Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: HELP Mislead.app

  1. #11
    Junior Member
    Join Date
    May 2008
    Posts
    9

    Default

    5) Download ResetTeaTimer.bat to the Desktop
    http://downloads.subratam.org/ResetTeaTimer.bat
    Double click ResetTeaTimer.bat
    to remove all entries set by TeaTimer (and preventing TeaTimer to restore them upon reactivation).





    Double clicking on ResetTeaTimer opened a text file....
    Is there something wrong???

  2. #12
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Double clicking on ResetTeaTimer opened a text file....
    Is there something wrong???
    I am not sure until TeaTimer is enabled again. When you click the link, you should get the "you are downloading the file" box. choose to Save this file now and on the Desktop. When you Double click the
    ResetTeaTimer.bat everything happens in a second, you will not see it. If you did it correctly, those items HJT removed will not be returned by TeaTimer when you enable it.

    (second request)
    C:\Program Files\Java\jre1.6.0_05\ <<< update your Java program, see this:
    http://forums.spybot.info/showpost.p...80&postcount=2

    HJT log look clean of malware.

    Remove combofix, C:\qoobox\quarantine\ folder from the computer and
    Run this online scan using Internet Explorer:
    Kaspersky Online Scanner from
    http://www.kaspersky.com/virusscanner

    Next Click on Launch Kaspersky Online Scanner

    You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

    * The program will launch and then begin downloading the latest definition files:
    * Once the files have been downloaded click on NEXT
    * Now click on Scan Settings
    * In the scan settings make that the following are selected:
    * Scan using the following Anti-Virus database:
    * Standard
    * Scan Options:
    * Scan Archives
    * Scan Mail Bases
    * Click OK
    * Now under select a target to scan:
    * Select My Computer
    * This will program will start and scan your system.
    * The scan will take a while so be patient and let it run.
    * Once the scan is complete it will display if your system has been infected.
    * Now click on the Save as Text button:
    * Save the file to your desktop.

    Then post it here.

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  3. #13
    Junior Member
    Join Date
    May 2008
    Posts
    9

    Default

    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Monday, May 12, 2008 11:48:19 PM
    Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 12/05/2008
    Kaspersky Anti-Virus database records: 682847
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: standard
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    A:\
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\
    J:\
    K:\
    L:\
    M:\

    Scan Statistics:
    Total number of scanned objects: 117526
    Number of viruses found: 0
    Number of infected objects: 0
    Number of suspicious objects: 0
    Duration of the scan process: 01:18:18

    Infected Object Name / Virus Name / Last Action
    C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\00f3_File_Monitoring_eventlog.rpt Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\00f4_Web_Monitoring_eventlog.rpt Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\detected.idx Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\detected.rpt Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\eventlog.rpt Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Report\report.rpt Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\ssn\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\ssn\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\ssn\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\ssn\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\ssn\Local Settings\Temp\Perflib_Perfdata_164.dat Object is locked skipped
    C:\Documents and Settings\ssn\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
    C:\Documents and Settings\ssn\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\ssn\My Documents\My Music\iTunes\iTunes Library.itl Object is locked skipped
    C:\Documents and Settings\ssn\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\ssn\ntuser.dat.LOG Object is locked skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{B7B58B34-DAA2-41E8-B2DC-022B228E86EB}\RP304\change.log Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\system32\CnxDslWz.log Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\default Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\software Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\system Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped
    C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
    C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
    C:\WINDOWS\system32\drivers\fidbox2.dat Object is locked skipped
    C:\WINDOWS\system32\drivers\fidbox2.idx Object is locked skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
    C:\WINDOWS\system32\Proxy.Dll Object is locked skipped
    C:\WINDOWS\system32\ProxyM.dll Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\TEMP\cch~193b6ca9655d.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~193b6cdd4756.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~5a63c402e76d.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~5a63c4335cfc.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~5a63c59b5484.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~5a63c5bd78c5.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~61253bf5cfa5.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~61253c3f3e47.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~646bde23d2bc.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~646bde6135ee.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~656a0775e852.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~656a07b1c746.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~6dc6a60748fa.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~6dc6a625b236.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~6df0e06c44ad.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~6df0e0996b07.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~6fa278a92dff.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~6fa278d033e1.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~778221c7bd93.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~778221e8dbea.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~86d7e6c4266d.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~86d7e918154e.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~eb92afbb7f0.htp Object is locked skipped
    C:\WINDOWS\TEMP\cch~eb92b4da916.htp Object is locked skipped
    C:\WINDOWS\wiadebug.log Object is locked skipped
    C:\WINDOWS\wiaservc.log Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped
    H:\UTorrent\VA-Cafe Del Mar Vol 14-2CD\206-jazzy_pecada-slow_down-unit.mp3 Object is locked skipped
    H:\UTorrent\Buddha Bar IX - By Ravin (Lo-Fi)[2CD][2007]\201-va-buddha-bar_ix_-_by_ravin_(george_v_records).mp3 Object is locked skipped
    H:\UTorrent\Cafe del Mar - 25 Anniversary [1980-2005] [3CD] [Covers] [www.pctorrent.com]\Covers\Café del mar (25 Anniversary) 1980-2005_Front-www.pctorrent.com.jpg Object is locked skipped

    Scan process completed.

  4. #14
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Your online scan is clean, how is the computer running? Enable TeaTimer, if you have no issues, you should be good to go.

    Some good information for you:
    http://users.telenet.be/bluepatchy/m...wcomputer.html
    http://www.microsoft.com/windowsxp/u...s/mcgill1.mspx

    Here is some great information from experts in this field that will help you stay clean and safe online.
    http://users.telenet.be/bluepatchy/m...revention.html
    http://forums.spybot.info/showthread.php?t=279
    http://russelltexas.com/malware/allclear.htm
    http://forum.malwareremoval.com/viewtopic.php?t=14
    http://www.bleepingcomputer.com/forums/topict2520.html
    http://cybercoyote.org/security/not-admin.shtml

    http://www.malwarecomplaints.info/

    Thanks...pskelley
    Safer Networking Forums
    http://www.spybot.info/en/donate/index.html
    If you are reading this information...thank a teacher,
    If you are reading it in English...thank a soldier.
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  5. #15
    Junior Member
    Join Date
    May 2008
    Posts
    9

    Default

    Well its running better than before.....!
    THANKS ALOT!!!!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •