When I run Anti-Malware, it automatically closed after I tried scanning. When I tried to open it again, it says "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."
The same happens for UnHackMe, HJT, Rootkit Repealer. DDS just closes automatically.
I was able to do a Kaspersky Online Scan. I got rid of the xa.tmp thing, and I know the mirc.exe results are fine, but how do I fix the rest?
This thread seems very relevant: cannot run dds or rootrepeal.
His previous thread shows that he pretty much has the same virus as me, but I'm too scared to try anything, lol.
Pasted in Online Scan ~ OB
Saturday, September 5, 2009
Operating system: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 220.127.116.11
Last database update: Saturday, September 05, 2009 07:32:17
Records in database: 2748374
scan using the following database extended
Scan archives yes
Scan e-mail databases yes
Scan area Critical areas
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
C:\Documents and Settings\Peter\Start Menu\Programs\Startup
Objects scanned 33401
Threats found 4
Infected objects found 15
Suspicious objects found 0
Scan duration 03:17:21
File name Threat Threats count
svchost.exe\0669C092.x86.dll/svchost.exe\0669C092.x86.dll Infected: Trojan-Spy.Win32.Agent.azpj 4
globalroot\Device\__max++>\0669C092.x86.dll/globalroot\Device\__max++>\0669C092.x86.dll Infected: Trojan-Spy.Win32.Agent.azpj 6
spoolsv.exe\0669C092.x86.dll/spoolsv.exe\0669C092.x86.dll Infected: Trojan-Spy.Win32.Agent.azpj 1
explorer.exe\0669C092.x86.dll/explorer.exe\0669C092.x86.dll Infected: Trojan-Spy.Win32.Agent.azpj 1
C:\Program Files\mIRC\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 1
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.621 1
C:\WINDOWS\system32\xa.tmp Infected: Trojan.Win32.Vilsel.a 1
Selected area has been scanned.
Edited by Orange Blossom, 05 September 2009 - 04:07 PM.