Page 2 of 6 FirstFirst 123456 LastLast
Results 11 to 20 of 52

Thread: I've Got Winhound

  1. #11
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,078

    Default

    Hi

    Just skip that and visit the site when instructed

  2. #12
    Member
    Join Date
    Dec 2005
    Posts
    0

    Default Problem seems solved...but

    Believe the hijacked destop is fixed. Thanks! However...when I start up, I bet it took three minutes for the destop to load. The wheels just kept spinning. Any reason for this?
    New logs to follow.

    Thanks and let me know about the slowdown, please.

    Here's smitfiles.txt
    smitRem log file
    version 2.8

    by noahdfear


    Microsoft Windows XP [Version 5.1.2600]
    The current date is: Wed 12/14/2005
    The current time is: 21:34:26.34

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    checking for ShudderLTD key

    ShudderLTD key not present!

    checking for PSGuard.com key


    PSGuard.com key not present!

    spyaxe uninstaller NOT present
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Existing Pre-run Files


    ~~~ Program Files ~~~



    ~~~ Shortcuts ~~~



    ~~~ Favorites ~~~



    ~~~ system32 folder ~~~



    ~~~ Icons in System32 ~~~



    ~~~ Windows directory ~~~



    ~~~ Drive root ~~~


    ~~~ Miscellaneous Files/folders ~~~




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
    Copyright(C) 2002-2003
    Killing PID 636 'explorer.exe'
    Killing PID 636 'explorer.exe'

    Starting registry repairs

    Deleting files


    Remaining Post-run Files


    ~~~ Program Files ~~~



    ~~~ Shortcuts ~~~



    ~~~ Favorites ~~~



    ~~~ system32 folder ~~~



    ~~~ Icons in System32 ~~~



    ~~~ Windows directory ~~~



    ~~~ Drive root ~~~



    ~~~ Miscellaneous Files/folders ~~~




    ~~~ Wininet.dll ~~~

    CLEAN!


    ~~~ Upon reboot ~~~

    wininet.old not present!
    oleadm.dll not present!
    oleext.dll not present!


    ~~~ Upon completion ~~~

    wininet.old not present!
    oleadm.dll not present!
    oleext.dll not present!


    ~~~~ Rechecking C:\WINDOWS\system32\wininet.dll for infection ~~~~


    ~~~~ C:\WINDOWS\system32\wininet.dll Clean! ~~~~

  3. #13
    Member
    Join Date
    Dec 2005
    Posts
    0

    Default New Hijackthis Log...1of 2

    Logfile of HijackThis v1.99.1
    Scan saved at 11:02:26 PM, on 12/14/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Norton Internet Security\ISSVC.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    C:\Program Files\ewido\security suite\ewidoguard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\wdfmgr.exe
    c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\support.com\bin\tgcmd.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\NetZero\exec.exe
    C:\Program Files\Microsoft Money\System\mnyexpr.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe
    C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Documents and Settings\Compaq_Owner\My Documents\HijackThis.exe

  4. #14
    Member
    Join Date
    Dec 2005
    Posts
    0

    Default New Hijackthis 2 of 2

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.comcast.net/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~3\tools\iesdsg.dll
    O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~3\tools\iesdpb.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\toolbar.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe regrun
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin\core.hp.main\SendTo.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~3\tools\iesdpb.dll
    O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/v...fo/webscan.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

  5. #15
    Member
    Join Date
    Dec 2005
    Posts
    0

    Default Ewido Log

    ewido security suite - Scan report
    ---------------------------------------------------------

    + Created on: 10:31:03 PM, 12/14/2005
    + Report-Checksum: 3F98F605

    + Scan result:

    HKU\S-1-5-21-3055202376-2734875014-2811016977-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{031B6D43-CBC4-46A5-8E46-CF8B407C1A33} -> Spyware.CoolWebSearch : Cleaned with backup
    HKU\S-1-5-21-3055202376-2734875014-2811016977-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{36A59337-6EEF-40AE-94B1-ED443A0C4740} -> Spyware.BetterInternet : Cleaned with backup
    C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
    C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@e-2dj6wfk4uhcpceo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
    C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@maxim.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@rotator.adjuggler[1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup


    ::Report End

  6. #16
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,078

    Default

    Hi

    The slow startup will hopefully go away


    go get preferably two free onlines and post the results

    Kaspersky Lab - Free Online scan:
    http://www.kaspersky.com/virusscanner
    Click scan settings and place a check next to use [x]extended this database etc etc. Click ok.
    Then choose: my computer: scan all your hard drives and mapped disks.
    when finished click save as text and post that in your reply.
    Panda ActiveScan-Free online scanner,
    http://www.pandasoftware.com/products/activescan.htm
    Save the report and post it back here please if there are any that it is unable to deal with.

  7. #17
    Member
    Join Date
    Dec 2005
    Posts
    0

    Default Winhound may be cured...but

    Hey, Lonnie

    Winhound appears to be gone...but I time it this AM and it took over five minutes to boot up and sign on to IE (cable modem). It's never taken this long before... What's up?
    Thanks

  8. #18
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,078

    Default

    Hi

    Not sure if this will help

    what do you mean sign i with IE ? comcast hiompage perhaps ?

    have hijackthis fix those two (file missing) items
    O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

    And in addremove programs uninstall comcast's extra tools, they are not needed, I use comcast myself and have uninstalled it.
    Have you reset the modem lately ?
    Turn the pc off, unplug the modem and firewall if you have one. wait 60 seconds plug the modem and firewall back in wait about two minutes and turn the pc back on

    Update suns java manualy
    Sun Java V1.5.0_06 is Available: http://java.com/en/index.jsp
    Afterwards Turn off it's auto-updater,(Its buggy) , in control panel java >
    update tab uncheck its option to update automatically.
    After you install the newer version its important to uninstall the old versions, via addremove programs.

  9. #19
    Member
    Join Date
    Dec 2005
    Posts
    0

    Default kaspersky

    Lonny

    Here are the two kaspersky files. Have the Panda to go...but thought would go ahead and send these. Thanks!

    KASPERSKY ON-LINE SCANNER REPORT
    Thursday, December 15, 2005 21:24:53
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky On-line Scanner version: 5.0.67.0
    Kaspersky Anti-Virus database last update: 16/12/2005
    Kaspersky Anti-Virus database records: 155467
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: standard
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - Critical Areas:
    C:\WINDOWS
    C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\

    Scan Statistics:
    Total number of scanned objects: 20056
    Number of viruses found: 0
    Number of infected objects: 0
    Number of suspicious objects: 0
    Duration of the scan process: 791 sec
    No malware has been detected. The sections that have been scanned are CLEAN.

    Scan process completed.

    MY COMPUTER SCAN:

    KASPERSKY ON-LINE SCANNER REPORT
    Thursday, December 15, 2005 22:09:58
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky On-line Scanner version: 5.0.67.0
    Kaspersky Anti-Virus database last update: 16/12/2005
    Kaspersky Anti-Virus database records: 155474
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: standard
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    A:\
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\
    J:\

    Scan Statistics:
    Total number of scanned objects: 53249
    Number of viruses found: 11
    Number of infected objects: 25
    Number of suspicious objects: 0
    Duration of the scan process: 2511 sec

    Infected Object Name - Virus Name
    C:\Documents and Settings\Compaq_Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-352f55f0-223ab046.class Infected: Trojan-Downloader.Java.OpenStream.y
    C:\Documents and Settings\Compaq_Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-40baf3a5-5c6e7951.class Infected: Trojan-Downloader.Java.OpenStream.y
    C:\Documents and Settings\Compaq_Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-486c9904-1d0eb084.class Infected: Trojan-Downloader.Java.OpenStream.y
    C:\Documents and Settings\Compaq_Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-4ee51477-5dbbfd9b.class Infected: Trojan-Downloader.Java.OpenStream.y
    C:\Program Files\Norton AntiVirus\Quarantine\498856CB.zip/Jvb.class Infected: Exploit.Java.Bytverify
    C:\Program Files\Norton AntiVirus\Quarantine\498856CB.zip/MyFunction.class Infected: Trojan-Dropper.Java.Small.c
    C:\Program Files\Norton AntiVirus\Quarantine\498856CB.zip/MainApp.class Infected: Trojan.Java.ClassLoader.f
    C:\Program Files\Norton AntiVirus\Quarantine\498856CB.zip Infected: Trojan.Java.ClassLoader.f
    C:\Program Files\Norton AntiVirus\Quarantine\50C454D6/MyFunction.class Infected: Trojan-Dropper.Java.Small.c
    C:\Program Files\Norton AntiVirus\Quarantine\50C454D6 Infected: Trojan-Dropper.Java.Small.c
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0164201C.htm Infected: Trojan-Clicker.JS.Linker.h
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\397917C3.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\397917C3.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\397917C3.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\397917C3.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\397917C3.zip Infected: Trojan-Downloader.Java.OpenConnection.v
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\678E2F19.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\678E2F19.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\678E2F19.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\678E2F19.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\678E2F19.zip Infected: Trojan-Downloader.Java.OpenConnection.v
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6CFE04BE.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6CFE04BE.zip/Counter.class Infected: Trojan.Java.ClassLoader.h
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6CFE04BE.zip/Parser.class Infected: Trojan.Java.ClassLoader.d
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6CFE04BE.zip Infected: Trojan.Java.ClassLoader.d

    Scan process completed.

  10. #20
    Member
    Join Date
    Dec 2005
    Posts
    0

    Default Panda Clean

    Lonny,
    Panda turned up nothing...but still taking forever to boot up. Have not yet fixed the files throgh Hikackthis.
    Thanks.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •