This topic is locked
newbe17
WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93124 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
[Resolved] Need to get rid of Virtumonde and Win32.TDSS.rtk.
Started by
Neo
, Mar 09 2009 04:15 PM
139 replies to this topic
#16
Neo
-
- Guests
-
- 374 posts
Silver Member
Posted 13 March 2009 - 01:35 PM
newbe17
Best
Wishes,
Wishes,
Neo
Register to Remove
#17
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 13 March 2009 - 01:38 PM
newbe17,
We are not done with Worknow.com so just leave it for now.
Please download ZipIt from here:
Download 1
Download 2
Then
Hosts File Corrupted
Download HostsXpert v4.3 and unzip it to your computer, somewhere where you can find it.
Now, please give me a new HijackThis log.
We are not done with Worknow.com so just leave it for now.
Please download ZipIt from here:
Download 1
Download 2
- Double-click ZipIt! to run it.
- Then copy the content of the following codebox into the textfield:
::info:: newbe17 ::bleeping:: 73 c:\program files\xveiih.exe
- Then, just click the Zip button.
- When finished, and if successful, a new file will have been created on your Desktop. You will be notified of what the file name is when the process has been completed.
Then
Hosts File Corrupted
Download HostsXpert v4.3 and unzip it to your computer, somewhere where you can find it.
- Double click on HostsXpert.exe to launch the program.
- Click on Restore MS Hosts File to restore your Hosts file to its default condition.
- Click on Make ReadOnly to secure it against further infection.
- Exit the program.
Now, please give me a new HijackThis log.
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#18
Neo
-
- Guests
-
- 374 posts
Silver Member
Posted 13 March 2009 - 09:17 PM
TomK,
My apologies for the second thread 
Like you said, I was getting inpatient. I downloaded the zip it program and attempted to run it and this happened... A box appeared that said: To run this application, you must first obtain the following version of .NET Framework: v2.0.50727 Contact your application publisher for instructions about obtaining the appropriate version. Here I sit...
newbe17 
Like you said, I was getting inpatient. I downloaded the zip it program and attempted to run it and this happened... A box appeared that said: To run this application, you must first obtain the following version of .NET Framework: v2.0.50727 Contact your application publisher for instructions about obtaining the appropriate version. Here I sit...
newbe17
Best
Wishes,
Wishes,
Neo
#19
Neo
-
- Guests
-
- 374 posts
Silver Member
Posted 13 March 2009 - 09:29 PM
Tomk,
who is my application publishe so I will know where to find the site to download .NET Framework?
Best
Wishes,
Wishes,
Neo
#20
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 13 March 2009 - 09:29 PM
newbe17,
This will do the same thing, just not automatically.
Please visit this site and follow the instructions for uploading the c:\program files\xveiih.exe file.
This will do the same thing, just not automatically.
Please visit this site and follow the instructions for uploading the c:\program files\xveiih.exe file.
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#21
Neo
-
- Guests
-
- 374 posts
Silver Member
Posted 13 March 2009 - 09:46 PM
Tomk,
I submitted the file.
newbe17
Best
Wishes,
Wishes,
Neo
#22
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 13 March 2009 - 09:56 PM
newbe17,
I've got it. Thank you.
Go ahead and install HostsXpert.
Please go to Kaspersky website and perform an online antivirus scan.
Then give me a HijackThis log and also let me know if things are better.
I've got it. Thank you.
Go ahead and install HostsXpert.
Please go to Kaspersky website and perform an online antivirus scan.
- Read through the requirements and privacy statement and click on Accept button.
- It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
- When the downloads have finished, click on Settings.
- Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases
- Spyware, Adware, Dialers, and other potentially dangerous programs
- Click on My Computer under Scan.
- Once the scan is complete, it will display the results. Click on View Scan Report.
- You will see a list of infected items there. Click on Save Report As....
- Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
- Please post this log in your next reply.
Then give me a HijackThis log and also let me know if things are better.
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#23
Neo
-
- Guests
-
- 374 posts
Silver Member
Posted 13 March 2009 - 10:16 PM
Tomk,
after I clicked on restore hosts file , I got an error box telling me cannot create file C:\WINDOWS\system32\DRIVERS\ETC\hosts
what to do now?
newbe17
what to do now?
newbe17
Best
Wishes,
Wishes,
Neo
#24
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 13 March 2009 - 10:40 PM
newbe17,
Let's do it different then.
Disable resident protections (Antivirus...); you'll re-enable them after the scan
Download Lop S&D < here
Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)
(by the way. The file you uploaded is OK)
Let's do it different then.
Disable resident protections (Antivirus...); you'll re-enable them after the scan
Download Lop S&D < here
Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)
(by the way. The file you uploaded is OK)
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#25
Neo
-
- Guests
-
- 374 posts
Silver Member
Posted 13 March 2009 - 10:59 PM
Tomk,
thanks, here's the log:
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Sempron™ Processor 3200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Compaq_Owner ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 090312-0] 4.8.1229 (Not Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:61 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( Fri 03/13/2009|23:51 )
--------------------\\ Listing folders in APPLIC~1
[08/08/2005|05:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[11/13/2005|04:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[11/13/2005|05:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund LLC
[10/30/2006|04:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[08/08/2005|06:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Hewlett-Packard
[08/04/2006|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Insight Software Solutions
[08/08/2005|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[08/08/2005|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intuit
[07/28/2006|08:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
[06/16/2007|05:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[07/30/2008|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[11/13/2005|02:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[08/08/2005|05:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[03/13/2009|01:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[06/13/2008|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[12/14/2006|03:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[11/13/2005|02:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
[11/13/2005|09:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[07/29/2008|09:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Adobe
[08/08/2005|05:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Apple Computer
[10/05/2008|11:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> DivX
[01/09/2008|10:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> HPQ
[07/13/2005|11:48] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Identities
[10/01/2008|04:05] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> InterVideo
[08/08/2005|05:52] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Intuit
[06/13/2008|04:33] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Macromedia
[07/30/2008|12:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Malwarebytes
[07/29/2008|09:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Microsoft
[03/12/2009|08:57] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Mozilla
[10/02/2008|02:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Real
[08/08/2005|05:54] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> SampleView
[06/12/2008|09:18] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Sun
[08/08/2005|06:10] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Symantec
[12/22/2007|10:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Thunderbird
[08/08/2005|05:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Apple Computer
[07/13/2005|11:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[08/08/2005|05:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Intuit
[08/08/2005|06:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[08/08/2005|05:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Real
[08/08/2005|05:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> SampleView
[08/08/2005|06:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Symantec
[08/08/2005|05:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[08/08/2005|05:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks
[03/13/2009 12:21 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 02:00 PM][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing Folders in C:\Program Files
[10/31/2006|12:21] C:\Program Files\<DIR> 56HP92-SL Driver
[08/08/2005|05:42] C:\Program Files\<DIR> Adobe
[09/04/2006|06:04] C:\Program Files\<DIR> Alwil Software
[12/22/2007|07:47] C:\Program Files\<DIR> backups
[09/22/2006|08:53] C:\Program Files\<DIR> BestOn
[03/05/2009|06:41] C:\Program Files\<DIR> CCleaner
[03/12/2009|01:05] C:\Program Files\<DIR> Common Files
[08/08/2005|05:30] C:\Program Files\<DIR> CONEXANT
[07/31/2008|06:04] C:\Program Files\<DIR> Easy Internet signup
[03/13/2009|09:56] C:\Program Files\<DIR> Full Tilt Poker.Net
[10/06/2008|06:48] C:\Program Files\<DIR> Google
[09/27/2008|06:09] C:\Program Files\<DIR> Hewlett-Packard
[03/13/2009|06:21] C:\Program Files\<DIR> InstallShield Installation Information
[07/30/2008|05:43] C:\Program Files\<DIR> Internet Explorer
[08/08/2005|05:41] C:\Program Files\<DIR> InterVideo
[08/08/2005|05:48] C:\Program Files\<DIR> iPod
[08/08/2005|05:48] C:\Program Files\<DIR> iTunes
[06/13/2008|05:00] C:\Program Files\<DIR> Java
[07/28/2006|08:32] C:\Program Files\<DIR> Kodak
[06/16/2007|05:11] C:\Program Files\<DIR> Lavasoft
[07/08/2007|01:36] C:\Program Files\<DIR> LimeWire
[03/13/2009|01:00] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[07/13/2005|11:48] C:\Program Files\<DIR> microsoft frontpage
[11/19/2008|05:15] C:\Program Files\<DIR> Microsoft Games
[12/20/2007|07:13] C:\Program Files\<DIR> Microsoft Picture It! PhotoPub
[08/08/2005|05:43] C:\Program Files\<DIR> Microsoft Plus! Dancer LE
[08/08/2005|05:43] C:\Program Files\<DIR> Microsoft Plus! Digital Media Edition
[08/08/2005|05:46] C:\Program Files\<DIR> Microsoft Visual Studio
[07/29/2008|09:34] C:\Program Files\<DIR> Microsoft Works
[12/22/2007|09:42] C:\Program Files\<DIR> Movie Maker
[03/13/2009|09:53] C:\Program Files\<DIR> Mozilla Firefox
[07/13/2005|11:48] C:\Program Files\<DIR> MSN
[08/08/2005|05:33] C:\Program Files\<DIR> MSN Encarta Standard
[07/13/2005|11:48] C:\Program Files\<DIR> MSN Gaming Zone
[12/22/2007|09:42] C:\Program Files\<DIR> NetMeeting
[11/13/2005|05:09] C:\Program Files\<DIR> Netscape
[09/27/2008|06:09] C:\Program Files\<DIR> Outlook Express
[08/08/2005|06:08] C:\Program Files\<DIR> PC-Doctor 5 for Windows
[08/08/2005|06:01] C:\Program Files\<DIR> PC-Doctor for DOS
[06/29/2007|09:07] C:\Program Files\<DIR> Qualcomm
[10/02/2008|04:49] C:\Program Files\<DIR> Quicken
[08/08/2005|05:49] C:\Program Files\<DIR> QuickTime
[08/08/2005|05:34] C:\Program Files\<DIR> Real
[09/22/2008|10:49] C:\Program Files\<DIR> Sonic
[01/29/2009|05:10] C:\Program Files\<DIR> Spybot - Search & Destroy
[03/09/2009|05:12] C:\Program Files\<DIR> Trend Micro
[06/13/2008|01:52] C:\Program Files\<DIR> UIU
[11/13/2005|02:56] C:\Program Files\<DIR> Viewpoint
[10/02/2008|04:50] C:\Program Files\<DIR> Windows Media Player
[12/22/2007|09:42] C:\Program Files\<DIR> Windows NT
[09/22/2006|08:52] C:\Program Files\<DIR> WMV9_VCM
[07/13/2005|11:49] C:\Program Files\<DIR> xerox
--------------------\\ Listing Folders in C:\Program Files\Common Files
[08/08/2005|05:42] C:\Program Files\Common Files\<DIR> Adobe
[08/02/2008|01:13] C:\Program Files\Common Files\<DIR> AOL
[08/08/2005|05:48] C:\Program Files\Common Files\<DIR> InstallShield
[08/08/2005|05:19] C:\Program Files\Common Files\<DIR> Java
[07/28/2006|08:32] C:\Program Files\Common Files\<DIR> Kodak
[07/29/2008|09:35] C:\Program Files\Common Files\<DIR> Microsoft Shared
[07/13/2005|11:48] C:\Program Files\Common Files\<DIR> MSSoap
[11/13/2005|02:57] C:\Program Files\Common Files\<DIR> Nullsoft
[08/08/2005|05:34] C:\Program Files\Common Files\<DIR> Real
[10/19/2008|04:12] C:\Program Files\Common Files\<DIR> Services
[08/08/2005|05:35] C:\Program Files\Common Files\<DIR> Sonic Shared
[07/13/2005|11:48] C:\Program Files\Common Files\<DIR> SpeechEngines
[07/29/2008|09:34] C:\Program Files\Common Files\<DIR> System
[06/16/2007|05:09] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[08/08/2005|05:34] C:\Program Files\Common Files\<DIR> xing shared
--------------------\\ Process
( 28 Processes )
... OK !
--------------------\\ Searching with S_Lop
No Lop folder found !
--------------------\\ Searching for Lop Files - Folders
No Lop folder found !
--------------------\\ Searching within the Registry
..... OK !
--------------------\\ Checking the Hosts file
Hosts file CLEAN
--------------------\\ Searching for hidden files with Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-13 23:53:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Searching for other infections
No other infections found !
[F:3][D:2]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
[F:1][D:0]-> C:\DOCUME~1\COMPAQ~1\Cookies
[F:6][D:4]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - Fri 03/13/2009|23:53 - Option : [1]
--------------------\\ Scan completed at 23:53:54
Nebe17
thanks, here's the log:
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Sempron™ Processor 3200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Compaq_Owner ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 090312-0] 4.8.1229 (Not Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:61 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( Fri 03/13/2009|23:51 )
--------------------\\ Listing folders in APPLIC~1
[08/08/2005|05:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[11/13/2005|04:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[11/13/2005|05:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund LLC
[10/30/2006|04:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[08/08/2005|06:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Hewlett-Packard
[08/04/2006|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Insight Software Solutions
[08/08/2005|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[08/08/2005|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intuit
[07/28/2006|08:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
[06/16/2007|05:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[07/30/2008|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[11/13/2005|02:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[08/08/2005|05:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[03/13/2009|01:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[06/13/2008|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[12/14/2006|03:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[11/13/2005|02:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
[11/13/2005|09:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[07/29/2008|09:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Adobe
[08/08/2005|05:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Apple Computer
[10/05/2008|11:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> DivX
[01/09/2008|10:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> HPQ
[07/13/2005|11:48] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Identities
[10/01/2008|04:05] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> InterVideo
[08/08/2005|05:52] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Intuit
[06/13/2008|04:33] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Macromedia
[07/30/2008|12:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Malwarebytes
[07/29/2008|09:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Microsoft
[03/12/2009|08:57] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Mozilla
[10/02/2008|02:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Real
[08/08/2005|05:54] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> SampleView
[06/12/2008|09:18] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Sun
[08/08/2005|06:10] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Symantec
[12/22/2007|10:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Thunderbird
[08/08/2005|05:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Apple Computer
[07/13/2005|11:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[08/08/2005|05:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Intuit
[08/08/2005|06:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[08/08/2005|05:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Real
[08/08/2005|05:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> SampleView
[08/08/2005|06:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Symantec
[08/08/2005|05:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[08/08/2005|05:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks
[03/13/2009 12:21 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 02:00 PM][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing Folders in C:\Program Files
[10/31/2006|12:21] C:\Program Files\<DIR> 56HP92-SL Driver
[08/08/2005|05:42] C:\Program Files\<DIR> Adobe
[09/04/2006|06:04] C:\Program Files\<DIR> Alwil Software
[12/22/2007|07:47] C:\Program Files\<DIR> backups
[09/22/2006|08:53] C:\Program Files\<DIR> BestOn
[03/05/2009|06:41] C:\Program Files\<DIR> CCleaner
[03/12/2009|01:05] C:\Program Files\<DIR> Common Files
[08/08/2005|05:30] C:\Program Files\<DIR> CONEXANT
[07/31/2008|06:04] C:\Program Files\<DIR> Easy Internet signup
[03/13/2009|09:56] C:\Program Files\<DIR> Full Tilt Poker.Net
[10/06/2008|06:48] C:\Program Files\<DIR> Google
[09/27/2008|06:09] C:\Program Files\<DIR> Hewlett-Packard
[03/13/2009|06:21] C:\Program Files\<DIR> InstallShield Installation Information
[07/30/2008|05:43] C:\Program Files\<DIR> Internet Explorer
[08/08/2005|05:41] C:\Program Files\<DIR> InterVideo
[08/08/2005|05:48] C:\Program Files\<DIR> iPod
[08/08/2005|05:48] C:\Program Files\<DIR> iTunes
[06/13/2008|05:00] C:\Program Files\<DIR> Java
[07/28/2006|08:32] C:\Program Files\<DIR> Kodak
[06/16/2007|05:11] C:\Program Files\<DIR> Lavasoft
[07/08/2007|01:36] C:\Program Files\<DIR> LimeWire
[03/13/2009|01:00] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[07/13/2005|11:48] C:\Program Files\<DIR> microsoft frontpage
[11/19/2008|05:15] C:\Program Files\<DIR> Microsoft Games
[12/20/2007|07:13] C:\Program Files\<DIR> Microsoft Picture It! PhotoPub
[08/08/2005|05:43] C:\Program Files\<DIR> Microsoft Plus! Dancer LE
[08/08/2005|05:43] C:\Program Files\<DIR> Microsoft Plus! Digital Media Edition
[08/08/2005|05:46] C:\Program Files\<DIR> Microsoft Visual Studio
[07/29/2008|09:34] C:\Program Files\<DIR> Microsoft Works
[12/22/2007|09:42] C:\Program Files\<DIR> Movie Maker
[03/13/2009|09:53] C:\Program Files\<DIR> Mozilla Firefox
[07/13/2005|11:48] C:\Program Files\<DIR> MSN
[08/08/2005|05:33] C:\Program Files\<DIR> MSN Encarta Standard
[07/13/2005|11:48] C:\Program Files\<DIR> MSN Gaming Zone
[12/22/2007|09:42] C:\Program Files\<DIR> NetMeeting
[11/13/2005|05:09] C:\Program Files\<DIR> Netscape
[09/27/2008|06:09] C:\Program Files\<DIR> Outlook Express
[08/08/2005|06:08] C:\Program Files\<DIR> PC-Doctor 5 for Windows
[08/08/2005|06:01] C:\Program Files\<DIR> PC-Doctor for DOS
[06/29/2007|09:07] C:\Program Files\<DIR> Qualcomm
[10/02/2008|04:49] C:\Program Files\<DIR> Quicken
[08/08/2005|05:49] C:\Program Files\<DIR> QuickTime
[08/08/2005|05:34] C:\Program Files\<DIR> Real
[09/22/2008|10:49] C:\Program Files\<DIR> Sonic
[01/29/2009|05:10] C:\Program Files\<DIR> Spybot - Search & Destroy
[03/09/2009|05:12] C:\Program Files\<DIR> Trend Micro
[06/13/2008|01:52] C:\Program Files\<DIR> UIU
[11/13/2005|02:56] C:\Program Files\<DIR> Viewpoint
[10/02/2008|04:50] C:\Program Files\<DIR> Windows Media Player
[12/22/2007|09:42] C:\Program Files\<DIR> Windows NT
[09/22/2006|08:52] C:\Program Files\<DIR> WMV9_VCM
[07/13/2005|11:49] C:\Program Files\<DIR> xerox
--------------------\\ Listing Folders in C:\Program Files\Common Files
[08/08/2005|05:42] C:\Program Files\Common Files\<DIR> Adobe
[08/02/2008|01:13] C:\Program Files\Common Files\<DIR> AOL
[08/08/2005|05:48] C:\Program Files\Common Files\<DIR> InstallShield
[08/08/2005|05:19] C:\Program Files\Common Files\<DIR> Java
[07/28/2006|08:32] C:\Program Files\Common Files\<DIR> Kodak
[07/29/2008|09:35] C:\Program Files\Common Files\<DIR> Microsoft Shared
[07/13/2005|11:48] C:\Program Files\Common Files\<DIR> MSSoap
[11/13/2005|02:57] C:\Program Files\Common Files\<DIR> Nullsoft
[08/08/2005|05:34] C:\Program Files\Common Files\<DIR> Real
[10/19/2008|04:12] C:\Program Files\Common Files\<DIR> Services
[08/08/2005|05:35] C:\Program Files\Common Files\<DIR> Sonic Shared
[07/13/2005|11:48] C:\Program Files\Common Files\<DIR> SpeechEngines
[07/29/2008|09:34] C:\Program Files\Common Files\<DIR> System
[06/16/2007|05:09] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[08/08/2005|05:34] C:\Program Files\Common Files\<DIR> xing shared
--------------------\\ Process
( 28 Processes )
... OK !
--------------------\\ Searching with S_Lop
No Lop folder found !
--------------------\\ Searching for Lop Files - Folders
No Lop folder found !
--------------------\\ Searching within the Registry
..... OK !
--------------------\\ Checking the Hosts file
Hosts file CLEAN
--------------------\\ Searching for hidden files with Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-13 23:53:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Searching for other infections
No other infections found !
[F:3][D:2]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
[F:1][D:0]-> C:\DOCUME~1\COMPAQ~1\Cookies
[F:6][D:4]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - Fri 03/13/2009|23:53 - Option : [1]
--------------------\\ Scan completed at 23:53:54
Nebe17
Best
Wishes,
Wishes,
Neo
Register to Remove
#26
Neo
-
- Guests
-
- 374 posts
Silver Member
Posted 13 March 2009 - 11:03 PM
Tomk,
the Kaspersky website link did not work.
Newbe17
Best
Wishes,
Wishes,
Neo
#27
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 13 March 2009 - 11:06 PM
newbe17,
Restart Lop S&D
This time choose Option 2 (Fix + Hosts)
Don't close the window during suppression!
Post the log which is created: (%SystemDrive%\lopR.txt)
Then go right on with the Kaspersky scan. (It will probably take a couple of hours)
Restart Lop S&D
This time choose Option 2 (Fix + Hosts)
Don't close the window during suppression!
Post the log which is created: (%SystemDrive%\lopR.txt)
Then go right on with the Kaspersky scan. (It will probably take a couple of hours)
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#28
Neo
-
- Guests
-
- 374 posts
Silver Member
Posted 13 March 2009 - 11:19 PM
Tomk,
the kasper link didn't work for me. here's something I know you will like to see (maybe I can get it from majorgeeks?)
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Sempron™ Processor 3200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Compaq_Owner ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 090312-0] 4.8.1229 (Not Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:61 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( Sat 03/14/2009| 0:10 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX
-
[ Hosts file ] .. Restored!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Deleted! - C:\Program Files\Viewpoint
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing folders in APPLIC~1
[08/08/2005|05:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[11/13/2005|04:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[11/13/2005|05:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund LLC
[10/30/2006|04:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[08/08/2005|06:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Hewlett-Packard
[08/04/2006|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Insight Software Solutions
[08/08/2005|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[08/08/2005|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intuit
[07/28/2006|08:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
[06/16/2007|05:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[07/30/2008|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[11/13/2005|02:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[08/08/2005|05:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[03/13/2009|01:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[06/13/2008|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[12/14/2006|03:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[11/13/2005|09:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[07/29/2008|09:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Adobe
[08/08/2005|05:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Apple Computer
[10/05/2008|11:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> DivX
[01/09/2008|10:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> HPQ
[07/13/2005|11:48] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Identities
[10/01/2008|04:05] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> InterVideo
[08/08/2005|05:52] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Intuit
[06/13/2008|04:33] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Macromedia
[07/30/2008|12:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Malwarebytes
[07/29/2008|09:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Microsoft
[03/12/2009|08:57] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Mozilla
[10/02/2008|02:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Real
[08/08/2005|05:54] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> SampleView
[06/12/2008|09:18] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Sun
[08/08/2005|06:10] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Symantec
[12/22/2007|10:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Thunderbird
[08/08/2005|05:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Apple Computer
[07/13/2005|11:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[08/08/2005|05:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Intuit
[08/08/2005|06:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[08/08/2005|05:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Real
[08/08/2005|05:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> SampleView
[08/08/2005|06:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Symantec
[08/08/2005|05:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[08/08/2005|05:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks
[03/13/2009 12:21 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 02:00 PM][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing Folders in C:\Program Files
[10/31/2006|12:21] C:\Program Files\<DIR> 56HP92-SL Driver
[08/08/2005|05:42] C:\Program Files\<DIR> Adobe
[09/04/2006|06:04] C:\Program Files\<DIR> Alwil Software
[12/22/2007|07:47] C:\Program Files\<DIR> backups
[09/22/2006|08:53] C:\Program Files\<DIR> BestOn
[03/05/2009|06:41] C:\Program Files\<DIR> CCleaner
[03/12/2009|01:05] C:\Program Files\<DIR> Common Files
[08/08/2005|05:30] C:\Program Files\<DIR> CONEXANT
[07/31/2008|06:04] C:\Program Files\<DIR> Easy Internet signup
[03/13/2009|09:56] C:\Program Files\<DIR> Full Tilt Poker.Net
[10/06/2008|06:48] C:\Program Files\<DIR> Google
[09/27/2008|06:09] C:\Program Files\<DIR> Hewlett-Packard
[03/13/2009|06:21] C:\Program Files\<DIR> InstallShield Installation Information
[07/30/2008|05:43] C:\Program Files\<DIR> Internet Explorer
[08/08/2005|05:41] C:\Program Files\<DIR> InterVideo
[08/08/2005|05:48] C:\Program Files\<DIR> iPod
[08/08/2005|05:48] C:\Program Files\<DIR> iTunes
[06/13/2008|05:00] C:\Program Files\<DIR> Java
[07/28/2006|08:32] C:\Program Files\<DIR> Kodak
[06/16/2007|05:11] C:\Program Files\<DIR> Lavasoft
[07/08/2007|01:36] C:\Program Files\<DIR> LimeWire
[03/13/2009|01:00] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[07/13/2005|11:48] C:\Program Files\<DIR> microsoft frontpage
[11/19/2008|05:15] C:\Program Files\<DIR> Microsoft Games
[12/20/2007|07:13] C:\Program Files\<DIR> Microsoft Picture It! PhotoPub
[08/08/2005|05:43] C:\Program Files\<DIR> Microsoft Plus! Dancer LE
[08/08/2005|05:43] C:\Program Files\<DIR> Microsoft Plus! Digital Media Edition
[08/08/2005|05:46] C:\Program Files\<DIR> Microsoft Visual Studio
[07/29/2008|09:34] C:\Program Files\<DIR> Microsoft Works
[12/22/2007|09:42] C:\Program Files\<DIR> Movie Maker
[03/13/2009|09:53] C:\Program Files\<DIR> Mozilla Firefox
[07/13/2005|11:48] C:\Program Files\<DIR> MSN
[08/08/2005|05:33] C:\Program Files\<DIR> MSN Encarta Standard
[07/13/2005|11:48] C:\Program Files\<DIR> MSN Gaming Zone
[12/22/2007|09:42] C:\Program Files\<DIR> NetMeeting
[11/13/2005|05:09] C:\Program Files\<DIR> Netscape
[09/27/2008|06:09] C:\Program Files\<DIR> Outlook Express
[08/08/2005|06:08] C:\Program Files\<DIR> PC-Doctor 5 for Windows
[08/08/2005|06:01] C:\Program Files\<DIR> PC-Doctor for DOS
[06/29/2007|09:07] C:\Program Files\<DIR> Qualcomm
[10/02/2008|04:49] C:\Program Files\<DIR> Quicken
[08/08/2005|05:49] C:\Program Files\<DIR> QuickTime
[08/08/2005|05:34] C:\Program Files\<DIR> Real
[09/22/2008|10:49] C:\Program Files\<DIR> Sonic
[01/29/2009|05:10] C:\Program Files\<DIR> Spybot - Search & Destroy
[03/09/2009|05:12] C:\Program Files\<DIR> Trend Micro
[06/13/2008|01:52] C:\Program Files\<DIR> UIU
[10/02/2008|04:50] C:\Program Files\<DIR> Windows Media Player
[12/22/2007|09:42] C:\Program Files\<DIR> Windows NT
[09/22/2006|08:52] C:\Program Files\<DIR> WMV9_VCM
[07/13/2005|11:49] C:\Program Files\<DIR> xerox
--------------------\\ Listing Folders in C:\Program Files\Common Files
[08/08/2005|05:42] C:\Program Files\Common Files\<DIR> Adobe
[08/02/2008|01:13] C:\Program Files\Common Files\<DIR> AOL
[08/08/2005|05:48] C:\Program Files\Common Files\<DIR> InstallShield
[08/08/2005|05:19] C:\Program Files\Common Files\<DIR> Java
[07/28/2006|08:32] C:\Program Files\Common Files\<DIR> Kodak
[07/29/2008|09:35] C:\Program Files\Common Files\<DIR> Microsoft Shared
[07/13/2005|11:48] C:\Program Files\Common Files\<DIR> MSSoap
[11/13/2005|02:57] C:\Program Files\Common Files\<DIR> Nullsoft
[08/08/2005|05:34] C:\Program Files\Common Files\<DIR> Real
[10/19/2008|04:12] C:\Program Files\Common Files\<DIR> Services
[08/08/2005|05:35] C:\Program Files\Common Files\<DIR> Sonic Shared
[07/13/2005|11:48] C:\Program Files\Common Files\<DIR> SpeechEngines
[07/29/2008|09:34] C:\Program Files\Common Files\<DIR> System
[06/16/2007|05:09] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[08/08/2005|05:34] C:\Program Files\Common Files\<DIR> xing shared
--------------------\\ Process
( 27 Processes )
... OK !
--------------------\\ Searching with S_Lop
No Lop folder found !
--------------------\\ Searching for Lop Files - Folders
No Lop folder found !
--------------------\\ Searching within the Registry
..... OK !
--------------------\\ Checking the Hosts file
Hosts file CLEAN
--------------------\\ Searching for hidden files with Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-14 00:12:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Searching for other infections
No other infections found !
[F:3][D:2]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
[F:1][D:0]-> C:\DOCUME~1\COMPAQ~1\Cookies
[F:6][D:4]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - Fri 03/13/2009|23:53 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - Sat 03/14/2009| 0:13 - Option : [2]
--------------------\\ Scan completed at 0:13:35
the kasper link didn't work for me. here's something I know you will like to see (maybe I can get it from majorgeeks?)
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Sempron™ Processor 3200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Compaq_Owner ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 090312-0] 4.8.1229 (Not Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:61 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( Sat 03/14/2009| 0:10 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX
-
[ Hosts file ] .. Restored!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Deleted! - C:\Program Files\Viewpoint
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing folders in APPLIC~1
[08/08/2005|05:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[11/13/2005|04:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[11/13/2005|05:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund LLC
[10/30/2006|04:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[08/08/2005|06:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Hewlett-Packard
[08/04/2006|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Insight Software Solutions
[08/08/2005|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[08/08/2005|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intuit
[07/28/2006|08:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
[06/16/2007|05:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[07/30/2008|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[11/13/2005|02:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[08/08/2005|05:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[08/08/2005|05:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[03/13/2009|01:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[06/13/2008|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[12/14/2006|03:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[11/13/2005|09:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[07/29/2008|09:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Adobe
[08/08/2005|05:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Apple Computer
[10/05/2008|11:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> DivX
[01/09/2008|10:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> HPQ
[07/13/2005|11:48] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Identities
[10/01/2008|04:05] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> InterVideo
[08/08/2005|05:52] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Intuit
[06/13/2008|04:33] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Macromedia
[07/30/2008|12:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Malwarebytes
[07/29/2008|09:28] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Microsoft
[03/12/2009|08:57] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Mozilla
[10/02/2008|02:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Real
[08/08/2005|05:54] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> SampleView
[06/12/2008|09:18] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Sun
[08/08/2005|06:10] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Symantec
[12/22/2007|10:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\<DIR> Thunderbird
[08/08/2005|05:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Apple Computer
[07/13/2005|11:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[08/08/2005|05:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Intuit
[08/08/2005|06:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[08/08/2005|05:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Real
[08/08/2005|05:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> SampleView
[08/08/2005|06:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Symantec
[08/08/2005|05:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[08/08/2005|05:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks
[03/13/2009 12:21 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 02:00 PM][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing Folders in C:\Program Files
[10/31/2006|12:21] C:\Program Files\<DIR> 56HP92-SL Driver
[08/08/2005|05:42] C:\Program Files\<DIR> Adobe
[09/04/2006|06:04] C:\Program Files\<DIR> Alwil Software
[12/22/2007|07:47] C:\Program Files\<DIR> backups
[09/22/2006|08:53] C:\Program Files\<DIR> BestOn
[03/05/2009|06:41] C:\Program Files\<DIR> CCleaner
[03/12/2009|01:05] C:\Program Files\<DIR> Common Files
[08/08/2005|05:30] C:\Program Files\<DIR> CONEXANT
[07/31/2008|06:04] C:\Program Files\<DIR> Easy Internet signup
[03/13/2009|09:56] C:\Program Files\<DIR> Full Tilt Poker.Net
[10/06/2008|06:48] C:\Program Files\<DIR> Google
[09/27/2008|06:09] C:\Program Files\<DIR> Hewlett-Packard
[03/13/2009|06:21] C:\Program Files\<DIR> InstallShield Installation Information
[07/30/2008|05:43] C:\Program Files\<DIR> Internet Explorer
[08/08/2005|05:41] C:\Program Files\<DIR> InterVideo
[08/08/2005|05:48] C:\Program Files\<DIR> iPod
[08/08/2005|05:48] C:\Program Files\<DIR> iTunes
[06/13/2008|05:00] C:\Program Files\<DIR> Java
[07/28/2006|08:32] C:\Program Files\<DIR> Kodak
[06/16/2007|05:11] C:\Program Files\<DIR> Lavasoft
[07/08/2007|01:36] C:\Program Files\<DIR> LimeWire
[03/13/2009|01:00] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[07/13/2005|11:48] C:\Program Files\<DIR> microsoft frontpage
[11/19/2008|05:15] C:\Program Files\<DIR> Microsoft Games
[12/20/2007|07:13] C:\Program Files\<DIR> Microsoft Picture It! PhotoPub
[08/08/2005|05:43] C:\Program Files\<DIR> Microsoft Plus! Dancer LE
[08/08/2005|05:43] C:\Program Files\<DIR> Microsoft Plus! Digital Media Edition
[08/08/2005|05:46] C:\Program Files\<DIR> Microsoft Visual Studio
[07/29/2008|09:34] C:\Program Files\<DIR> Microsoft Works
[12/22/2007|09:42] C:\Program Files\<DIR> Movie Maker
[03/13/2009|09:53] C:\Program Files\<DIR> Mozilla Firefox
[07/13/2005|11:48] C:\Program Files\<DIR> MSN
[08/08/2005|05:33] C:\Program Files\<DIR> MSN Encarta Standard
[07/13/2005|11:48] C:\Program Files\<DIR> MSN Gaming Zone
[12/22/2007|09:42] C:\Program Files\<DIR> NetMeeting
[11/13/2005|05:09] C:\Program Files\<DIR> Netscape
[09/27/2008|06:09] C:\Program Files\<DIR> Outlook Express
[08/08/2005|06:08] C:\Program Files\<DIR> PC-Doctor 5 for Windows
[08/08/2005|06:01] C:\Program Files\<DIR> PC-Doctor for DOS
[06/29/2007|09:07] C:\Program Files\<DIR> Qualcomm
[10/02/2008|04:49] C:\Program Files\<DIR> Quicken
[08/08/2005|05:49] C:\Program Files\<DIR> QuickTime
[08/08/2005|05:34] C:\Program Files\<DIR> Real
[09/22/2008|10:49] C:\Program Files\<DIR> Sonic
[01/29/2009|05:10] C:\Program Files\<DIR> Spybot - Search & Destroy
[03/09/2009|05:12] C:\Program Files\<DIR> Trend Micro
[06/13/2008|01:52] C:\Program Files\<DIR> UIU
[10/02/2008|04:50] C:\Program Files\<DIR> Windows Media Player
[12/22/2007|09:42] C:\Program Files\<DIR> Windows NT
[09/22/2006|08:52] C:\Program Files\<DIR> WMV9_VCM
[07/13/2005|11:49] C:\Program Files\<DIR> xerox
--------------------\\ Listing Folders in C:\Program Files\Common Files
[08/08/2005|05:42] C:\Program Files\Common Files\<DIR> Adobe
[08/02/2008|01:13] C:\Program Files\Common Files\<DIR> AOL
[08/08/2005|05:48] C:\Program Files\Common Files\<DIR> InstallShield
[08/08/2005|05:19] C:\Program Files\Common Files\<DIR> Java
[07/28/2006|08:32] C:\Program Files\Common Files\<DIR> Kodak
[07/29/2008|09:35] C:\Program Files\Common Files\<DIR> Microsoft Shared
[07/13/2005|11:48] C:\Program Files\Common Files\<DIR> MSSoap
[11/13/2005|02:57] C:\Program Files\Common Files\<DIR> Nullsoft
[08/08/2005|05:34] C:\Program Files\Common Files\<DIR> Real
[10/19/2008|04:12] C:\Program Files\Common Files\<DIR> Services
[08/08/2005|05:35] C:\Program Files\Common Files\<DIR> Sonic Shared
[07/13/2005|11:48] C:\Program Files\Common Files\<DIR> SpeechEngines
[07/29/2008|09:34] C:\Program Files\Common Files\<DIR> System
[06/16/2007|05:09] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[08/08/2005|05:34] C:\Program Files\Common Files\<DIR> xing shared
--------------------\\ Process
( 27 Processes )
... OK !
--------------------\\ Searching with S_Lop
No Lop folder found !
--------------------\\ Searching for Lop Files - Folders
No Lop folder found !
--------------------\\ Searching within the Registry
..... OK !
--------------------\\ Checking the Hosts file
Hosts file CLEAN
--------------------\\ Searching for hidden files with Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-14 00:12:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Searching for other infections
No other infections found !
[F:3][D:2]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
[F:1][D:0]-> C:\DOCUME~1\COMPAQ~1\Cookies
[F:6][D:4]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - Fri 03/13/2009|23:53 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - Sat 03/14/2009| 0:13 - Option : [2]
--------------------\\ Scan completed at 0:13:35
Best
Wishes,
Wishes,
Neo
#29
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 13 March 2009 - 11:22 PM
newbe17,
Kaspersky is an online scanner so you can't just download it. If it won't work, then we'll use a different one.
I need you to run the following scan: Eset Online Scanner
Kaspersky is an online scanner so you can't just download it. If it won't work, then we'll use a different one.
I need you to run the following scan: Eset Online Scanner
- Place a check mark in the box YES, I accept the Terms Of Use
- Click the Start button.
- Now click the Install button.
- Click Start. The scanner engine will initialize and update.
- Do Not place a check mark in the box beside Remove found threats.
- Click the Scan button. The scan will now run, please be patient.
- When the scan finishes click the Details tab.
- Copy and paste the contents of the C:\ProgramFiles\EsetOnlineScanner\log.txt into your next reply.
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#30
Neo
-
- Guests
-
- 374 posts
Silver Member
Posted 13 March 2009 - 11:26 PM
Tomk,
the Eset Online Scanner link didn't work either.... Does it work for you? Is it my computer, or just a bad link?
newbe17
Best
Wishes,
Wishes,
Neo
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
