.Downloader.OpenStream.C
C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv55.jar-13af7ed2-422418f7.zip=>Parser.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loadertraff.jar-428149e2-628101e6.zip=>Counter.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loadertraff.jar-428149e2-628101e6.zip=>Dummy.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loadertraff.jar-428149e2-628101e6.zip=>Matrix.class
Infected with: Java.Trojan.Downloader.OpenStream.C
C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loadertraff.jar-428149e2-628101e6.zip=>Parser.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\haley\Local Settings\Temp\ekwgeqfm.exe
Infected with: Trojan.Fotomoto.A
C:\Documents and Settings\haley\Local Settings\Temp\ksrcwwfu.exe
Infected with: Trojan.Fotomoto.A
C:\Documents and Settings\haley\Local Settings\Temp\Outerinfo-1281.exe=>(NSIS o)=>zlib_nsis0005=>(NSIS o)=>zlib_nsis0001
Infected with: Trojan.PurityScan.DL
C:\Documents and Settings\haley\Local Settings\Temp\Outerinfo-1281.exe=>(NSIS o)=>zlib_nsis0005=>(NSIS o)=>zlib_nsis0003
Infected with: Trojan.PurityScan.DL
C:\Documents and Settings\haley\Local Settings\Temp\Outerinfo-1281.exe=>(NSIS o)=>zlib_nsis0008
Infected with: Trojan.PurityScan.DL
C:\Documents and Settings\haley\Local Settings\Temp\pdxakpdb.exe
Infected with: Trojan.Fotomoto.A
C:\Documents and Settings\haley\Local Settings\Temp\pkgycuht.exe
Infected with: Trojan.Clicker.Agent.NP
C:\Documents and Settings\haley\Local Settings\Temp\txxnvito.exe
Infected with: Trojan.Fotomoto.A
C:\Documents and Settings\haley\Local Settings\Temp\umvoryfv.exe
Infected with: Trojan.Fotomoto.A
C:\Documents and Settings\haley\Local Settings\Temp\vorajwdj.exe
Infected with: Trojan.LowZones.SA
C:\Documents and Settings\haley\Local Settings\Temp\wfewpnxa.exe
Infected with: Trojan.Fotomoto.A
C:\Documents and Settings\haley\Local Settings\Temp\wfihlexk.exe
Infected with: Trojan.Fotomoto.A
C:\Documents and Settings\haley\Local Settings\Temp\wigqhrix.exe
Infected with: Trojan.Fotomoto.A
C:\Documents and Settings\haley\Local Settings\Temp\wr-1-2000219.exe
Infected with: Trojan.Downloader.JISG
C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20050311-142313-578.dll
Infected with: Generic.AFCore.31537E6A
C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20050311-143617-315.dll
Infected with: Generic.AFCore.31537E6A
C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20050311-163250-136.dll
Infected with: Generic.AFCore.31537E6A
C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20050311-165213-158.dll
Infected with: Generic.AFCore.31537E6A
C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20070622-113933-101.dll
Infected with: Trojan.Downloader.Adload.NCJ
C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20070622-113933-748.dll
Infected with: Trojan.Agent.AOM
C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20070622-113933-763.dll
Infected with: Trojan.PurityScan.DL
C:\Program Files\ComPlus Applications\hoke83122.dll
Infected with: Trojan.Downloader.Adload.NCJ
C:\QooBox\Quarantine\C\WINDOWS\b122.exe.vir=>(NSIS o)=>lzma_solid_nsis0002
Infected with: Trojan.Popwin.BK
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\myoqonit.exe.vir
Infected with: Trojan.Fotomoto.A
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\vtrqajon.exe.vir
Infected with: Trojan.Fotomoto.A
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1099\A0127928.dll
Infected with: Trojan.PurityScan.DL
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1099\A0127929.dll
Infected with: Trojan.Agent.AOM
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0127945.exe
Infected with: Trojan.Popwin.BK
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0127946.exe
Infected with: Trojan.Popwin.BK
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128004.exe
Infected with: Trojan.Fakealert.BX
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128033.exe
Infected with: Trojan.Downloader.Zlob.BQW
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128036.exe
Infected with: Trojan.Zlob.AVP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128037.exe
Infected with: Trojan.Click.JX
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128038.exe
Infected with: Trojan.Downloader.Agent.AMG
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128040.exe
Infected with: Trojan.Downloader.Agent.YFI
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128041.exe
Infected with: Trojan.Downloader.Agent.YFI
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128043.exe
Infected with: Trojan.Downloader.Zlob.BQW
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128047.exe
Infected with: Trojan.Downloader.JISG
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128048.exe
Infected with: Dropped:Trojan.Downloader.Adload.NCJ
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128049.exe
Infected with: MemScan:Trojan.Zlob.AVP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128143.exe
Infected with: MemScan:Trojan.Agent.AOM
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128146.exe
Infected with: Trojan.PurityScan.DL
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128160.sys
Infected with: Rootkit.Agent.EV
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128166.exe
Infected with: Trojan.PurityScan.DL
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128167.exe
Infected with: Trojan.Popwin.BK
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0129179.exe
Infected with: Trojan.Clicker.Agent.NP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1103\A0129275.exe
Infected with: Trojan.Fotomoto.A
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1104\A0129369.exe
Infected with: Trojan.Fotomoto.A
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1104\A0129370.exe=>(NSIS o)=>lzma_solid_nsis0002
Infected with: Trojan.Popwin.BK
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1104\A0129384.exe
Infected with: Trojan.Fotomoto.A
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1104\A0129388.exe
Infected with: Trojan.Fotomoto.A
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1104\A0129391.exe
Infected with: Trojan.LowZones.SA
C:\WINDOWS\browserxtras\pn\remove.exe=>(NSIS o)=>zlib_nsis0001=>(NSIS o)=>zlib_nsis0002
Infected with: Trojan.Downloader.Keenval.F
C:\WINDOWS\notepad.exe.tmp
Infected with: Trojan.Dropper.Small.HY
C:\WINDOWS\SYSTEM32\IPXMONPR.dll
Infected with: Generic.AFCore.02AB5C57
C:\WINDOWS\winmain.exe
Infected with: Trojan.Downloader.Agent.ZD"

06-29-2007, 03:24 PM	#8 (permalink)
tristan_m43 Registered User Join Date: Jun 2007 Location: KC Posts: 13 OS: xp	Re: cannot remove pmnooli.dll, vundo file Here is the bitdefender log. I changed the ActiveX options in IE and I can run the Kaspersky too and post the log in another post. It looks like I have lots of other bad stuff on my computer. Thanks for your continued support. "Statistics Time 00:50:08 Files 239043 Folders 8426 Boot Sectors 3 Archives 5639 Packed Files 10278 Results Identified Viruses 25 Infected Files 64 Suspect Files 0 Warnings 0 Disinfected 0 Deleted Files 0 Engines Info Virus Definitions 607600 Engine build AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27) Scan plugins 14 Archive plugins 38 Unpack plugins 6 E-mail plugins 6 System plugins 1 Scan Settings First Action Report Second Action None Heuristics Yes Enable Warnings Yes Scanned Extensions ; Exclude Extensions Scan Emails Yes Scan Archives Yes Scan Packed Yes Scan Files Yes Scan Boot Yes Scanned File Status C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv55.jar-13af7ed2-422418f7.zip=>Counter.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv55.jar-13af7ed2-422418f7.zip=>Dummy.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv55.jar-13af7ed2-422418f7.zip=>Matrix.class Infected with: Java.Trojan.Downloader.OpenStream.C C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv55.jar-13af7ed2-422418f7.zip=>Parser.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loadertraff.jar-428149e2-628101e6.zip=>Counter.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loadertraff.jar-428149e2-628101e6.zip=>Dummy.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loadertraff.jar-428149e2-628101e6.zip=>Matrix.class Infected with: Java.Trojan.Downloader.OpenStream.C C:\Documents and Settings\haley\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loadertraff.jar-428149e2-628101e6.zip=>Parser.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\haley\Local Settings\Temp\ekwgeqfm.exe Infected with: Trojan.Fotomoto.A C:\Documents and Settings\haley\Local Settings\Temp\ksrcwwfu.exe Infected with: Trojan.Fotomoto.A C:\Documents and Settings\haley\Local Settings\Temp\Outerinfo-1281.exe=>(NSIS o)=>zlib_nsis0005=>(NSIS o)=>zlib_nsis0001 Infected with: Trojan.PurityScan.DL C:\Documents and Settings\haley\Local Settings\Temp\Outerinfo-1281.exe=>(NSIS o)=>zlib_nsis0005=>(NSIS o)=>zlib_nsis0003 Infected with: Trojan.PurityScan.DL C:\Documents and Settings\haley\Local Settings\Temp\Outerinfo-1281.exe=>(NSIS o)=>zlib_nsis0008 Infected with: Trojan.PurityScan.DL C:\Documents and Settings\haley\Local Settings\Temp\pdxakpdb.exe Infected with: Trojan.Fotomoto.A C:\Documents and Settings\haley\Local Settings\Temp\pkgycuht.exe Infected with: Trojan.Clicker.Agent.NP C:\Documents and Settings\haley\Local Settings\Temp\txxnvito.exe Infected with: Trojan.Fotomoto.A C:\Documents and Settings\haley\Local Settings\Temp\umvoryfv.exe Infected with: Trojan.Fotomoto.A C:\Documents and Settings\haley\Local Settings\Temp\vorajwdj.exe Infected with: Trojan.LowZones.SA C:\Documents and Settings\haley\Local Settings\Temp\wfewpnxa.exe Infected with: Trojan.Fotomoto.A C:\Documents and Settings\haley\Local Settings\Temp\wfihlexk.exe Infected with: Trojan.Fotomoto.A C:\Documents and Settings\haley\Local Settings\Temp\wigqhrix.exe Infected with: Trojan.Fotomoto.A C:\Documents and Settings\haley\Local Settings\Temp\wr-1-2000219.exe Infected with: Trojan.Downloader.JISG C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20050311-142313-578.dll Infected with: Generic.AFCore.31537E6A C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20050311-143617-315.dll Infected with: Generic.AFCore.31537E6A C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20050311-163250-136.dll Infected with: Generic.AFCore.31537E6A C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20050311-165213-158.dll Infected with: Generic.AFCore.31537E6A C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20070622-113933-101.dll Infected with: Trojan.Downloader.Adload.NCJ C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20070622-113933-748.dll Infected with: Trojan.Agent.AOM C:\Documents and Settings\zane\My Documents\temp\hijackthis\backups\backup-20070622-113933-763.dll Infected with: Trojan.PurityScan.DL C:\Program Files\ComPlus Applications\hoke83122.dll Infected with: Trojan.Downloader.Adload.NCJ C:\QooBox\Quarantine\C\WINDOWS\b122.exe.vir=>(NSIS o)=>lzma_solid_nsis0002 Infected with: Trojan.Popwin.BK C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\myoqonit.exe.vir Infected with: Trojan.Fotomoto.A C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\vtrqajon.exe.vir Infected with: Trojan.Fotomoto.A C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1099\A0127928.dll Infected with: Trojan.PurityScan.DL C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1099\A0127929.dll Infected with: Trojan.Agent.AOM C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0127945.exe Infected with: Trojan.Popwin.BK C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0127946.exe Infected with: Trojan.Popwin.BK C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128004.exe Infected with: Trojan.Fakealert.BX C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128033.exe Infected with: Trojan.Downloader.Zlob.BQW C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128036.exe Infected with: Trojan.Zlob.AVP C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128037.exe Infected with: Trojan.Click.JX C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128038.exe Infected with: Trojan.Downloader.Agent.AMG C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128040.exe Infected with: Trojan.Downloader.Agent.YFI C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128041.exe Infected with: Trojan.Downloader.Agent.YFI C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128043.exe Infected with: Trojan.Downloader.Zlob.BQW C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128047.exe Infected with: Trojan.Downloader.JISG C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128048.exe Infected with: Dropped:Trojan.Downloader.Adload.NCJ C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128049.exe Infected with: MemScan:Trojan.Zlob.AVP C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128143.exe Infected with: MemScan:Trojan.Agent.AOM C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128146.exe Infected with: Trojan.PurityScan.DL C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128160.sys Infected with: Rootkit.Agent.EV C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128166.exe Infected with: Trojan.PurityScan.DL C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0128167.exe Infected with: Trojan.Popwin.BK C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1100\A0129179.exe Infected with: Trojan.Clicker.Agent.NP C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1103\A0129275.exe Infected with: Trojan.Fotomoto.A C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1104\A0129369.exe Infected with: Trojan.Fotomoto.A C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1104\A0129370.exe=>(NSIS o)=>lzma_solid_nsis0002 Infected with: Trojan.Popwin.BK C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1104\A0129384.exe Infected with: Trojan.Fotomoto.A C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1104\A0129388.exe Infected with: Trojan.Fotomoto.A C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1104\A0129391.exe Infected with: Trojan.LowZones.SA C:\WINDOWS\browserxtras\pn\remove.exe=>(NSIS o)=>zlib_nsis0001=>(NSIS o)=>zlib_nsis0002 Infected with: Trojan.Downloader.Keenval.F C:\WINDOWS\notepad.exe.tmp Infected with: Trojan.Dropper.Small.HY C:\WINDOWS\SYSTEM32\IPXMONPR.dll Infected with: Generic.AFCore.02AB5C57 C:\WINDOWS\winmain.exe Infected with: Trojan.Downloader.Agent.ZD" Last edited by sUBs; 06-29-2007 at 03:50 PM.*