Articles

Acer aspire 3680

Acer aspire 3680
April 1, 2008 at 01:06:26
Specs: XP, Intel celeron M processor

Hi i have alot of viruses on my computor. i dont know anything about computors so i have no idea on how to fix it. if anybody knows anything about these viruses or can tell be what they do to the computor i would be very greatfull. also if you know of anything that can help get rid of them that would be very appreciated!! thank you

worm/generic.AJW
worm.delf.ATB
java/byteVerify
VBS/small.A
trojan horse exploit.downloader
trojan horse small.2.Z
trojan horse downloader/generic4.IPL
trojan horse generic9.AHAI
trojan horse downloader.zlob.UVA
trojan horse generic2.FRK
trojan horse PSW.onlinegames.AHOL
trojan horse PSW.onlinegames.AHOO
trojan horse PSW.onlinegames.X
trojan horse PSW.onlinegames.Z
downloader.swizzor


as you can see there is alot. please help me...


See More: Acer aspire 3680

Report •


#1
April 1, 2008 at 02:08:49

Download the "HijackThis" Installer from this link:

http://www.trendsecure.com/portal/e...


1. Save " HJTInstall.exe" to your desktop.
2. Double click on HJTInstall.exe to run the program.
3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
4. Accept the license agreement by clicking the "I Accept" button.
5.Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
6. Click "Save log" to save the log file and then the log will open in Notepad.
7. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
8. Paste the log in your next reply.
9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

Post Hijackthis Log in your next reply.

*Do Safe Computing*


Report •

#2
April 1, 2008 at 03:58:18

hi thanks for your quick reply. i did the scan and this is the log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:56:48, on 2008-04-01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BearShare\BearShare.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AIM6\aim6.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Gadu-Gadu\gg.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\DOCUME~1\Karolcia\USTAWI~1\Temp\RtkBtMnt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Onet.pl AutoUpdate] "C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexetsr
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Dane aplikacji\Long slow road itch\log bows.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [BOOB JUMP] C:\DOCUME~1\Karolcia\DANEAP~1\TRUSTJ~1\Vga Bias.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Cyber-shot Viewer Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Przypomnij o aukcji - file://C:\Documents and Settings\Karolcia\Pulpit\Aukcjoner.net\reminder.htm
O8 - Extra context menu item: &Upoluj aukcję snajperem - file://C:\Documents and Settings\Karolcia\Pulpit\Aukcjoner.net\sniper.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Sprawdź/&oceń sprzedającego - file://C:\Documents and Settings\Karolcia\Pulpit\Aukcjoner.net\feedback.htm
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/res...
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls...
O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania Onet.pl) - http://slimak.onet.pl/_m/kamerzysta...
O17 - HKLM\System\CCS\Services\Tcpip\..\{849F7776-331D-4CB7-9DAC-204BF4FE1F99}: NameServer = 82.139.8.7,82.139.8.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Usługa licencjonowania programu ABBYY FineReader 9.0 (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 15414 bytes


Report •

#3
April 1, 2008 at 04:34:04

How do you know that above viruses (which you stated above) are present onto your computer?

Please do an online scan with Kaspersky WebScanner.

online scanner: http://www.kaspersky.com/virusscanner


1.Click on "Kaspersky Online Scanner".
2.You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
3.The program will launch and then begin downloading the latest definition files.
4.Once the files have been downloaded click on "NEXT".
5.Now click on "Scan Settings".
6.In the scan settings make that the following are selected:
7.Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)
8.Scan Options:
Scan Archives
Scan Mail Bases
9.Click OK.
10.Under select a target to scan, select "My Computer".
This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
Upon completion, click on the "Save as Text" button.
Save the file to your desktop.

Copy and paste that information in your next reply.

*Do Safe Computing*


Report •

Related Solutions

#4
April 1, 2008 at 05:45:29

i have the free AVG edition and if i look in the virus vault there is about 37 infections it is tellin me they are all the ones i listed above, but some of them are on several times.

Im currently doing the kaspersky onlin scan. it is still on the update progress from the internet. its doing it very slow. so i have to wait.
Assoon as it done i will do the rest that you told me and post the results.
Thanks


Report •

#5
April 1, 2008 at 07:51:52

i did the scan it says 11 viruses and 30 infections. here is the report:


---------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, April 01, 2008 4:48:55 PM
Operating System: Microsoft Windows XP Home Edition, Dodatek Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 1/04/2008
Kaspersky Anti-Virus database records: 675855
---------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 67180
Number of viruses found: 11
Number of infected objects: 30
Number of suspicious objects: 0
Duration of the scan process: 00:56:22

Infected Object Name / Virus Name / Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{C6BF520B-AD82-44BB-ADE0-41C7A2BB9A74}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_74c.dat Object is locked skipped
C:\WINDOWS\Temp\sqlite_J7OVYb4NKX93fgb Object is locked skipped
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_930.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\Documents and Settings\All Users\Dane aplikacji\avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Dane aplikacji\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Dane aplikacji\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Karolcia\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Temp\Perflib_Perfdata_af4.dat Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Temp\~DF4DFD.tmp Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Temp\~DF4E37.tmp Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Temp\~DF6BA3.tmp Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Temp\~DF6BB3.tmp Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Temp\~DF22F6.tmp Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Temp\~DF727A.tmp Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Historia\History.IE5\MSHist012008040120080402\index.dat Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\FF6KMTGW\p_1071699309=0&[4].htm Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\V23Q33JD\p_1071699309=0&[4].htm Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Dane aplikacji\Acer Arcade\Log\Trace20080401.log Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Dane aplikacji\ApplicationHistory\ePresentation.exe.e70224e9.ini.inuse Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Dane aplikacji\ApplicationHistory\Acer.Empowering.Framework.Launcher.exe.7c55249b.ini.inuse Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Dane aplikacji\ApplicationHistory\ePower_DMC.exe.3ca0acde.ini.inuse Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Dane aplikacji\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Karolcia\Ustawienia lokalne\Dane aplikacji\AOL OCP\AIM\Storage\All Users\localStorage\common.cls Object is locked skipped
C:\Documents and Settings\Karolcia\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-7d8e6c39-22dbc5d5.zip/BnnnnBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-7d8e6c39-22dbc5d5.zip/VaannnaaBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-7d8e6c39-22dbc5d5.zip/Bnnnnn.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-7d8e6c39-22dbc5d5.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\index2.dat Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\contactgroup256.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\chat1024.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\user1024.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\chatmsg1024.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\chatmsg512.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\dyncontent\bundle.dat Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\call256.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\callmember256.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\user4096.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\chatmember256.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\profile16384.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\user16384.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\user256.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\chatmsg256.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\chat512.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\transfer256.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\transfer512.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Skype\karolina12061\voicemail256.dbb Object is locked skipped
C:\Documents and Settings\Karolcia\Dane aplikacji\Trust jugs\yhekwklq.exe Object is locked skipped
C:\Documents and Settings\Karolcia\ntuser.dat Object is locked skipped
C:\Documents and Settings\Karolcia\.housecall6.6\Quarantine\asmps.dll.bac_a03916 Infected: not-a-virus:AdWare.Win32.Altnet.t skipped
C:\Documents and Settings\Karolcia\.housecall6.6\Quarantine\asm.exe.bac_a03916 Infected: not-a-virus:AdWare.Win32.Altnet.l skipped
C:\Documents and Settings\Karolcia\.housecall6.6\Quarantine\A0075407.inf.bac_a03916 Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
C:\Documents and Settings\Karolcia\.housecall6.6\Quarantine\A0075434.INF.bac_a03916 Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
C:\Documents and Settings\Karolcia\.housecall6.6\Quarantine\A0075409.inf.bac_a03916 Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
C:\Documents and Settings\Karolcia\.housecall6.6\Quarantine\A0075436.inf.bac_a03916 Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
C:\Documents and Settings\Karolcia\.housecall6.6\Quarantine\A0075423.dll.bac_a03916 Infected: Packed.Win32.PolyCrypt.h skipped
C:\Documents and Settings\Karolcia\.housecall6.6\Quarantine\Setup.exe.bac_a03916 Infected: not-a-virus:AdWare.Win32.Agent.zk skipped
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped
C:\Program Files\BearShare\db\library.db Object is locked skipped
C:\Program Files\BearShare\db\library.2.db Object is locked skipped
C:\Program Files\Altnet\Download Manager\admdloader.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3039 skipped
C:\Program Files\Altnet\Download Manager\admfdi.dll Infected: not-a-virus:AdWare.Win32.Altnet.j skipped
C:\Program Files\Altnet\Download Manager\adm25.dll Infected: not-a-virus:AdWare.Win32.Altnet.a skipped
C:\Program Files\Altnet\Download Manager\adm4005.exe Infected: not-a-virus:AdWare.Win32.Altnet.a skipped
C:\Program Files\Altnet\Download Manager\adm4.dll Infected: not-a-virus:AdWare.Win32.Altnet.a skipped
C:\Program Files\Altnet\Download Manager\admprog.dll Infected: not-a-virus:AdWare.Win32.Altnet.a skipped
C:\Program Files\Altnet\Download Manager\altnetuninstall.exe Infected: not-a-virus:AdWare.Win32.Altnet.g skipped
C:\Program Files\INSTAFINK\instafink.dll Infected: not-a-virus:AdWare.Win32.404Search.l skipped
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP451\A0077597.dll Infected: not-a-virus:AdWare.Win32.Altnet.t skipped
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP451\A0077600.exe Infected: not-a-virus:AdWare.Win32.Altnet.l skipped
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080137.dll Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080138.dll Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080141.inf Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\change.log Object is locked skipped
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080214.exe Object is locked skipped
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080215.exe Object is locked skipped
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080216.exe Object is locked skipped
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080221.exe Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\amvo0.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\amvo1.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
C:\QooBox\Quarantine\C\autorun.inf.vir Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
C:\QooBox\Quarantine\D\autorun.inf.vir Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped
D:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080142.inf Infected: Trojan-PSW.Win32.OnLineGames.uyx skipped

Scan process completed.


Report •

#6
April 1, 2008 at 09:14:51

Now its time to delete infected files and folders from your system.

Delete all files in this folder:

C:\Documents and Settings\Karolcia\Dane aplikacji\Sun\Java\Deployment\cache\javapi\v1.0\jar

you can see here how to delete java cache: http://www.java.com/en/download/hel...

Delete all files in this Quarantine folder:

C:\Documents and Settings\Karolcia\.housecall6.6\Quarantine

Delete following files (not folder):

C:\Program Files\Altnet\Download Manager\admfdi.dll
C:\Program Files\Altnet\Download Manager\adm25.dll
C:\Program Files\Altnet\Download Manager\adm4005.exe
C:\Program Files\Altnet\Download Manager\adm4.dll
C:\Program Files\Altnet\Download Manager\admprog.dll
C:\Program Files\Altnet\Download Manager\altnetuninstall.exe


Delete following files and folder:
C:\Program Files\INSTAFINK
C:\Program Files\INSTAFINK\instafink.dll

Delete this folder:
C:\QooBox

Delete following files:
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP451\A0077597.dll
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP451\A0077600.exe
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080137.dll
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080138.dll
C:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080141.inf
D:\System Volume Information\_restore{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080142.inf


if you fail to delete any above file or folder, then try to delete it into safe mode.

Let me know....

*Do Safe Computing*


Report •

#7
April 1, 2008 at 09:16:08

Your java is out of date and can be exploited.

Download the latest version of java from this link: http://java.sun.com/javase/download...
Click on the JDK 6 Update 5 download button.
Check the box that says: "Accept License Agreement". The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java. Check any item with Java Runtime Environment (JRE or J2SE) in the name. It should have the "coffee cup" icon next to it.
Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed
Then double-click on jdk-6u5-windows-i586-p.exe from your desktop to install the newest version.

*Do Safe Computing*


Report •

#8
April 1, 2008 at 10:18:57

I have deleted the files and folders exactly the way you told me.

I also removed the older version of java and updated it with the newer version you said.

What do i do now?
or is that everything?


Report •

#9
April 1, 2008 at 23:57:54

Thats good! nice work..!

Please download ATF Cleaner by Atribune. (This program is for XP and Windows 2000 only)

Download: http://www.atribune.org/ccount/clic...

Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.

If you use Firefox browser

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.


Download and scan with SUPERAntiSpyware free for home users.

http://www.superantispyware.com/dow...

Double-click SUPERAntiSpyware.exe and use the default settings for installation.
An icon will be created on your desktop. Double-click that icon to launch the program.
If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates".
Under "Configuration and Preferences", click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.
Click the "Close" button to leave the control center screen.
Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
On the left, make sure you check C:\Fixed Drive.
On the right, under "Complete Scan", choose Perform Complete Scan.
Click "Next" to start the scan. Please be patient while it scans your computer.
After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
Make sure everything has a checkmark next to it and click "Next".
A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
If asked if you want to reboot, click "Yes".

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

*Do Safe Computing*


Report •

#10
April 2, 2008 at 03:39:56

I did the scan and here is the log:


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/02/2008 at 12:30 PM

Application Version : 4.0.1154

Core Rules Database Version : 3429
Trace Rules Database Version: 1421

Scan type : Complete Scan
Total Scan Time : 00:41:05

Memory items scanned : 644
Memory threats detected : 1
Registry items scanned : 6078
Registry threats detected : 1
File items scanned : 66842
File threats detected : 3

BearShare File Sharing Client
C:\PROGRAM FILES\BEARSHARE\BEARSHARE.EXE
C:\PROGRAM FILES\BEARSHARE\BEARSHARE.EXE
[BearShare] C:\PROGRAM FILES\BEARSHARE\BEARSHARE.EXE

Adware.Tracking Cookie
C:\Documents and Settings\Karolcia\Cookies\karolcia@2o7[2].txt

Adware.PointsManager-Uninstaller
C:\SYSTEM VOLUME INFORMATION\_RESTORE{4708418C-76D3-4A3F-B261-DDDF0260229B}\RP462\A0080251.EXE


Report •

#11
April 2, 2008 at 03:53:34

Thats fine!! how things are running now??

Now you can do your routine work.!!

*Do Safe Computing*


Report •

#12
April 2, 2008 at 03:57:20

Make your Internet Explorer More Secure:

This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt

Change the Download unsigned ActiveX controls to Disable

Change the Initialize and script ActiveX controls not marked as safe to Disable

Change the Installation of desktop items to Prompt

Change the Launching programs and files in an IFRAME to Prompt

Change the Navigate sub-frames across different domains to Prompt

When all these settings have been made, click on the OK button.

If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.

FEW THINGS TO DO FOR YOUR FURTHER PC PROTECTION.


In order to protect yourself against spyware, you should consider installing and running the following free programs:


How to prevent further spyware/virus infection:
read here:
http://spywaredetail.com/steps.htm
http://spywaredetail.com/tips.htm


Visit Microsoft's Windows Update Site Frequently:
It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Install Ad-Aware 2007:
Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

Install Spybot Search and Destroy:
Install and download Spybot - Search and Destroy with its TeaTimer option.
This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software.

Install SpywareBlaster:
SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.


Install SpywareGuard:
SpywareGuard provides a real-time protection solution against spyware.


Install IE/Spyad:
It places over 5000 malicious websites and domains in your IE's restricted zone.


Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.


NOTE:Please take these recommendations seriously! These few simple steps can stave off the vast majority of spyware problems.

*Do Safe Computing*


Report •

#13
April 2, 2008 at 13:57:12

hi

thank you very much for everything,
did an extra scan and no threats found...

much appreciated!!!!!!


Report •

#14
April 2, 2008 at 21:17:58

Glad to Help you!

*Do Safe Computing*


Report •


Ask Question