ok recently i downloaded something i have not should of. i saved it to a folder called ventrilo and i scanned it and said it was a infected file, so i went back to delte the download and it wasnt there ( it was a rar file i didnt extract the file) so i deleted evrythign to do with the folder ventrillo, i scanned with mcafee and said Items detected: 1, Items quarantined:1, so i guess it quaratined it but i heard it might still be on their so i used a free norton scan and i came up with bunch of stuff one details said :

Infection:
c:\my backup -- 07-09-06 0256pm\documents and settings\edith scott\local settings\temporary internet files\content.ie5\xvtkc006\index[4].htm
Browser Cache

-------------------

Infection:
c:\my backup -- 07-08-06 0629pm\documents and settings\family\shared\track 9.wma
Registry:
HKEY_USERS\S-1-5-19\SOFTWARE\zango
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-500\SOFTWARE\zango
HKEY_USERS\S-1-5-20\SOFTWARE\zango
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-1007\SOFTWARE\zango
HKEY_USERS\.DEFAULT\SOFTWARE\zango
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-1008\SOFTWARE\zango
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949}
System:
Browser Cache

--------------

Infection:
c:\my backup -- 07-08-06 0629pm\documents and settings\family\local settings\temp\winantispyware2007setup.exe
Browser Cache


------------

Infection:
c:\my backup -- 07-08-06 0629pm\documents and settings\family\local settings\temp\ni.uwas7_0001_n91m2703\setup.exe
Service:
tdird.sys
df_kmd
dfd
df_u42
FOPN
d_kmd
vspf
vspf_hk
vspf5
vspf_hk5
FWsvc
vxd
WSFS
File:
c:\documents and settings\family\local settings\temp\~df101.tmp
c:\documents and settings\family\local settings\temp\~df1447.tmp
c:\documents and settings\family\local settings\temp\~df1536.tmp
c:\documents and settings\family\local settings\temp\~df1717.tmp
c:\documents and settings\family\local settings\temp\~df174e.tmp
c:\documents and settings\family\local settings\temp\~df179e.tmp
c:\documents and settings\family\local settings\temp\~df17ac.tmp
c:\documents and settings\family\local settings\temp\~df199d.tmp
c:\documents and settings\family\local settings\temp\~df1a2a.tmp
c:\documents and settings\family\local settings\temp\~df1c96.tmp
c:\documents and settings\family\local settings\temp\~df207b.tmp
c:\documents and settings\family\local settings\temp\~df20a3.tmp
c:\documents and settings\family\local settings\temp\~df2130.tmp
c:\documents and settings\family\local settings\temp\~df2264.tmp
c:\documents and settings\family\local settings\temp\~df226e.tmp
c:\documents and settings\family\local settings\temp\~df29f9.tmp
c:\documents and settings\family\local settings\temp\~df2e69.tmp
c:\documents and settings\family\local settings\temp\~df2ea1.tmp
c:\documents and settings\family\local settings\temp\~df2ef.tmp
c:\documents and settings\family\local settings\temp\~df2f6e.tmp
c:\documents and settings\family\local settings\temp\~df304.tmp
c:\documents and settings\family\local settings\temp\~df333d.tmp
c:\documents and settings\family\local settings\temp\~df3361.tmp
c:\documents and settings\family\local settings\temp\~df33d.tmp
c:\documents and settings\family\local settings\temp\~df37c6.tmp
c:\documents and settings\family\local settings\temp\~df39d6.tmp
c:\documents and settings\family\local settings\temp\~df3cfb.tmp
c:\documents and settings\family\local settings\temp\~df3d64.tmp
c:\documents and settings\family\local settings\temp\~df400.tmp
c:\documents and settings\family\local settings\temp\~df42b5.tmp
c:\documents and settings\family\local settings\temp\~df4800.tmp
c:\documents and settings\family\local settings\temp\~df494b.tmp
c:\documents and settings\family\local settings\temp\~df49b2.tmp
c:\documents and settings\family\local settings\temp\~df4a62.tmp
c:\documents and settings\family\local settings\temp\~df4b21.tmp
c:\documents and settings\family\local settings\temp\~df4e83.tmp
c:\documents and settings\family\local settings\temp\~df5181.tmp
c:\documents and settings\family\local settings\temp\~df52f0.tmp
c:\documents and settings\family\local settings\temp\~df57a4.tmp
c:\documents and settings\family\local settings\temp\~df68c6.tmp
c:\documents and settings\family\local settings\temp\~df6cef.tmp
c:\documents and settings\family\local settings\temp\~df6d83.tmp
c:\documents and settings\family\local settings\temp\~df6dc1.tmp
c:\documents and settings\family\local settings\temp\~df714.tmp
c:\documents and settings\family\local settings\temp\~df740d.tmp
c:\documents and settings\family\local settings\temp\~df7563.tmp
c:\documents and settings\family\local settings\temp\~df7954.tmp
c:\documents and settings\family\local settings\temp\~df7c9b.tmp
c:\documents and settings\family\local settings\temp\~df7ed1.tmp
c:\documents and settings\family\local settings\temp\~df80cb.tmp
c:\documents and settings\family\local settings\temp\~df844e.tmp
c:\documents and settings\family\local settings\temp\~df8635.tmp
c:\documents and settings\family\local settings\temp\~df8a97.tmp
c:\documents and settings\family\local settings\temp\~df937d.tmp
c:\documents and settings\family\local settings\temp\~df956d.tmp
c:\documents and settings\family\local settings\temp\~df97d5.tmp
c:\documents and settings\family\local settings\temp\~df99d7.tmp
c:\documents and settings\family\local settings\temp\~df9aba.tmp
c:\documents and settings\family\local settings\temp\~df9bb7.tmp
c:\documents and settings\family\local settings\temp\~dfa089.tmp
c:\documents and settings\family\local settings\temp\~dfa2f0.tmp
c:\documents and settings\family\local settings\temp\~dfa64a.tmp
c:\documents and settings\family\local settings\temp\~dfa77.tmp
c:\documents and settings\family\local settings\temp\~dfa84f.tmp
c:\documents and settings\family\local settings\temp\~dfa86.tmp
c:\documents and settings\family\local settings\temp\~dfa8c.tmp
c:\documents and settings\family\local settings\temp\~dfab68.tmp
c:\documents and settings\family\local settings\temp\~dfb237.tmp
c:\documents and settings\family\local settings\temp\~dfb419.tmp
c:\documents and settings\family\local settings\temp\~dfb5.tmp
c:\documents and settings\family\local settings\temp\~dfb9bb.tmp
c:\documents and settings\family\local settings\temp\~dfba5.tmp
c:\documents and settings\family\local settings\temp\~dfbeb0.tmp
c:\documents and settings\family\local settings\temp\~dfc067.tmp
c:\documents and settings\family\local settings\temp\~dfc662.tmp
c:\documents and settings\family\local settings\temp\~dfc770.tmp
c:\documents and settings\family\local settings\temp\~dfcd6e.tmp
c:\documents and settings\family\local settings\temp\~dfd122.tmp
c:\documents and settings\family\local settings\temp\~dfd28f.tmp
c:\documents and settings\family\local settings\temp\~dfd940.tmp
c:\documents and settings\family\local settings\temp\~dfda09.tmp
c:\documents and settings\family\local settings\temp\~dfdbfa.tmp
c:\documents and settings\family\local settings\temp\~dfdc85.tmp
c:\documents and settings\family\local settings\temp\~dfdd5c.tmp
c:\documents and settings\family\local settings\temp\~dfdd6a.tmp
c:\documents and settings\family\local settings\temp\~dfddb9.tmp
c:\documents and settings\family\local settings\temp\~dfe118.tmp
c:\documents and settings\family\local settings\temp\~dfe30f.tmp
c:\documents and settings\family\local settings\temp\~dfe443.tmp
c:\documents and settings\family\local settings\temp\~dfe451.tmp
c:\documents and settings\family\local settings\temp\~dfe5b1.tmp
c:\documents and settings\family\local settings\temp\~dfe696.tmp
c:\documents and settings\family\local settings\temp\~dfe7be.tmp
c:\documents and settings\family\local settings\temp\~dfe882.tmp
c:\documents and settings\family\local settings\temp\~dfe94f.tmp
c:\documents and settings\family\local settings\temp\~dfef98.tmp
c:\documents and settings\family\local settings\temp\~dff37.tmp
c:\documents and settings\family\local settings\temp\~dff56d.tmp
c:\documents and settings\family\local settings\temp\~dff5dc.tmp
c:\documents and settings\family\local settings\temp\~dff9eb.tmp
c:\documents and settings\family\local settings\temp\~dfff73.tmp
c:\documents and settings\family\cookies\family@mediaplex[2].txt
Registry:
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\->1601:1
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\->1601:1
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\->1601:1
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-500\Software\Microsoft\Internet Explorer\New Windows\->PopupMgr:yes
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-1007\Software\Microsoft\Internet Explorer\New Windows\->PopupMgr:yes
HKEY_USERS\S-1-5-19\Software\WinAntiVirus Pro 2006
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-500\Software\WinAntiVirus Pro 2006
HKEY_USERS\S-1-5-20\Software\WinAntiVirus Pro 2006
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-1007\Software\WinAntiVirus Pro 2006
HKEY_USERS\.DEFAULT\Software\WinAntiVirus Pro 2006
HKEY_USERS\S-1-5-21-3198371896-3145706347-355656622-1008\Software\WinAntiVirus Pro 2006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->FirewallDisableNotify:0
Browser Cache


------------


Cookie:
Cookie:family@server.iad.liveperson.net/
Cookie:family@media.adrevolver.com/adrevolver/
Cookie:family@server.iad.liveperson.net/hc/87263826
Cookie:family@media.adrevolver.com/
Cookie:family@dynamic.media.adrevolver.com/
Cookie:family@ads.addynamix.com/
Cookie:family@ad.yieldmanager.com/click,VaUDANxxBQA1eBAAFyoEAAIAAWQAAP8AAAAECwIAIQKMrgEAaDsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKY-h0gAAAAA,http%3A%2F%2Fus.ard.yahoo.com%2FSIG%3D14vmns63l%2FM%3D674272.12803998.13082943.11209823%2FD%3Dmail%2FS%3D150550010%3AMON%2FY%3DYAHOO%2FEXP%3D1216830150%2FL%3Dqt7US9j8b5J8xrD8SH6PdACzS3XxmkiHPqYAALOC%2FB%3DumQgENgnMuc-%2FJ%3D1216822950055833%2FA%3D5404712%2FR%3D0%2F%2A%24,http%3A%2F%2Fus.mg2.mail.yahoo.com%2Ffc%2Ffc%3Fl%3Dmon%2Csc1%3A%21fchandoff%2Csc2%3A%21fchandoff%2Cmnw%3A%21fchandoff%2Csw1%3A%21fchandoff%2Csw2%3A%21fchandoff%2Csw3%3A%21fchandoff%26cbk%3Dfcloaded%26f%3D150550010%26p%3Dmail_candygram%26id%3D5%26bg%3Dffffff%26tgt%3D_blank%26hs%3D2%26en%3Diso-8859-1%26em%3D%257b%2522site-attribute%2522%253a%2522conte,http://clk.atdmt.com/RUC/go/yhxxxreu0210000303ruc/direct;at.rucreu00002170;ct.1/01/
Cookie:family@ad.yieldmanager.com/
Cookie:family@statse.webtrendslive.com/
Cookie:family@adopt.specificclick.net/
Cookie:family@adopt.euroclick.com/








any ideas what to do ???

Hi es563

Click here (http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe) to download HJTInstall.exe
Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

Due to the lack of feedback this Topic is closed.

If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than five days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.

Everyone else please begin a New Topic.