Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help


  • Please log in to reply
3 replies to this topic

#1 Trevor 1

Trevor 1

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 21 February 2007 - 09:58 AM

I got myself mixed up in some spy ware and virus's and need help bad I have tryed eveything.

I have ran AVG,House call,Ad Aware,spybot,another one that was recomended and I also just put the new norton on as well. I still have a problem my system runs deadly slow. I need help bad the only thing I havn't tryed is HIJACK This which seems to have help alot of people who ccould step me through this and help fix my issue.

BC AdBot (Login to Remove)

 


#2 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:07:14 PM

Posted 21 February 2007 - 11:29 AM

Posted Image to BC. Are you meaning AVG Free antivirus? Norton is what we call a resource hogger taking a lot of speed away. In order to rule out further malware issues you cdould run microsft online test take the long one and post back any results.

If that doesn't bring a lot please follow these steps :

• Defrag your system. Disk fragmentation slows the overall performance of your system. When files are fragmented, the computer must search the hard disk when a file is opened. Disk Defragmenter consolidates fragmented files and folders on the hard disk so that each occupies a single space on the disk. This speeds up reading and writing to the disk. Read "The Importance of Disk Defragmentation" for instructions.

• Check for disk errors by running CHKDSK. CHKDSK can be run from the Recovery Console, the command prompt or through the Windows GUI.
To run chkdsk from the Win XP GUI see these instructions.
To run chkdsk from the command prompt see these instructions.
To run chkdsk from the Recovery Console see these instructions.
The problem with running CHKDSK from Win XP is that it will not check files that are being used by Windows. Using chkdsk in the Recovery Console with the /r switch is a way to resolve this.

• Check for damaged, altered or missing critical system files by running the System File Checker. If SFC discovers that a protected file has been damaged, altered or missing, it restores the correct version of the file from the cache folder. You must be logged on as an administrator or as a member of the Administrators group to run sfc and it may ask you to insert your XP Installation CD so have it available.

• Clean up your hard drive by removing unused programs and transferring old data, pictures, music files to a CD or an external hard drive. When you have moved/saved the files you want to keep, run Disk Cleanup and let it scan your system for files to remove. "Don’t clean out the Prefetch folder" - This is a common myth that will not improve performance.

• Check for any unnecessary running services. If you have a typical installation, many services are configured as "automatic"; that is, they start automatically when the system starts or when the service is called for the first time. Use "Black Viper's Services Configuration" to help fine tune this area.

• Check for any unnecessary applications loading at startup when Windows boots with MSConfig. Some startup programs are necessary so be careful what you disable. If you are unsure what any of the startup entries are or if they are safe to disable, then search one of the following Startup Databases:
Startup Programs Database
StartupList Index

Note: MSConfig.exe is a troubleshooting utility used to diagnose system configuration issues. Although it works as a basic startup manager which allows you to enable/disable auto-start programs, msconfig should not be used routinely to disable startup programs.

A better alternative is to use a startup manager. If you have have Spybot S&D 1.4 installed, launch it, go to Mode and select Advanced. Then go to Tools, select System Startups. You will be provided with a list of programs that load when Windows starts. If you untick an entry it will no longer run at startup. This will allow you to experiment and see how your system performs with any of them disabled. Other startup managers you can download and use for free are Startup Control Panel, Autoruns and Starter by CodeStuff.

• Remove any third party "Memory Manager" or "Optimizer". Windows XP memory management was designed to make the best use of Ram and these memory management utilities defeat that purpose. They push applications out of RAM into the pagefile, creating holes in the RAM and by doing so, slow down your computer.

• Disable some visual effects. While visual embellishments that may be attractive, they don’t do anything else for you. Disabling some of them frees up system resources and makes the operating system perform better. Right click My Computer, choose > Properties > Advanced, click on "Settings" under performance...UNcheck all the visual effects, except for the last three. Click "Apply", then "OK", then "OK" again. Then right click your desktop and choose > Properties > Appearance > "Effects...Uncheck the first two boxes and hit "OK".

#3 Trevor 1

Trevor 1
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 21 February 2007 - 07:23 PM

I ran Bit Defender on my system and it founs some problems but was unable to repair them. Here is the report.


<HTML>
<HEAD>
<TITLE>BitDefender Online Scanner -Scan Report</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<meta name="generator" content="Namo WebEditor v5.0(Trial)">
</HEAD>
<BODY BGCOLOR=#FFFFFF leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" >


<table align="center" border="0" cellpadding="0" cellspacing="0" width="90%">
<tr>
<td width="458">
<p><font face="Arial" color=red><span style="font-size:14pt;"><b>BitDefender
Online Scanner</b></span></font></p>
</td>
<td width="40%">
<p>&nbsp;</p>
</td>
<td width="10%">
<p>&nbsp;</p>
</td>
</tr>
<tr>
<td colspan="3" width="912">
<p><font face="Arial"><span style="font-size:11pt;"><B>Scan report generated
at: Wed, Feb 21, 2007 - 20:08:45</b></span></font></p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B>&nbsp;</b></span></font></p>
</td>
<td width="40%">
<p>&nbsp;</p>
</td>
<td width="10%">
<p>&nbsp;</p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B>Scan
path: </b></span><span style="font-size:10pt;">A:\;C:\;D:\;</span></font></p>
</td>
<td width="40%">
<p>&nbsp;</p>
</td>
<td width="10%">
<p>&nbsp;</p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B>&nbsp;</b></span></font></p>
</td>
<td width="40%">
<p>&nbsp;</p>
</td>
<td width="10%">
<p>&nbsp;</p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Statistics</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Time</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">02:09:26</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">717285</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Folders</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">2693</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Boot Sectors</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">2</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">2259</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Packed Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">57802</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p>&nbsp;</p>
</td>
<td width="10%">
<p>&nbsp;</p>
</td>
</tr>



<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Results</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Identified Viruses </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">12</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Infected Files </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">43</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Suspect&nbsp;Files </font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Warnings</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Disinfected</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Deleted Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">51</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p>&nbsp;</p>
</td>
<td width="10%">
<p>&nbsp;</p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Engines Info</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Virus Definitions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">389396</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Engine build</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">14</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archive plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">38</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Unpack plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">E-mail plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">System&nbsp;plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p>&nbsp;</p>
</td>
<td width="10%">
<p>&nbsp;</p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Scan Settings</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">First Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Disinfect</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Second Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Delete</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Heuristics</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Enable Warnings</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scanned Extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">*;</font></p>
</td>
</tr>

<tr>
<td width="57%">
<p><font face="Arial" size="2">Exclude Extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">&nbsp;</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Emails</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Packed</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Files</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Scan Boot</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Yes</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p>&nbsp;</p>
</td>
<td width="10%">
<p>&nbsp;</p>
</td>
</tr>

<tr>
<td colspan=2> &nbsp;
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="252" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Scanned File</b></font></p>
</td>
<td width="195" bgcolor="#CCCCCC" align="right">
<p align="left"><b><font size="2" face="Arial">&nbsp;Status</font></b></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\anlidig.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Busky.2.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\anlidig.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\anlidig.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\b104.exe.bac_a01500=>(Quarantine-4)=>(NSIS o)=>lzma_solid_nsis0002</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Small.BUY</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\b104.exe.bac_a01500=>(Quarantine-4)=>(NSIS o)=>lzma_solid_nsis0002</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\b104.exe.bac_a01500=>(Quarantine-4)=>(NSIS o)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\dsvyiie.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Obfus.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\dsvyiie.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\dsvyiie.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\elwktjl.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Obfus.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\elwktjl.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\elwktjl.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\FOYGq2JV9B[1].exe.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Busky.2.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\FOYGq2JV9B[1].exe.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\FOYGq2JV9B[1].exe.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\kusbfkf.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Obfus.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\kusbfkf.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\kusbfkf.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\mwjglkk.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Obfus.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\mwjglkk.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\mwjglkk.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\olwyhnk.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Obfus.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\olwyhnk.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\olwyhnk.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\rlfiqwn.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Busky.2.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\rlfiqwn.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\rlfiqwn.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\skxckyb.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Busky.2.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\skxckyb.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\skxckyb.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\system.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Matcash.A</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\system.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\system.dll.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\temp.frADE7.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Matcash.B</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\temp.frADE7.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\.housecall6.6\Quarantine\temp.frADE7.bac_a01500=>(Quarantine-4)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\Local Settings\Application Data\kusbfkf.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Obfus.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\Local Settings\Application Data\kusbfkf.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\Local Settings\Application Data\kusbfkf.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Delete failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\Local Settings\Application Data\olwyhnk.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Obfus.Gen</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\Local Settings\Application Data\olwyhnk.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Trevor\Local Settings\Application Data\olwyhnk.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Delete failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP47\A0009462.exe=>(NSIS o)=>zlib_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Purityscan.C</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP47\A0009462.exe=>(NSIS o)=>zlib_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP47\A0009462.exe=>(NSIS o)=>zlib_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP47\A0009462.exe=>(NSIS o)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP48\A0009543.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: MemScan:Trojan.Vundo.AD</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP48\A0009543.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP48\A0009543.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009614.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Matcash.B</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009614.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009614.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009616.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Matcash.B</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009616.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009616.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009625.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.2073.A</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009625.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009625.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009628.ocx</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Detected with: Adware.Promulgate</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009628.ocx</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009628.ocx</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009761.exe=>(NSIS o)=>zlib_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Purityscan.C</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009761.exe=>(NSIS o)=>zlib_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009761.exe=>(NSIS o)=>zlib_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009761.exe=>(NSIS o)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009763.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Matcash.A</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009763.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009763.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009764.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Matcash.A</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009764.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009764.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009771.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Matcash.B</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009771.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009771.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009773.exe=>(NSIS o)=>zlib_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: Trojan.Downloader.Purityscan.C</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009773.exe=>(NSIS o)=>zlib_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009773.exe=>(NSIS o)=>zlib_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP49\A0009773.exe=>(NSIS o)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Update failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP50\A0009798.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: MemScan:Trojan.Vundo.AF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP50\A0009798.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Disinfection failed</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP50\A0009798.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Deleted</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{630317A8-B241-40CE-B2CE-1587E03C9CF2}\RP50\A0009801.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infected with: MemScan:Trojan.Vundo.AD</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_res

#4 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:07:14 PM

Posted 21 February 2007 - 08:28 PM

You have a mix of infections.Most of them in your restore points and in the quarantaine of trend house micro. Do you have that installed? anyway please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may have performed some of these steps already. About half way down are instructions for downloading HijackThis and creating a log.

When you have done that, post a log in the HijackThis Logs and Analysis Forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.

Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and reply with instructions advising you what to fix.

Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

If after 5 days you still have received no response, then post a link to your HJT log here.

After posting a log you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc.) unless advised by a HJT Team member. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make may cause confusion for the member assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users