Spybot and Kaspersky both find nothing, and Ad-Aware only finds the System Restore backups.
So, it looks like no problems. :)
Thanks,
Ura-Maru
Type: Posts; User: Ura-Maru; Keyword(s):
Spybot and Kaspersky both find nothing, and Ad-Aware only finds the System Restore backups.
So, it looks like no problems. :)
Thanks,
Ura-Maru
Looks like that took care of it. Toolbar.Languagebar is gone now.
Thanks,
Ura-Maru
C:\PROGRAM FILES\CYBERLINK\POWERDVD\DVDLAUNCHER.EXE
c:\program files\cyberlink\powerdvd\dvdlauncher.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
...
It's here:
Family Id: 1459 Name: Toolbar.LanguageBar Category: Trackware TAI:3
Item Id: 300040610 Value: Root: HKU Path:...
Spybot and Kaspersey both gave me a clean bill of health.
Ad-Aware found a big scary list of things:
Toolbar.LanguageBar
Win32.Trojan.BHO
PurityScan
Win32.TrojanDownloader.Homles...
Kaspersky log:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, June 29, 2008
Operating System: Microsoft Windows XP...
Spybot said it needed a scan after reboot to get rid of Zango, but the post-reboot scan didn't seem to find it again. Don't know if that's important or not.
HJT log:
Logfile of Trend Micro...
And just for the heck of it, a new Spybot log:
--- Search result list ---
Zango.ShoppingReport: [SBI $64DB0114] Settings (Registry value, nothing done)
...
New HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:19:31 PM, on 6/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot...
Now the more reasonably sized ones.
New, post-DeQuarintine ComboFix log:
ComboFix 08-06-20.4 - Edwina 2008-06-26 16:16:21.5 - NTFSx86
Microsoft Windows XP Professional ...
C:\Qoobox\Quarantine\C\Program Files\new antispyware\Spybot - Search & Destroy 1-5\aports.dll -> C:\Program Files\new antispyware\Spybot - Search & Destroy 1-5\aports.dll...
Ok, that seemed to do it. Once again, the log is too big, though.
Combofix DeQuarantine log, part 1:
C:\Qoobox\Quarantine\C\Program Files\new antispyware\Ad Aware 2008\AAWLic.exe -> C:\Program...
Done. or I think so, anyway. The folder didn't come back. Did I do something wrong?
ComboFix log:
ComboFix 08-06-20.4 - Edwina 2008-06-25 15:29:27.4 - NTFSx86
Microsoft Windows XP...
Hope this dosen't mess anything up . . .
ComboFix log, second half:
((((((((((((((((((((((((((((( snapshot_2008-06-23_18.05.18.82 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-23...
It's still too long.
ComboFix log, first half:
ComboFix 08-06-20.4 - Edwina 2008-06-25 14:27:55.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.139 [GMT -4:00]...
Vast improvement! No pop-ups, and running at what seems to be normal speed on reboot.
I've taken the liberty of hiding a few vital cables, so no one should be able to mess with it until you've...
I wasn't sure if the last part of the page was part of the results or not. If so, here it is. If not, I guess it can be ignored.
Start of Possible Scanner Results:
Statistics
...
Hopefully this is readable enough . . .
Start of scanner results:
File: pmai.dll
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will...
Sorry about that.
Normal Mode HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:52:10 PM, on 6/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer...
The zip's sent off. I have no idea what it is or where it came from. The dates imply it's just a few days old, and no one should have been using the computer since then for anything. (except...
Ok, I've sent it in.
Thanks,
Ura-Maru
I've got a real mess here. Virtumonde, a whole alphabet of Smitfrauds and CoolWWWSearches, Clientman, DeepDive, ZenoSearch, Win32.Small.ny, and probably a few others as well.
Taskmanager's been...