View Full Version : Cant Get Rid Of inicfg32.dll
Hello Im battling some spyware and just can't get rid of it.
Ive tried safe mode and can't remove it from there.
inicfg32.dll is there no matter what.
Thanks in advance.
Logfile of HijackThis v1.99.1
Scan saved at 1:09:17 PM, on 7/22/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\utility.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\spyware\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,tuumrty.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\Program Files\E2G\IeBHOs.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Belkin 802.11g Wireless Card Utility.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O20 - AppInit_DLLs: inicfg32.dll
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
Hello.
Please follow the instructions in this sticky topic to run Spybot-S&D in safe mode (if you have not already) and the on-line anti virus scan.
BEFORE you post and who will advise you. Preliminary Steps (http://forums.spybot.info/showthread.php?t=288)
FYI:
You and Windows, a joint effort (http://forums.spybot.info/showpost.php?p=25290&postcount=4)
Regards. :)
ok no problem let me run the scans.
here is new reports from hijackthis and online scanner.
Logfile of HijackThis v1.99.1
Scan saved at 4:38:06 PM, on 7/22/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\utility.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\spyware\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,tuumrty.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Belkin 802.11g Wireless Card Utility.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
Online Scanner:
C:\dfndred_7.exe
Infected with: Trojan.Clicker.VB.FC
C:\dfndred_7.exe
Disinfection failed
C:\dfndred_7.exe
Deleted
C:\Documents and Settings\Administrator\Local Settings\Temp\B8A7D.tmp=>mptft.exe
Infected with: Trojan.Startpage.FD
C:\Documents and Settings\Administrator\Local Settings\Temp\B8A7D.tmp=>mptft.exe
Disinfection failed
C:\Documents and Settings\Administrator\Local Settings\Temp\B8A7D.tmp=>mptft.exe
Deleted
C:\Documents and Settings\Administrator\Local Settings\Temp\B8A7D.tmp
Update failed
C:\Documents and Settings\Administrator\Local Settings\Temp\B8A7D.tmp=>nr1rnqm8.exe
Infected with: Trojan.Runner.F
C:\Documents and Settings\Administrator\Local Settings\Temp\B8A7D.tmp=>nr1rnqm8.exe
Disinfection failed
C:\Documents and Settings\Administrator\Local Settings\Temp\B8A7D.tmp=>nr1rnqm8.exe
Deleted
C:\Documents and Settings\Administrator\Local Settings\Temp\B8A7D.tmp
Update failed
C:\Documents and Settings\Administrator\Local Settings\Temp\cln34.tmp
Infected with: Trojan.Downloader.Dyfuca.EY
C:\Documents and Settings\Administrator\Local Settings\Temp\cln34.tmp
Disinfection failed
C:\Documents and Settings\Administrator\Local Settings\Temp\cln34.tmp
Deleted
C:\Documents and Settings\Administrator\Local Settings\Temp\mta.chm=>/MediaTicketsInstaller.cab=>MediaTicketsInstaller.ocx
Infected with: Trojan.Dropper.Purityscan.AE
C:\Documents and Settings\Administrator\Local Settings\Temp\mta.chm=>/MediaTicketsInstaller.cab=>MediaTicketsInstaller.ocx
Disinfection failed
C:\Documents and Settings\Administrator\Local Settings\Temp\mta.chm=>/MediaTicketsInstaller.cab=>MediaTicketsInstaller.ocx
Deleted
C:\Documents and Settings\Administrator\Local Settings\Temp\mta.chm=>/MediaTicketsInstaller.cab
Update failed
C:\Documents and Settings\Administrator\Local Settings\Temp\xload.exe
Infected with: Trojan.Downloader.Vb.WZ
C:\Documents and Settings\Administrator\Local Settings\Temp\xload.exe
Disinfection failed
C:\Documents and Settings\Administrator\Local Settings\Temp\xload.exe
Deleted
C:\installerwnusnewer.exe
Infected with: Trojan.Downloader.Qoologic.BC
C:\installerwnusnewer.exe
Disinfection failed
C:\installerwnusnewer.exe
Deleted
C:\kybrded_7.exe
Infected with: Trojan.Downloader.Adload.CM
C:\kybrded_7.exe
Disinfection failed
C:\kybrded_7.exe
Deleted
C:\Program Files\Common Files\Safety-lab\MSKernel.dll
Infected with: Exploit.Based.Worm.Gen
C:\Program Files\Common Files\Safety-lab\MSKernel.dll
Disinfection failed
C:\Program Files\Common Files\Safety-lab\MSKernel.dll
Deleted
C:\Program Files\Windows NT\meboti.dll.exe
Infected with: Trojan.Downloader.Small.AJC
C:\Program Files\Windows NT\meboti.dll.exe
Disinfection failed
C:\Program Files\Windows NT\meboti.dll.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124251.exe
Infected with: Trojan.Downloader.Qoologic.BC
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124251.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124251.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124270.exe
Infected with: Trojan.Downloader.Dyfuca.EY
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124270.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124270.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124278.exe
Infected with: Trojan.Runner.F
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124278.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124278.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124286.exe
Infected with: Trojan.Clicker.VB.BS
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124286.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124286.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124287.exe
Infected with: Trojan.Clicker.Vb.IJ
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124287.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124287.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124303.exe
Infected with: Trojan.Startpage.FD
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124303.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124303.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124304.exe
Infected with: Trojan.Startpage.FD
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124304.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124304.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124313.exe
Infected with: Virtool.Pwdump.4
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124313.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124313.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124314.dll
Infected with: Virtool.Pwdump.DLL
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124314.dll
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124314.dll
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124316.dll
Infected with: Trojan.Hacktool.Pwdump.A
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124316.dll
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124316.dll
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124318.exe
Infected with: Virtool.Pwdump.2.0
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124318.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0124318.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125253.exe
Infected with: Trojan.Scapur.O
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125253.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125253.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125254.dll
Infected with: Trojan.Downloader.Qoologic.BC
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125254.dll
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125254.dll
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125259.exe
Infected with: Trojan.Downloader.Qoologic.BJ
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125259.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125259.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125261.exe
Infected with: Trojan.Downloader.Qoologic.BJ
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125261.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125261.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125262.dll
Infected with: Trojan.Downloader.Qoologic.BJ
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125262.dll
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125265.exe
Infected with: Trojan.Downloader.Qoologic.BC
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125265.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125265.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125269.dll
Infected with: Trojan.Downloader.PurityScan.AS
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125269.dll
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125269.dll
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125277.exe
Infected with: Trojan.Agent.OR
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125277.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0125277.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0126251.exe
Infected with: Trojan.Downloader.Qoologic.BC
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0126251.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0126251.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0127288.exe
Infected with: Trojan.Vb.TG
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0127288.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0127288.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0127289.exe
Infected with: Trojan.Vb.TG
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0127289.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP27\A0127289.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0128257.exe
Infected with: Trojan.Downloader.Dyfuca.EY
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0128257.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0128257.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0128259.exe
Infected with: Trojan.Downloader.Adload.CK
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0128259.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0128259.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0132371.exe
Infected with: Trojan.Downloader.Small.DEF
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0132371.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0132371.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0132372.exe
Infected with: Trojan.Downloader.Vb.TW
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0132372.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0132372.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0132373.exe
Infected with: Trojan.VB.Browen.A
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0132373.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0132373.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135366.exe
Infected with: Trojan.Clicker.VB.FC
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135366.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135366.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135367.exe
Infected with: Trojan.Downloader.Qoologic.BC
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135367.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135367.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135368.exe
Infected with: Trojan.Downloader.Adload.CM
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135368.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135368.exe
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135369.dll
Infected with: Exploit.Based.Worm.Gen
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135369.dll
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135369.dll
Deleted
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135370.exe
Infected with: Trojan.Downloader.Small.AJC
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135370.exe
Disinfection failed
C:\System Volume Information\_restore{4234A900-0ECC-4DA3-935B-A6F63094D983}\RP28\A0135370.exe
Deleted
C:\visfx500new.exe
Infected with: Trojan.Dropper.Agent.AIE
C:\visfx500new.exe
Disinfection failed
C:\visfx500new.exe
Deleted
C:\wd7gi8nnew.exe
Infected with: Trojan.Downloader.Agent.AEM
C:\wd7gi8nnew.exe
Disinfection failed
C:\wd7gi8nnew.exe
Deleted
C:\WINDOWS\pf78.exe
Infected with: Trojan.Downloader.VB.TW
C:\WINDOWS\pf78.exe
Disinfection failed
C:\WINDOWS\pf78.exe
Deleted
C:\WINDOWS\System32ftuninst.exe
Infected with: Trojan.Agent.OR
C:\WINDOWS\System32ftuninst.exe
Disinfection failed
C:\WINDOWS\System32ftuninst.exe
Deleted
C:\WINDOWS\System32tfthot.exe
Infected with: Trojan.Startpage.FD
C:\WINDOWS\System32tfthot.exe
Disinfection failed
C:\WINDOWS\System32tfthot.exe
Deleted
C:\WINDOWS\xload.exe
Infected with: Trojan.Downloader.Vb.WZ
C:\WINDOWS\xload.exe
Disinfection failed
C:\WINDOWS\xload.exe
Deleted
LonnyRJones
2006-07-28, 02:38
Sorry for the delay
If your still having problems and are not recieving help elswhere post back with a fresh Hijackthis log.
This topic has been closed to prevent others with similar issues posting in it.
If you need it re-opened please send me or your helper a pm and provide a link to the thread.
Applies only to the original topic starter.
RE:
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
You and Windows, a joint effort (http://forums.spybot.info/showpost.php?p=25290&postcount=4)