Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Oh No Please Help Me


  • This topic is locked This topic is locked
9 replies to this topic

#1 misty1985

misty1985

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 07 August 2007 - 06:51 PM

Hi,

Please bare with me while i try to explain all thats happening..................

I Got on my pc this morning, only to find i have this annoying box popping up telling me im infected with spware im telling you what this thing is so damn annoying, its not the pc one, it comes up on taskbar as a yellow triangle, where as this pc one is a red sheild? (running windows xp)

Ok so i run spybot, and it found some stuff which i removed however it wouldnt remove one called DriveCleaner 2006,

So i assume through reading something on here that this is why i have this yellow triangle pop up on taskbar, when i run my mouse over the red sheild it shows as windows sercurity alert, where as the yellow one comes up "your computer is infected" windows has detected spyware infection! then says "click here to download most up to date antispyware for you"

If you click that it trys to take u to a web page where it says about downloading "win antispyware 2007" I DONT THINK SO!!!

So anyway i read on here about having to use hijackthis, however when i run it (following instructions) it doesnt show any of the stuff that was meant to be in there to check and remove,

Ok, so with that part said, also now my computer (since this morning) is saying i am not the administrator, when i try to go into control (which since i cannot find now!!!!) also ctrl alt del, says its been disabled by the administrator (which is me) also things like start > all programs > accessories > system tools > sercurity center says i am not aloud to do it, theres only one thing set on here and thats me i am the adminstrator, however on one re-start it did allow me into control pannel but has <_<since stopped again!!!!

Also (yes i know this is getting long) when i google for help on things like removal, when i click the link it drags me into different search engines instead of bringing me up the page, i have to c & p the address undearneath the thing i need and copy into a new window for it to work,

Also this has turned up on my desktop %systemdrive% which at first it wouldnt allow me to move or delete as it said my computer was using it and so on, since its allowing me to delete, which i darent do incase its something needed,

can anyone help me please? i beg you!!!!

Thanks

Chez! :flowers: :trumpet: :inlove: :huh: :thumbsup: :huh:

BC AdBot (Login to Remove)

 


#2 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:02:32 AM

Posted 07 August 2007 - 07:02 PM

Try This:
  • Please download Rogue Remover Free from Malwarebytes.
  • Please save the file to your normal saved file location or the desktop
  • double click on rr-free-setup to run the installation program
  • accept the license agreement.
  • follow all the steps and click finish to run the program
  • Click the check for updates link
  • click the scan link to start scanning
  • when done, follow the onscreen directions to remove anything that it found.
Let us know your results, please.
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#3 misty1985

misty1985
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 07 August 2007 - 07:05 PM

Thanks for very very quick reply old, will do this now thanks

#4 buddy215

buddy215

  • Moderator
  • 13,262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:32 AM

Posted 07 August 2007 - 07:54 PM

Were you following the instructions found in the link below? Did you run the Vundofix tool? If not, I suggest you do that.
http://www.bleepingcomputer.com/forums/t/71782/how-to-remove-drivecleaner-2006-removal-instructions/
It is also a good idea to run two other scans to remove adware, etc. that Vundo drops on your computer.

Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html


How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 misty1985

misty1985
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 07 August 2007 - 08:48 PM

Hi,

Just a quick update i havent run anything else (its 2:45am here) should be in bed just wanted to leave an update before i download and run everything you two have said about, i looked into a file i have on my pc, its called winavxxp.exe, apparently this is a pest not many people have got it but it locks you out of everything (control panel regedit and stuff) and also that is what the yellow triangle is caused by.

Can anyone tell me about this? i have searched google but only come up with a few things,

will be back in like 4-5 hrs, and start doing everything

Thanks

Chez

#6 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:02:32 AM

Posted 07 August 2007 - 10:18 PM

In order of the posts, Rogue Remover is to try and kill the Drive cleaner so you won't have that little blinking annoying icon and popup. The vundo trojan is what probably brought that into your computer. Superantispyware and Bitdefender do a very nice job of killing Vundo and left over nasties. Please make sure that you run a complete scan with Superantispyware. I would then recommend that you post the hijack this log to make absolutely sure that you are as clean as you can get.
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#7 misty1985

misty1985
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 08 August 2007 - 05:25 AM

Ok this is what the rogue thing found


Malwarebytes' RogueRemover
Malwarebytes 2007 http://www.malwarebytes.org
5336 total fingerprints loaded.

Loading database ...
Expanding environmental variables ...

Scanning files ... [ 100% ].
Scanning folders ... [ 100% ].
Scanning registry keys ... [ 100% ].
Scanning registry values ... [ 100% ].

RogueRemover has detected rogue antispyware components! Results below...

Type: File
Vendor: WinAntiVirus 2006
Location: C:\WINDOWS\system32\drivers\FOPN.sys
Selected for removal: Yes

Type: File
Vendor: WinAntiSpyware 2007
Location: C:\Program Files\Common Files\WinAntiSpyware 2007\uwas7cw.exe
Selected for removal: Yes

Type: File
Vendor: WinAntiSpyware 2007
Location: C:\Program Files\Common Files\WinAntiSpyware 2007\err.log
Selected for removal: Yes

Type: File
Vendor: WinAntiSpyware 2007
Location: C:\Documents and Settings\Chez\Application Data\WinAntiSpyware 2007\Logs\update.log
Selected for removal: Yes

Type: File
Vendor: WinAntiSpyware 2007
Location: C:\Documents and Settings\Chez\Application Data\WinAntiSpyware 2007 Free\DownloadUWAS7.url
Selected for removal: Yes

Type: Folder
Vendor: WinAntiSpyware 2007
Location: C:\Program Files\Common Files\WinAntiSpyware 2007
Selected for removal: Yes

Type: Folder
Vendor: WinAntiSpyware 2007
Location: C:\Documents and Settings\Chez\Application Data\WinAntiSpyware 2007
Selected for removal: Yes

Type: Folder
Vendor: WinAntiSpyware 2007
Location: C:\Documents and Settings\Chez\Application Data\WinAntiSpyware 2007\Logs
Selected for removal: No

Type: Folder
Vendor: WinAntiSpyware 2007
Location: C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007
Selected for removal: Yes

Type: Folder
Vendor: WinAntiSpyware 2007
Location: C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data
Selected for removal: No

Type: Folder
Vendor: WinAntiSpyware 2007
Location: C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\ProductCode
Selected for removal: No

Type: Folder
Vendor: WinAntiSpyware 2007
Location: C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\Abbr
Selected for removal: No

Type: Folder
Vendor: WinAntiSpyware 2007
Location: C:\Documents and Settings\Chez\Application Data\WinAntiSpyware 2007 Free
Selected for removal: Yes

Type: Registry Key
Vendor: WinAntiVirus 2006
Location: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FOPN
Selected for removal: Yes

Type: Registry Key
Vendor: WinAntiVirus 2006
Location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FOPN
Selected for removal: Yes

RogueRemover has found the objects above.

~~~~~~~~~~~~~

I Restarted and so far that yellow triangle has gone along with the message? so i will continue to do the other scans is that ok?

Damn i spoke too soon that damn yellow triangle is back again

#8 misty1985

misty1985
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 08 August 2007 - 05:33 AM

Ok, vundo cam back as it found no infected files......

#9 misty1985

misty1985
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 08 August 2007 - 09:12 AM

Hi again,

Ok so i done all that was said they kept finding that win 2007 and deleting it, a few others too but they're gone, then i moved on to the bit defender this is all what it found, althou one called printer.exe (which apparently comes in with winavxx.exe) it couldnt delete heres the report on it

(bitdefender)


Scanned File
Status

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192144.backup
Infected with: Generic.Qhost.60FEA05A

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192144.backup
Disinfection failed

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192144.backup
Deleted

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192145.backup
Infected with: Generic.Qhost.16934822

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192145.backup
Disinfection failed

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192145.backup
Deleted

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192146.backup
Infected with: Generic.Qhost.8EE16C0F

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192146.backup
Disinfection failed

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192146.backup
Deleted

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192147.backup
Infected with: Generic.Qhost.129E3852

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192147.backup
Disinfection failed

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192147.backup
Deleted

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192148.backup
Infected with: Generic.Qhost.C7557F3F

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192148.backup
Disinfection failed

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192148.backup
Deleted

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192149.backup
Infected with: Generic.Qhost.918D858F

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192149.backup
Disinfection failed

C:\WINDOWS\system32\drivers\etc\hosts.20070807-192149.backup
Deleted

C:\WINDOWS\system32\winavxx.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\WINDOWS\system32\winavxx.exe
Disinfection failed

C:\WINDOWS\system32\winavxx.exe
Deleted

C:\WINDOWS\system32\printer.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\WINDOWS\system32\printer.exe
Disinfection failed

C:\WINDOWS\system32\printer.exe
Delete failed

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe
Disinfection failed

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe
Deleted

C:\Documents and Settings\Chez\Local Settings\Temporary Internet Files\Content.IE5\OL6J49YB\popup[1].htm
Infected with: Trojan.Clicker.CM

C:\Documents and Settings\Chez\Local Settings\Temporary Internet Files\Content.IE5\OL6J49YB\popup[1].htm
Disinfection failed

C:\Documents and Settings\Chez\Local Settings\Temporary Internet Files\Content.IE5\OL6J49YB\popup[1].htm
Deleted

C:\Documents and Settings\Chez\Local Settings\Temporary Internet Files\Content.IE5\KL81K3GR\WinAntiVirusPro2007FreeInstall[1].cab=>UWA7P_0001_N91M0809NetInstaller.exe
Infected with: Trojan.Downloader.Winfixer.O

C:\Documents and Settings\Chez\Local Settings\Temporary Internet Files\Content.IE5\KL81K3GR\WinAntiVirusPro2007FreeInstall[1].cab=>UWA7P_0001_N91M0809NetInstaller.exe
Disinfection failed

C:\Documents and Settings\Chez\Local Settings\Temporary Internet Files\Content.IE5\KL81K3GR\WinAntiVirusPro2007FreeInstall[1].cab=>UWA7P_0001_N91M0809NetInstaller.exe
Deleted

C:\Documents and Settings\Chez\Local Settings\Temporary Internet Files\Content.IE5\KL81K3GR\WinAntiVirusPro2007FreeInstall[1].cab
Update failed

C:\Documents and Settings\Chez\Start Menu\Programs\Startup\system.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\Documents and Settings\Chez\Start Menu\Programs\Startup\system.exe
Disinfection failed

C:\Documents and Settings\Chez\Start Menu\Programs\Startup\system.exe
Deleted

C:\Documents and Settings\Administrator.MISTY.000\Start Menu\Programs\Startup\system.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\Documents and Settings\Administrator.MISTY.000\Start Menu\Programs\Startup\system.exe
Disinfection failed

C:\Documents and Settings\Administrator.MISTY.000\Start Menu\Programs\Startup\system.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076645.exe
Infected with: Trojan.Fakealert.BX

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076645.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076645.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076711.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076711.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076711.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076712.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076712.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076712.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076713.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076713.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP354\A0076713.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP355\A0076975.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP355\A0076975.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP355\A0076975.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP355\A0076976.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP355\A0076976.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP355\A0076976.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP355\A0076977.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP355\A0076977.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP355\A0076977.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0076998.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0076998.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0076998.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0076999.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0076999.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0076999.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0077996.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0077996.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0077996.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0077997.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0077997.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0077997.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0078023.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0078023.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0078023.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0078024.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0078024.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP356\A0078024.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078049.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078049.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078049.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078050.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078050.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078050.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078051.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078051.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078051.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078053.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078053.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078053.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078057.exe
Infected with: Trojan.Fakealert.FB

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078057.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078057.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078061.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078061.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078061.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078062.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078062.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078062.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078063.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078063.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP357\A0078063.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078070.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078070.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078070.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078071.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078071.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078071.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078072.exe
Infected with: Trojan.Downloader.Winfixer.O

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078072.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078072.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078073.exe
Infected with: Trojan.Downloader.AQI

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078073.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078073.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078077.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078077.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078077.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078078.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078078.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078078.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078080.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078080.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078080.exe
Deleted

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078083.exe
Infected with: Generic.Malware.SDYd!wsp.A951E53A

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078083.exe
Disinfection failed

C:\System Volume Information\_restore{0820990D-C6B7-4B99-B989-996110092206}\RP358\A0078083.exe
Deleted

#10 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:03:32 AM

Posted 08 August 2007 - 09:18 AM

misty1985,

I moved your HijackThis log to the appropriate forum.
Here is the link:
misty1985's HJT log

NOTE:
Please, DO NOT make another post in the HijackThis Logs and Analysis forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might think someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.

Also, don't make any changes to your system, as that could change the results of the posted log, making it more difficult to properly clean your system.

Since you now have a HJT log posted, I'm going to close this topic.

At this point, the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

If, after your log has been cleaned, you still need help, please PM a Moderator and we will re-open this topic.
If you have any questions, don't hesitate to send me a PM.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users