Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Aurora+other problems


  • Please log in to reply
1 reply to this topic

#1 kiloday

kiloday

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 26 May 2005 - 03:05 PM

This is what a panda scan revealed on my pc...i have a damn aurora problem...what should i do?

Incident Status Location

Virus:Trj/Downloader.ANX Disinfected Operating system
Adware:Adware/Apropos No disinfected C:\WINDOWS\System32\hlpkmgr.exe
Adware:Adware/eZula No disinfected Windows Registry
Adware:Adware/PortalScan No disinfected C:\WINDOWS\System32\winupdt.008
Spyware:Spyware/ShopNav No disinfected Windows Registry
Adware:Adware/BookedSpace No disinfected C:\DOCUME~1\ASHWIN~1\LOCALS~1\Temp\bs*.tmpbsx32
Adware:Adware/Apropos No disinfected C:\Program Files\AutoUpdate
Adware:Adware/WinTools No disinfected Windows Registry
Adware:Adware/Fizzle No disinfected C:\Program Files\FwBarTemp
Adware:Adware/EliteBar No disinfected Windows Registry
Adware:Adware/Kingporn No disinfected C:\DOCUME~1\ASHWIN~1\LOCALS~1\Temp\ExtractDLL.dll
Spyware:Spyware/SurfSideKick No disinfected Windows Registry
Adware:Adware/Transponder No disinfected C:\DOCUME~1\ASHWIN~1\LOCALS~1\Temp\DrTemp
Adware:Adware/Pacimedia No disinfected C:\Documents and Settings\ashwin verma\Favorites\1111\1111.url
Adware:Adware/Searchforit No disinfected C:\Program Files\sf
Adware:Adware/SearchTheWeb No disinfected C:\Documents and Settings\ashwin verma\Desktop\Search The Web.LNK
Adware:Adware/Pacimedia No disinfected C:\Documents and Settings\ashwin verma\Favorites\1111\1111.url
Virus:Exploit/iFrame Disinfected Personal Folders\Deleted Items\Look,my beautiful girl friend\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Re:ashwin,congratulations
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Fw: Inner Peace\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\A special new website\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Loan from Citibank\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Let's be friends\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Jan 29 2003 14\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Eager to see you\MSG_RTF.TXT
Adware:Adware/Envolo No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temp\AutoUpdate0\setup.inf
Spyware:Spyware/Dyfuca No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temp\cfin[cfin]
Spyware:Spyware/Dyfuca No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temp\cfout.txt
Spyware:Spyware/Dyfuca No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temp\cln17.tmp
Spyware:Spyware/SafeSurf No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temp\ExtractDLL.dll
Adware:Adware/eZula No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temp\temp.fr5501\eapbh.dll
Adware:Adware/Transponder No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temp\temp.fr994A
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temp\uninstall.exe
Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\0HQFGT6J\virus[1].bmp
Virus:Trj/Delf.EB Disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\49IRW5IN\29[1].bin
Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\49IRW5IN\drugs-ico[1].bmp
Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\49IRW5IN\drugs[1].bmp
Adware:Adware/Startpage.XM No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\6X4VIL8H\My404[1].exe
Adware:Adware/MyWebSearch No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\6X4VIL8H\newmajorse2[1].cab
Adware:Adware/MyWebSearch No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\6X4VIL8H\newmajorse2[1].cab[newmajorse2.txt]
Virus:Trj/Favadd.G Disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\6X4VIL8H\sfita[1].exe
Virus:Trj/Downloader.COY Disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\8D0BWN0F\aun_0027[1].exe
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\8D0BWN0F\fav.cat[1].php
Adware:Adware/MediaTickets No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\A1O9ONCV\pubanrs[1].htm
Adware:Adware/DealHelper No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\BAOVFX8D\download[3].htm
Adware:Adware/WinTools No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\CLE3ST23\56[1].bin
Adware:Adware/MediaTickets No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\CLE3ST23\mtrslib2[1].js
Adware:Adware/WinTools No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\CLE3ST23\TBPS[1].cab[TBPS.exe]
Adware:Adware/Envolo No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\CPUJ85QR\AutoUpdaterInstaller[1].exe
Adware:Adware/Apropos No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\CPUJ85QR\auto_update[1]
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\CPUJ85QR\default.tbr[1].php
Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\CPUJ85QR\fav-ico[1].bmp
Adware:Adware/AlwaysupdatednewsNo disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\CPUJ85QR\inst25[1].exe
Adware:Adware/Transponder No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\CPUJ85QR\Nail[1].exe
Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\D7BBLLSE\casino[1].bmp
Virus:VBS/Psyme.C No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\D7BBLLSE\TRACK6[1].CHM[track6.htm]
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\GR6H2DIZ\adult.tbr[1].php
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\GR6H2DIZ\drugs.cat[1].php
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\GR6H2DIZ\kwlist2[1].exe
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\K5M34163\search.mnu[1].php
Adware:Adware/Sqwire No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\K5M34163\tsupdate[1].ini
Adware:Adware/AlwaysupdatednewsNo disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\M5OFEXA5\inst12[1].exe
Adware:Adware/DealHelper No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\OBTJU6FH\downloaddll[1].htm
Adware:Adware/PortalScan No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\QT7WT8RY\61[1].bin
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\QT7WT8RY\adult.tbr[1].php
Adware:Adware/Apropos No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\QT7WT8RY\AproposClientInstaller[1].exe
Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\QT7WT8RY\dating[1].bmp
Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\S1I34D2F\casino-ico[1].bmp
Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\S1I34D2F\dating-ico[1].bmp
Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\S1I34D2F\fav[1].bmp
Spyware:Spyware/Dyfuca No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\S961AXWT\151[1].bin
Adware:Adware/Pacimedia No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\S961AXWT\trk_0006[1].exe
Adware:Adware/MyWebSearch No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\STQZK1QF\TBPSSvc[1].cab[TBPSSvc.exe]
Spyware:Spyware/Dyfuca No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\U3M90HY1\EULA[1].ctxt[EULA[1].ctxt]
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\W1STAR4D\search.mnu[1].php
Adware:Adware/Apropos No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\WX6ZW1UZ\51[1].bin
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\ashwin verma\Local Settings\Temporary Internet Files\Content.IE5\WX6ZW1UZ\default.tbr[1].php
Virus:Exploit/iFrame Disinfected Personal Folders\Deleted Items\Look,my beautiful girl friend\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Re:ashwin,congratulations
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Fw: Inner Peace\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\A special new website\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Loan from Citibank\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Let's be friends\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Jan 29 2003 14\MSG_RTF.TXT
Virus:Exploit/iFrame Disinfected Personal Folders\Inbox\Ashwin-Digitalroot\Eager to see you\MSG_RTF.TXT
Spyware:Spyware/SafeSurf No disinfected C:\Documents and Settings\debbie valentin\Local Settings\Temp\ExtractDLL.dll
Adware:Adware/Transponder No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\07D08545-7266-4393-87BB-0C05C8\4AC6AB35-26A2-486F-A9BE-8AC86B
Virus:Trj/Clicker.CY Disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\189CCB73-7014-4403-A162-BA93A4\1D34216D-54D0-41F4-9810-813B9B
Adware:Adware/Transponder No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\3880C9BD-06DD-458C-BD5D-7ABE69\7A9C9618-57F1-422B-8926-6405AF
Virus:Trj/Clicker.CZ Disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\4002922A-61CB-40BD-B9BB-3B4166\1F7E2C25-32B2-474D-99DE-5C575A
Adware:Adware/ClkOptimizer No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\4002922A-61CB-40BD-B9BB-3B4166\4454AD37-3C54-41A0-9834-D9F039
Adware:Adware/ClkOptimizer No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\4002922A-61CB-40BD-B9BB-3B4166\76F4C43E-8706-426D-8875-02B631
Adware:Adware/ClkOptimizer No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\4002922A-61CB-40BD-B9BB-3B4166\83A921CA-96F9-43BF-8D27-6BEE5B
Adware:Adware/ClkOptimizer No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\4002922A-61CB-40BD-B9BB-3B4166\FABC9177-52AA-4749-B1BE-8D0099
Adware:Adware/Transponder No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\4FE58E44-ACC7-481A-8562-707CA8\F82C9C2A-2389-4A04-84D1-FB57F8
Adware:Adware/Transponder No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\54AD9D2E-5C73-41A0-864C-C1E86F\254E009F-51B4-4542-8ADB-17CB94
Adware:Adware/Transponder No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\764779F7-45FF-4BEC-88BB-A7AFD6\B155FDB0-3A7C-4963-95BC-77921F
Adware:Adware/Transponder No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\770CFB21-DBF2-416B-81EE-1260D8\08D18821-3D2B-4D77-BFE3-D83CAD
Virus:Trj/Clicker.DJ Disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\B4A25E3D-1019-452B-9466-F08D49\9C1E8434-266C-4B7F-A054-324C43
Adware:Adware/Transponder No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\D4DE0BF3-68CC-4F1B-A42C-8CCB37\3D827BB6-0146-4471-8C58-BC57B1
Adware:Adware/Transponder No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\FEAB7E63-6A42-4B4D-8734-33D7BC\608FACD9-E6C3-4182-9AC7-EEC5A9
Adware:Adware/Pacimedia No disinfected C:\Program Files\Windows Media Player\OLD6C.tmp
Adware:Adware/AlwaysupdatednewsNo disinfected C:\Program Files\Windows Media Player\wmplayer.exe.tmp
Adware:Adware/BookedSpace No disinfected C:\WINDOWS\dpnxstbe.exe
Adware:Adware/Transponder No disinfected C:\WINDOWS\Nail.exe
Virus:Trj/Downloader.ANX Disinfected C:\WINDOWS\system\QBUninstaller.exe
Adware:Adware/SearchTheWeb No disinfected C:\WINDOWS\system32\Cache\mswinstall.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\dbxnxc.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\dbxnxd.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\dbxnxf.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\hhajebl.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\hjifycr.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\hlimyag.exe
Adware:Adware/Apropos No disinfected C:\WINDOWS\system32\hlpkmgr.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\huatego.dll
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\mxfglc.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\mxfgld.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\mxfglf.exe
Adware:Adware/Pacimedia No disinfected C:\WINDOWS\system32\ps1.exe
Virus:Trj/Multidropper.XI Disinfected C:\WINDOWS\system32\Qool.exe
Virus:Trj/Downloader.BJG Disinfected C:\WINDOWS\system32\SSK3_B5 Seedcorn 4.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\unpack.exe
Adware:Adware/PortalScan No disinfected C:\WINDOWS\system32\winupdt.008
Virus:Trj/Clicker.CX Disinfected C:\WINDOWS\system32\wmconfig.cpl
Adware:Adware/Transponder No disinfected C:\WINDOWS\ttnnge.exe

BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:11:07 PM

Posted 27 May 2005 - 12:00 AM

I suggest you post a HijackThis log for examination.

Read the pinned post in the HijackThis forum, here
Please read, and follow, all directions carefully.

Then, run a log, and post it in the HJT forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users