Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A-squared Scan Results


  • This topic is locked This topic is locked
2 replies to this topic

#1 Simonjs

Simonjs

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:44 AM

Posted 26 June 2006 - 06:03 PM

http://www.bleepingcomputer.com/forums/t/55351/instant-messenger-virus/

after clearing my computer of the above Instant Messaging Virus (a win.32 type virus or something similar i believe) i now have quite a few results from my last A-2 scan.


a-squared Report
Scan started: 06/26/2006 21:25:43
Scan finished: 06/26/2006 22:07:23
Scan duration: 0h 41min 40sec
Scanned files: 116020
Infected files: 30

Object Diagnosis
C:\Documents and Settings\PAUL\Application Data\spamextract Trace.Directory.OemjiBar
C:\Documents and Settings\PAUL\Local Settings\temp\ni.uwfx5lp_0001_0803 Trace.Directory.WinFixer_2005
C:\Documents and Settings\PAUL\trace.log Trace.File.ErrorSafe
C:\Documents and Settings\PAUL\Local Settings\temp\iinstall.exe Trace.File.ISTbar
C:\Documents and Settings\PAUL\Local Settings\temp\mssserif120.fon Trace.File.Suspicious
C:\WINDOWS\downloaded program files\installer.inf Trace.File.Suspicious
C:\Documents and Settings\PAUL\Local Settings\temp\iinstall.exe Trace.File.TrojanDownloader
Value: HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser --> {804db5c7-31e6-4885-850a-f1941b58a4c7} Trace.Registry.OemjiBar
C:\Documents and Settings\All Users\Start Menu\Programs\block checker Trace.Directory.Block Checker
C:\Documents and Settings\All Users\Start Menu\Programs\block checker\block checker Trace.Directory.Block Checker
C:\Program Files\block checker Trace.Directory.Block Checker
C:\WINDOWS\downloaded program files\directanimation java classes.osd Trace.File.IntermixMedia.PowerSearch
C:\!KillBox\( 1) Trojan-Downloader.Win32.IstBar.nh
C:\!KillBox\A0150108.exe Adware.Gator.6104
C:\!KillBox\MediaAccC.dll Adware.WinAD.am
C:\!KillBox\TBPS.exe Adware.WebSearch.af
C:\!KillBox\temp.fr2C1E Adware.WinAD.am
C:\!KillBox\ZQ61.tmp Adware.BHO.Chiem.a
C:\!KillBox\ZQ62.tmp Adware.BHO.Chiem.a
C:\!KillBox\ZQ63.tmp Adware.Win32.Chiem.a
C:\Documents and Settings\PAUL\Cookies\paul@adserver.terra.com[1].txt Trace.TrackingCookie
C:\Documents and Settings\PAUL\Cookies\paul@adserver.virgin[1].txt Trace.TrackingCookie
C:\Documents and Settings\PAUL\Cookies\paul@server.iad.liveperson[1].txt Trace.TrackingCookie
C:\Documents and Settings\PAUL\Local Settings\Temp\iinstall.exe Trojan-Downloader.Win32.IstBar.nt
C:\RECYCLER\S-1-5-21-3337191106-1861640864-2316557323-1006\Dc31\Process.exe Riskware.RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP667\A0149715.exe Trojan-Downloader.Win32.Zlob.sh
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP668\A0149769.exe Riskware.RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP668\A0149782.exe Riskware.RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP668\A0149799.exe Trojan-Downloader.Win32.Zlob.rq
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP736\A0152562.exe Riskware.RiskTool.Win32.Processor.20

BC AdBot (Login to Remove)

 


m

#2 Kyle

Kyle

  • Members
  • 330 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Adelaide, SA
  • Local time:04:14 PM

Posted 26 June 2006 - 06:18 PM

I suggest you post a HiJack This log, Simonjs :thumbsup:

Regards,
Kyle

Edited by Djk, 26 June 2006 - 06:20 PM.

Regards,
Kyle

#3 Scarlett

Scarlett

    Bleeping Diva


  • Members
  • 7,479 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:As always I'm beside myself ;)
  • Local time:12:44 AM

Posted 26 June 2006 - 06:47 PM

Simonjs has now posted a log here: http://www.bleepingcomputer.com/forums/t/56730/a-squared-results/

So in order to avoid any confusion, this topic will now be closed.

Edited by Scarlett, 26 June 2006 - 06:56 PM.

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users