Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help Removing Virusbust


  • Please log in to reply
3 replies to this topic

#1 MDCasino

MDCasino

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 26 September 2006 - 05:20 AM

Hi , i have dled the trojan known that contains VirusBurst. I have gone through all the steps on this site for specifically deleting that file. I thought it was gona but im still getting pop ups saying i have a virus , and i still have that blinkning yellow caution sign in my tool box from time to time telling me of a virus.

This is the task (notpad File) from the Rouge Scan Fix folder



Export SharedTaskScheduler key
------------------------------
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"



And here is the log from pandasoftware.com
(sorry for the bad layout)



Incident Status Location

Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-16eaa3e7-3c3652fe.zip[BlackBox.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-16eaa3e7-3c3652fe.zip[VB.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-16eaa3e7-3c3652fe.zip[Dummy.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-16eaa3e7-3c3652fe.zip[Beyond.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-78f81425-5f0fb399.zip[BlackBox.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-78f81425-5f0fb399.zip[VB.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-78f81425-5f0fb399.zip[Dummy.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-78f81425-5f0fb399.zip[Beyond.class]
Virus:Trj/ClassLoader.C Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-20ec9fdc-4cf01edf.zip[Counter.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-20ec9fdc-4cf01edf.zip[Dummy.class]
Virus:Trj/Downloader.AUY Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-20ec9fdc-4cf01edf.zip[Matrix.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-3dbcfe4d-3519aff0.zip[BlackBox.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-3dbcfe4d-3519aff0.zip[VerifierBug.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-3dbcfe4d-3519aff0.zip[Dummy.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-3dbcfe4d-3519aff0.zip[Beyond.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-484c3c35-7628cf8a.zip[BlackBox.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-484c3c35-7628cf8a.zip[VerifierBug.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-484c3c35-7628cf8a.zip[Dummy.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-484c3c35-7628cf8a.zip[Beyond.class]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Cookies\owner@247realmedia[1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Owner\Cookies\owner@2o7[2].txt
Spyware:Cookie/7search Not disinfected C:\Documents and Settings\Owner\Cookies\owner@7search[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Owner\Cookies\owner@adrevolver[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Owner\Cookies\owner@adrevolver[3].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Owner\Cookies\owner@adultfriendfinder[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Owner\Cookies\owner@advertising[1].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Owner\Cookies\owner@apmebf[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Owner\Cookies\owner@as-us.falkag[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Owner\Cookies\owner@atwola[2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Owner\Cookies\owner@azjmp[2].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Owner\Cookies\owner@banner[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Owner\Cookies\owner@belnk[1].txt
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Owner\Cookies\owner@bfast[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Owner\Cookies\owner@bluestreak[2].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Owner\Cookies\owner@bravenet[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Owner\Cookies\owner@burstnet[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Owner\Cookies\owner@casalemedia[2].txt
Spyware:Cookie/Casinodelrio Not disinfected C:\Documents and Settings\Owner\Cookies\owner@casinodelrio[2].txt
Spyware:Cookie/Casinotropez Not disinfected C:\Documents and Settings\Owner\Cookies\owner@casinotropez[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ccbill[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Owner\Cookies\owner@cgi-bin[3].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Owner\Cookies\owner@cgi-bin[6].txt
Spyware:Cookie/Clubdicecasino Not disinfected C:\Documents and Settings\Owner\Cookies\owner@clubdicecasino[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Owner\Cookies\owner@com[1].txt
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Owner\Cookies\owner@counter.hitslink[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Owner\Cookies\owner@counter1.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Owner\Cookies\owner@counter13.sextracker[2].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Owner\Cookies\owner@counter14.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Owner\Cookies\owner@counter3.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Owner\Cookies\owner@counter8.sextracker[1].txt
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Owner\Cookies\owner@cs.sexcounter[2].txt
Spyware:Cookie/Dbbsrv Not disinfected C:\Documents and Settings\Owner\Cookies\owner@dbbsrv[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Owner\Cookies\owner@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Owner\Cookies\owner@drivecleaner[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ehg-ads.hitbox[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ehg-sonycomputer.hitbox[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Owner\Cookies\owner@errorsafe[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@fastclick[1].txt
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Owner\Cookies\owner@fortunecity[2].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Owner\Cookies\owner@go[1].txt
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@hc2.humanclick[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Owner\Cookies\owner@hitbox[2].txt
Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Owner\Cookies\owner@hotlog[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Owner\Cookies\owner@maxserving[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Owner\Cookies\owner@mediaplex[2].txt
Spyware:Cookie/Media-motor Not disinfected C:\Documents and Settings\Owner\Cookies\owner@mmm.media-motor[1].txt
Spyware:Cookie/Outster Not disinfected C:\Documents and Settings\Owner\Cookies\owner@outster[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Owner\Cookies\owner@overture[1].txt
Spyware:Cookie/PayCounter Not disinfected C:\Documents and Settings\Owner\Cookies\owner@paycounter[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Owner\Cookies\owner@perf.overture[1].txt
Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\Owner\Cookies\owner@qksrv[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Cookies\owner@realmedia[2].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Owner\Cookies\owner@revenue[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Owner\Cookies\owner@searchportal.information[1].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Cookies\owner@serving-sys[1].txt
Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\Owner\Cookies\owner@sexlist[2].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Owner\Cookies\owner@sextracker[1].txt
Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Owner\Cookies\owner@spylog[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Owner\Cookies\owner@statcounter[2].txt
Spyware:Cookie/Clicktracks Not disinfected C:\Documents and Settings\Owner\Cookies\owner@stats1.clicktracks[2].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Owner\Cookies\owner@statse.webtrendslive[1].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Owner\Cookies\owner@targetnet[2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Owner\Cookies\owner@target[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Owner\Cookies\owner@winfixer[2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Owner\Cookies\owner@www.burstbeacon[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Owner\Cookies\owner@www.drivecleaner[1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Owner\Cookies\owner@www.errorsafe[1].txt
Spyware:Cookie/Golden Palace Online Casino Not disinfected C:\Documents and Settings\Owner\Cookies\owner@www.goldenpalace[2].txt
Spyware:Cookie/VirusBurst Not disinfected C:\Documents and Settings\Owner\Cookies\owner@www.virusburst[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Owner\Cookies\owner@xiti[1].txt
Spyware:Cookie/XXXCounter Not disinfected C:\Documents and Settings\Owner\Cookies\owner@xxxcounter[2].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Owner\Cookies\owner@yadro[2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Owner\Cookies\owner@zedo[1].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Desktop\smitRem.exe[smitRem/Process.exe]
Spyware:spyware/surfsidekick Not disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Ssk.log
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Susan\Cookies\susan@atdmt[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Susan\Cookies\susan@doubleclick[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Susan\Cookies\susan@questionmarket[2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Program Files\Roguescanfix\Process.exe
Potentially unwanted tool:Application/Psshutdown.A Not disinfected C:\Program Files\Winamp\Skins\EPS2[1].wal[shutdown.exe]
Potentially unwanted tool:Application/Psshutdown.A Not disinfected C:\Program Files\Winamp\Skins\EPS_High-End_System_v1_test[1].wal[shutdown.exe]
Adware:Adware/MPCodec Not disinfected C:\Program Files\WinMediaCodec\pmmon.exe
Adware:Adware/MPCodec Not disinfected C:\Program Files\WinMediaCodec\pmsngr.exe
Adware:Adware/EMediaCodec Not disinfected C:\Program Files\WinMediaCodec\uninst.exe
Potentially unwanted tool:Application/Zango Not disinfected C:\WINDOWS\Downloaded Program Files\ClientAX.inf
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\inf\mmaker2.inf
Adware:adware/ieplugin Not disinfected C:\WINDOWS\kwv2.dat
Potentially unwanted tool:application/bestoffer Not disinfected C:\WINDOWS\smdat32m.sys
Virus:W32/Gaobot.FQG.worm Disinfected C:\WINDOWS\system32\fprotsvc.exe
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\n?lookup.exe
Spyware:spyware/adclicker Not disinfected C:\WINDOWS\usta32.ini



Help would be greatly appreciated . :thumbsup: :flowers: :trumpet:

BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:41 AM

Posted 26 September 2006 - 09:36 AM

If the self-help guide did not work and your using Win XP or 2000, try this alternate fix:

First, print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Then please download, install and update Ewido Anti-Spyware v4.0. DO NOT perform a scan yet.
Print out the Ewido Install and Scan Instructions.

Go here and follow the instructions for using SmitfraudFix. Read "How to create/extract a ZIP File in Win ME/XP/2003" or "How to create/extract a ZIP File in Win 9x/2000" if your not sure how to do this.

After using the tool reboot again in "SAFE MODE" and Clean out your Temporary Internet files as follows:
  • Quit Internet Explorer and quit any instances of Windows Explorer.
  • Click Start, click Control Panel, and then double-click Internet Options.
  • On the General tab, click "Delete Files" under Temporary Internet Files.
  • In the Delete Files dialog box, tick the "Delete all offline content check box", and then click "OK".
  • On the General tab, click "Delete Cookies" under Temporary Internet Files, and then click "OK".
  • Click on the Programs tab then click the Reset Web Settings button. Click "Yes" when asked if you want to reset the settings, then "OK".
  • Click "OK" again to exit.
Empty the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop, and then clicking Empty Recycle Bin.

Then scan with Ewido per the instructions you printed out and reboot back to normal mode.

Clear the Java Runtime Environment (JRE) cache. To do this:
  • Click Start > Control Panel.
  • Double-click the Java icon in the control panel.
    -The Java Control Panel appears.
  • Click "Settings" under Temporary Internet Files.
    -The Temporary Files Settings dialog box appears.
  • Click "Delete Files".
    -The Delete Temporary Files dialog box appears.
    -There are three options on this window to clear the cache.
    • Delete Files
    • View Applications
    • View Applets
  • Click "OK" on Delete Temporary Files window.
    -Note: This deletes all the Downloaded Applications and Applets from the cache.
  • Click "OK" on Temporary Files Settings window.
  • Close the Java Control Panel.
You can also view these instructions along with graphics here.

When done, perform a new Panda ActiveScan.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 MDCasino

MDCasino
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 26 September 2006 - 04:52 PM

I did everything and im not getting the message anymore. I did the pandascan and the results...


Incident Status Location

Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Desktop\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Desktop\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Desktop\smitRem.exe[smitRem/Process.exe]
Spyware:spyware/surfsidekick Not disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Ssk.log
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Susan\Cookies\susan@atdmt[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Susan\Cookies\susan@doubleclick[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Susan\Cookies\susan@questionmarket[2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Program Files\Roguescanfix\Process.exe
Potentially unwanted tool:Application/Psshutdown.A Not disinfected C:\Program Files\Winamp\Skins\EPS2[1].wal[shutdown.exe]
Potentially unwanted tool:Application/Psshutdown.A Not disinfected C:\Program Files\Winamp\Skins\EPS_High-End_System_v1_test[1].wal[shutdown.exe]
Potentially unwanted tool:Application/Zango Not disinfected C:\WINDOWS\Downloaded Program Files\ClientAX.inf
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\inf\mmaker2.inf
Adware:adware/ieplugin Not disinfected C:\WINDOWS\kwv2.dat
Potentially unwanted tool:application/bestoffer Not disinfected C:\WINDOWS\smdat32m.sys
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\n?lookup.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
Spyware:spyware/adclicker Not disinfected C:\WINDOWS\usta32.ini


It looks alot better than last time. I believe it is gone. Thanx alot , i really aprreciate it. Just LMK if theres anything serius among the 19 thinkgs panda found. once again thanx , your the best! :thumbsup: :flowers:

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:41 AM

Posted 26 September 2006 - 05:07 PM

Your Panda log is looking much better. It is still showing a few things that can be manually deleted but it is also showing signs of a PurityScan Infection which you may need some help removing. This is best done by creating a hijackthis log and doing some more investigation in case Panda missed some bad files.

Please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may even have performed some of these steps already.

When you have done that, post a log in the HijackThis Logs and Analysis Forum, not here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. Be sure to post your Panda ActiveScan log along with your hijackthis log.

Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and reply with instructions advising you what to fix.

It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. Please be patient. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have no replies as this makes it easier for them to identify those who have not been helped. If you post another response, a team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

If after 5 days you still have received no response, then post a link to your HJT log here.

After posting a log you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc.) unless advised by a HJT Team member. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make may cause confusion for the member assisting you and complicate the malware removal process.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users