Tech Support banner

Status
Not open for further replies.
1 - 6 of 6 Posts

·
Registered
Joined
·
89 Posts
Discussion Starter #1
Please can i have a check on my log

Logfile of HijackThis v1.99.1
Scan saved at 11:38:07, on 10/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Neuston Media Centre\app\Neuston-server.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\SRVLOAD.EXE
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\spnpinst.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\WebProxy.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
E:\Back up programes\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [UpgConfVer] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\UpgConf.exe" /v:9.02.01
O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Azureus.lnk = C:\Program Files\Azureus\Azureus.exe
O4 - Global Startup: Neuston Media Centre.lnk = C:\Program Files\Neuston Media Centre\app\Neuston-server.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to WebSite-Watcher - E:\Back up programes\website-watcher.4.01.read.nfo.loader-tsrh\.EXE+Loader\wswie.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{5ED4533E-B058-4018-9D33-931E3A038BF3}: NameServer = 62.241.163.200 158.43.240.4
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
 

·
Registered
Joined
·
6,574 Posts
Do u have any specific problems?

Please download Trend Micro™ Anti-Spyware for the Web Utility (by clicking the "Scan and Clean your PC" button).
  • Save it to your desktop.
  • Double-click the new icon on your desktop (tmas-web-scan.exe)
  • It will say "Loading TrendMicro definitions".
  • Once the definitions are loaded, the program will appear to close then re-open.
  • Click "Start Scan"
  • After it's done scanning, click "Scan Results"
  • Make sure all items found have a check next to them, then click "Clean Threats Now".
  • Click Exit.
Reboot your computer. In place of the TrendMicro icon will be a text file called "Antispyware.log", please double-click that log and copy the entire contents and paste them in your next post.

Perform an online scan in Internet Explorer with Panda ActiveScan

  1. Click on the Scan your PC button & a 'pop up' window shall appear. * ensure that your pop up blocker doesn't block it
  2. Click On 'Scan Now'
  3. Enter your e-mail address & click 'Scan Now' ...begins downloading Panda's ActiveX controls.- 8MB
  4. Begin the scan by selecting My Computer
    * You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
  5. If it finds any malware, it will offer you a report. Click on see report
  6. Then click Save report
  7. Post the contents of the report in your next reply
* Turn off the real time scanner of any existing antivirus program while performing the online scan
 

·
Registered
Joined
·
89 Posts
Discussion Starter #3
Done

Ive been eperiancing the blue screen of death every now and then (once twice a week). I also get an error every couple of days where microsoft closes webproxy.exe

Ive run both but i only got a report from the anti spy ware not panda even though i ran i twice
 

·
Registered
Joined
·
6,574 Posts
May we see the TMAS Antispyware.log?

If Panda is playing up, you can use an alternative online scanners. Kaspersky, Trend Micro - which ever you prefer, but I do need to see a Virus Log. If you cant get one, I (or another analyst) will issue tools in order to obtain one. (Ewido or Mwav)
 

·
Registered
Joined
·
89 Posts
Discussion Starter #5
Results as required

ok im sorted here are my logs.


Started Scanning
Internet Cookies
Found 'atdmt.com' in 'Internet Explorer Cache'
Found 'dist.belnk.com' in 'Internet Explorer Cache'
Found 'belnk.com' in 'Internet Explorer Cache'
Found 'ad.yieldmanager.com' in 'Internet Explorer Cache'
Programs in Memory
Windows Registry
Found '' in 'SOFTWARE\Magnet'
Found '' in 'SOFTWARE\Magnet\Handlers\Kazaa'
Found '' in 'SOFTWARE\Magnet\Handlers\Kazaa\Type'
Found 'DdeApplication' in 'SOFTWARE\Magnet\Handlers\Kazaa'
Found 'DdeTopic' in 'SOFTWARE\Magnet\Handlers\Kazaa'
Found 'Description' in 'SOFTWARE\Magnet\Handlers\Kazaa'
Found 'kt' in 'SOFTWARE\Magnet\Handlers\Kazaa'
Found 'http' in 'SOFTWARE\Magnet\Handlers\Kazaa\Type'
Found 'urn:kzhash' in 'SOFTWARE\Magnet\Handlers\Kazaa\Type'
Found 'urn:topsearch' in 'SOFTWARE\Magnet\Handlers\Kazaa\Type'
Internet URL Shortcuts
Files and Directories
Found 'np.tmp' in 'C:\Documents and Settings\Administrator\Application Data\Kazaa Lite\db'
Found 'backup-20050519-163901-724.dll' in 'E:\Back up programes\hijackthis\backups'
Finished Scanning
Started Backup
Finished Backup
Started Cleaning
Checking for 'C:\Documents and Settings\Administrator\Application Data\Kazaa Lite\db\np.tmp' in shortcut areas.
Checking for 'C:\Documents and Settings\Administrator\Application Data\Kazaa Lite\db\np.tmp' in startup areas.
Cleaning 'C:\Documents and Settings\Administrator\Application Data\Kazaa Lite\db\np.tmp'
Checking for 'E:\Back up programes\hijackthis\backups\backup-20050519-163901-724.dll' in shortcut areas.
Checking for 'E:\Back up programes\hijackthis\backups\backup-20050519-163901-724.dll' in startup areas.
Cleaning 'E:\Back up programes\hijackthis\backups\backup-20050519-163901-724.dll'
Finished Cleaning



-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, September 13, 2005 19:46:08
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 13/09/2005
Kaspersky Anti-Virus database records: 140155
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\

Scan Statistics:
Total number of scanned objects: 52323
Number of viruses found: 12
Number of infected objects: 60
Number of suspicious objects: 0
Duration of the scan process: 6909 sec

Infected Object Name - Virus Name
C:\System Volume Information\_restore{B9D9397F-08FB-451A-81A3-BE48006B8BF5}\RP34\A0009828.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.kc
C:\System Volume Information\_restore{B9D9397F-08FB-451A-81A3-BE48006B8BF5}\RP34\A0009828.exe/data0005 Infected: Trojan-Downloader.Win32.IstBar.kc
C:\System Volume Information\_restore{B9D9397F-08FB-451A-81A3-BE48006B8BF5}\RP34\A0009828.exe Infected: Trojan-Downloader.Win32.IstBar.kc
C:\System Volume Information\_restore{B9D9397F-08FB-451A-81A3-BE48006B8BF5}\RP34\A0009842.exe Infected: HackTool.Win32.Fumn
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP132\A0045439.exe Infected: Backdoor.Win32.Lithium.b
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP132\A0045441.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP132\A0045446.exe Infected: Trojan-Dropper.Win32.Small.j
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP132\A0045460.exe Infected: Trojan-Dropper.Win32.Small.j
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP132\A0045461.exe Infected: Trojan-Dropper.Win32.Small.j
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP132\A0045462.exe Infected: Trojan-Dropper.Win32.Small.j
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046128.exe Infected: Backdoor.Win32.Lithium.b
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046129.exe Infected: Backdoor.Win32.Lithium.b
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046138.exe Infected: Backdoor.Win32.Lithium.b
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046139.exe Infected: Backdoor.Win32.Lithium.b
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046140.exe Infected: Backdoor.Win32.Lithium.b
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046145.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046146.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046150.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046151.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046153.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046154.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046155.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP137\A0046156.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{B9D9397F-08FB-451A-81A3-BE48006B8BF5}\RP70\A0024663.exe Infected: Backdoor.Win32.Lithium.b
D:\System Volume Information\_restore{B9D9397F-08FB-451A-81A3-BE48006B8BF5}\RP70\A0024664.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{B9D9397F-08FB-451A-81A3-BE48006B8BF5}\RP70\A0024665.exe Infected: Backdoor.Win32.Lithium.b
D:\System Volume Information\_restore{B9D9397F-08FB-451A-81A3-BE48006B8BF5}\RP70\A0024666.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{B9D9397F-08FB-451A-81A3-BE48006B8BF5}\RP70\A0024670.dll Infected: Backdoor.Win32.Lithium.102
D:\System Volume Information\_restore{B9D9397F-08FB-451A-81A3-BE48006B8BF5}\RP70\A0024671.dll Infected: Backdoor.Win32.Lithium.102
E:\Back up programes\dope-1.5.9d.exe/stream/data0006/data0003 Infected: Trojan-Clicker.Win32.VB.dn
E:\Back up programes\dope-1.5.9d.exe/stream/data0006/data0004 Infected: Trojan.Win32.VB.sy
E:\Back up programes\dope-1.5.9d.exe/stream/data0006 Infected: Trojan.Win32.VB.sy
E:\Back up programes\dope-1.5.9d.exe/stream/data0007 Infected: Trojan.Win32.VB.qv
E:\Back up programes\dope-1.5.9d.exe/stream Infected: Trojan.Win32.VB.qv
E:\Back up programes\dope-1.5.9d.exe Infected: Trojan.Win32.VB.qv
E:\Back up programes\turbo-torrent-1.0.7.doc/stream/data0005/data0002 Infected: Trojan.Win32.VB.wh
E:\Back up programes\turbo-torrent-1.0.7.doc/stream/data0005/data0004 Infected: Trojan.Win32.VB.wh
E:\Back up programes\turbo-torrent-1.0.7.doc/stream/data0005 Infected: Trojan.Win32.VB.wh
E:\Back up programes\turbo-torrent-1.0.7.doc/stream/data0006 Infected: Trojan.Win32.VB.aci
E:\Back up programes\turbo-torrent-1.0.7.doc/stream Infected: Trojan.Win32.VB.aci
E:\Back up programes\turbo-torrent-1.0.7.doc Infected: Trojan.Win32.VB.aci
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028641.exe/stream/data0006/data0003 Infected: Trojan-Clicker.Win32.VB.dn
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028641.exe/stream/data0006/data0004 Infected: Trojan.Win32.VB.sy
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028641.exe/stream/data0006/data0005 Infected: Trojan-Downloader.Win32.Lookme.g
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028641.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Lookme.g
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028641.exe/stream/data0007 Infected: Trojan.Win32.VB.qv
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028641.exe/stream Infected: Trojan.Win32.VB.qv
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028641.exe Infected: Trojan.Win32.VB.qv
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028642.exe/stream/data0006/data0002 Infected: Trojan-Clicker.Win32.VB.gc
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028642.exe/stream/data0006/data0004 Infected: Trojan-Clicker.Win32.VB.dn
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028642.exe/stream/data0006/data0005 Infected: Trojan-Clicker.Win32.VB.dn
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028642.exe/stream/data0006 Infected: Trojan-Clicker.Win32.VB.dn
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028642.exe/stream Infected: Trojan-Clicker.Win32.VB.dn
E:\System Volume Information\_restore{1918C743-BC33-4809-A197-141A834CCD3A}\RP41\A0028642.exe Infected: Trojan-Clicker.Win32.VB.dn
E:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP153\A0058258.exe/stream/data0005/data0002 Infected: Trojan.Win32.VB.wh
E:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP153\A0058258.exe/stream/data0005/data0004 Infected: Trojan.Win32.VB.wh
E:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP153\A0058258.exe/stream/data0005 Infected: Trojan.Win32.VB.wh
E:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP153\A0058258.exe/stream/data0006 Infected: Trojan.Win32.VB.aci
E:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP153\A0058258.exe/stream Infected: Trojan.Win32.VB.aci
E:\System Volume Information\_restore{79C7E433-69F6-4E68-83E8-4D44CB565301}\RP153\A0058258.exe Infected: Trojan.Win32.VB.aci

Scan process completed.
 

·
Registered
Joined
·
6,574 Posts
Both these programs seem infected:

E:\Back up programes\dope-1.5.9d.exe Infected: Trojan.Win32.VB.qv
E:\Back up programes\turbo-torrent-1.0.7.doc


i have no idea what dope-1.5.9d.exe is, but there are alternative, clean, torrent clients.

Consider deleting:

E:\Back up programes\dope-1.5.9d.exe
E:\Back up programes\turbo-torrent-1.0.7.doc


Create a new System Restore point
  • click Start >> Run - type SYSDM.CPL & press Enter
  • select the System Restore Tab
  • tick on the checkbox - "Turn off System Restore on all drives"
  • click Apply
  • then untick the same checkbox & click OK

Reboot your computer.

Re run HJT and the Kaspersky scanner and bring back the results. Kaspersky should now be clean. Can you report on any problems?
 
1 - 6 of 6 Posts
Status
Not open for further replies.
Top