PDA

View Full Version : Exploit Maiden4U.biz + Beehappw.biz?



doogster
2005-12-17, 15:51
I've had Bazooka give me false positive tests before - can you tell if I have either of these? Any help would be great.

doogster
2005-12-17, 15:52
Here is my spybot file.

LonnyRJones
2005-12-18, 20:40
Hi doogster

Post or attach a hijackthis log in txt format please

doogster
2005-12-19, 22:38
here ya go

LonnyRJones
2005-12-19, 22:55
Looks fine, is bazooka seeing a paticular file ? if so where and what name

doogster
2005-12-19, 23:02
here is the bazooka log

LonnyRJones
2005-12-19, 23:14
Hi

Check if these files exist in windows\system32
C:\WINDOWS\system32\avpe32.dll
C:\WINDOWS\system32\avpe64.sys
the e in the two above can be variable
C:\WINDOWS\system32\qz.dll
C:\WINDOWS\system32\qz.sys
C:\WINDOWS\system32\stt82.ini
C:\WINDOWS\system32\klgcptini.dat
c:\WINDOWS\system32\ps.a3d

c:\secure32.html < manualy delete

If there are active (dont think they are)a blacklite report will show them
Download and run blacklite
F-Secure Blacklight: http://www.f-secure.com/blacklight/try.shtml
click > scan then > next, next again then exit
there will be a new txt near blacklite. post it please.
Do not rename any files yet

tashi
2005-12-23, 00:57
doogster, how is it going?

tashi
2005-12-23, 19:39
Due to lack of a response this topic will be archived.
If you need it re-opened please pm me or LonnyRJones.