Hello, I was being helped with win32.downloader.gen and hard drive maintenance. The scans on the maintenance took awhile and the thread locked. The original topic is here:

http://forums.spybot.info/showthread.php?t=68112

I just finished the last steps: CHKDSK scans completed. TFC program installed and ran. DEFRAG C: -F ran at cmd prompt. CHKDSK C: /R was ran.

ESET I ran into differences with the guide. I ran esetsmartinstaller_enu.exe because I'm on Google Chrome. I was not prompted the allow the Add-On/Active X option. The scans ran and I'll post the log.txt in this reply.

The computer is running fine, some of the scans seemed to take a long time:one was 9-12 hours (and I had to run it again because someone started to use the computer). The only problems found were on the ESET program which said it found 4 infected files. I didn't see anything about cleaning those, I copied the log.txt and clicked FINISH per the instructions.

The anti-virus restarted on its own.

Thank you for taking the time to help me through all these plus the malware removal! :D:

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=82730517bb03224da6493419a588505e
# engine=13601
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-04-12 01:22:00
# local_time=2013-04-11 08:22:00 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1032 16777213 100 95 0 108785864 0 0
# scanned=141150
# found=4
# cleaned=0
# scan_time=24153
sh=DB7443E84D223B0924EFFE7FDA41D419A152B76F ft=1 fh=df82bdeae5a92cc4 vn="a variant of Win32/Toolbar.Babylon.A application" ac=I fn="C:\Documents and Settings\All Users\VisualBee\VisualBeeSoftware.exe"
sh=F953E4A8012ABD26B0A92DB958D02EF61ACF3770 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Documents and Settings\Mark\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\9\358c8c9-2fdf90a6"
sh=05D1E70C9C2B0447417FA8CC63AD7FCF2F3EDA30 ft=1 fh=aec2be4bbeb7b829 vn="a variant of Win32/Toolbar.Babylon.A application" ac=I fn="C:\Documents and Settings\Mark\Local Settings\Application Data\VisualBeeExe\MyBabylonTB.exe"
sh=E5515986D8BCE10A2E6183FCAADDD88E0A18CA7A ft=1 fh=ed7dd496aaa50cda vn="Win32/Toolbar.SearchSuite application" ac=I fn="C:\Documents and Settings\Mark\My Documents\Downloads\iLividSetup.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=82730517bb03224da6493419a588505e
# engine=13601
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-04-12 09:15:04
# local_time=2013-04-12 04:15:04 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1032 16777213 100 95 0 108814248 0 0
# scanned=141292
# found=4
# cleaned=0
# scan_time=22138
sh=DB7443E84D223B0924EFFE7FDA41D419A152B76F ft=1 fh=df82bdeae5a92cc4 vn="a variant of Win32/Toolbar.Babylon.A application" ac=I fn="C:\Documents and Settings\All Users\VisualBee\VisualBeeSoftware.exe"
sh=F953E4A8012ABD26B0A92DB958D02EF61ACF3770 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Documents and Settings\Mark\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\9\358c8c9-2fdf90a6"
sh=05D1E70C9C2B0447417FA8CC63AD7FCF2F3EDA30 ft=1 fh=aec2be4bbeb7b829 vn="a variant of Win32/Toolbar.Babylon.A application" ac=I fn="C:\Documents and Settings\Mark\Local Settings\Application Data\VisualBeeExe\MyBabylonTB.exe"
sh=E5515986D8BCE10A2E6183FCAADDD88E0A18CA7A ft=1 fh=ed7dd496aaa50cda vn="Win32/Toolbar.SearchSuite application" ac=I fn="C:\Documents and Settings\Mark\My Documents\Downloads\iLividSetup.exe"

Hello Atmashine,

Please PM Dakeyras and ask if he can re-open your original thread, otherwise you would need to start from the beginning. :lip:


If it has been less than three days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.


http://forums.spybot.info/showthread.php?t=68112&page=2

Best regards.