greenalfonzo
2008-06-26, 03:40
Hello,
Yesterday I found I had an "You are infected!" warning box start appearing at startup and shutdown for a few seconds. I have XP and run ZASS. After doing various scans and finding nothing, I was recommended to this product. After running, I now have the same warning permamently on my desktop and also receive "do you want to get rid of junkmail" pop-ups.
I feared I must have done something wrong during the process - here is my registry changes log below. Also, virtumonde and SpySheriff were detected and "fixed" by spybot, though the problem is worse than before.
Thank you for your assistance and direction.
6/25/2008 4:53:12 PM Allowed (based on user decision) value "SpybotDeletingB4555" (new data: "command /c del "C:\WINDOWS\wt\webdriver.dll"") added in System Startup user entry!
6/25/2008 4:53:42 PM Allowed (based on user decision) value "SpybotDeletingD5252" (new data: "cmd /c del "C:\WINDOWS\wt\webdriver.dll"") added in System Startup user entry!
6/25/2008 4:53:44 PM Allowed (based on user decision) value "SpybotDeletingA8821" (new data: "command /c del "C:\WINDOWS\wt\webdriver.dll"") added in System Startup global entry!
6/25/2008 4:53:45 PM Allowed (based on user decision) value "SpybotDeletingC5682" (new data: "cmd /c del "C:\WINDOWS\wt\webdriver.dll"") added in System Startup global entry!
6/25/2008 4:53:45 PM Allowed (based on authenticode whitelist) value "SpybotSnD" (new data: ""C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck") added in System Startup global entry!
6/25/2008 4:53:46 PM Allowed (based on user decision) value "{E9BD0828-1FD9-410C-A50F-43EBE65D310F}" (new data: "") deleted in Browser Helper Object!
6/25/2008 4:53:47 PM Allowed (based on user decision) value "xxyxyyx" (new data: "") deleted in Winlogon Notifiers!
6/25/2008 5:54:38 PM Denied (based on user decision) value "SpybotDeletingB4555" (new data: "") deleted in System Startup user entry!
6/25/2008 5:54:41 PM Denied (based on user decision) value "SpybotDeletingD5252" (new data: "") deleted in System Startup user entry!
6/25/2008 5:54:42 PM Denied (based on user decision) value "SpybotDeletingA8821" (new data: "") deleted in System Startup global entry!
6/25/2008 5:54:42 PM Denied (based on user decision) value "SpybotDeletingC5682" (new data: "") deleted in System Startup global entry!
6/25/2008 5:54:49 PM Allowed (based on user decision) value "SpybotSnD" (new data: "") deleted in System Startup global entry!
Yesterday I found I had an "You are infected!" warning box start appearing at startup and shutdown for a few seconds. I have XP and run ZASS. After doing various scans and finding nothing, I was recommended to this product. After running, I now have the same warning permamently on my desktop and also receive "do you want to get rid of junkmail" pop-ups.
I feared I must have done something wrong during the process - here is my registry changes log below. Also, virtumonde and SpySheriff were detected and "fixed" by spybot, though the problem is worse than before.
Thank you for your assistance and direction.
6/25/2008 4:53:12 PM Allowed (based on user decision) value "SpybotDeletingB4555" (new data: "command /c del "C:\WINDOWS\wt\webdriver.dll"") added in System Startup user entry!
6/25/2008 4:53:42 PM Allowed (based on user decision) value "SpybotDeletingD5252" (new data: "cmd /c del "C:\WINDOWS\wt\webdriver.dll"") added in System Startup user entry!
6/25/2008 4:53:44 PM Allowed (based on user decision) value "SpybotDeletingA8821" (new data: "command /c del "C:\WINDOWS\wt\webdriver.dll"") added in System Startup global entry!
6/25/2008 4:53:45 PM Allowed (based on user decision) value "SpybotDeletingC5682" (new data: "cmd /c del "C:\WINDOWS\wt\webdriver.dll"") added in System Startup global entry!
6/25/2008 4:53:45 PM Allowed (based on authenticode whitelist) value "SpybotSnD" (new data: ""C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck") added in System Startup global entry!
6/25/2008 4:53:46 PM Allowed (based on user decision) value "{E9BD0828-1FD9-410C-A50F-43EBE65D310F}" (new data: "") deleted in Browser Helper Object!
6/25/2008 4:53:47 PM Allowed (based on user decision) value "xxyxyyx" (new data: "") deleted in Winlogon Notifiers!
6/25/2008 5:54:38 PM Denied (based on user decision) value "SpybotDeletingB4555" (new data: "") deleted in System Startup user entry!
6/25/2008 5:54:41 PM Denied (based on user decision) value "SpybotDeletingD5252" (new data: "") deleted in System Startup user entry!
6/25/2008 5:54:42 PM Denied (based on user decision) value "SpybotDeletingA8821" (new data: "") deleted in System Startup global entry!
6/25/2008 5:54:42 PM Denied (based on user decision) value "SpybotDeletingC5682" (new data: "") deleted in System Startup global entry!
6/25/2008 5:54:49 PM Allowed (based on user decision) value "SpybotSnD" (new data: "") deleted in System Startup global entry!