I have a question though. I ran casper sky after I posted the last log, and at 67% it said there were 3 threats and 7 infected items. Is this expected? Also should I take AVG Free off my system, it hardly ever catches anything.
I have a question though. I ran casper sky after I posted the last log, and at 67% it said there were 3 threats and 7 infected items. Is this expected? Also should I take AVG Free off my system, it hardly ever catches anything.
Here is the Kaspersky log. Please tell me if everything is fine or if I need to take more steps to get rid of whatever the threats and stuff are. And if I just need to take the steps you just gave me.
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, June 19, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, June 19, 2008 15:17:52
Records in database: 879503
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
Scan statistics:
Files scanned: 39555
Threat name: 3
Infected objects: 7
Suspicious objects: 0
Duration of the scan: 01:11:17
File name / Threat name / Threats count
C:\Documents and Settings\Melzy\Application Data\Sun\Java\Deployment\cache\6.0\47\bd7ce2f-439830c0 Infected: Exploit.Java.Gimsh.b 1
C:\Documents and Settings\Melzy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6b13a7e7-50c10158.zip Infected: Exploit.Java.Gimsh.b 1
C:\QooBox\Quarantine\C\WINDOWS\system32\buplsan.dll.vir Infected: Trojan.Win32.BHO.ebx 1
C:\QooBox\Quarantine\C\WINDOWS\system32\papdfim.dll.vir Infected: Trojan.Win32.BHO.ebx 1
C:\QooBox\Quarantine\C\WINDOWS\system32\tapdfo.dll.vir Infected: Trojan.Win32.BHO.ebx 1
C:\QooBox\Quarantine\C\WINDOWS\system32\tupdfan.dll.vir Infected: Trojan.Win32.BHO.ebx 1
C:\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.a 1
The selected area was scanned.
Hi
Show hidden files
-----------------
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Click Yes to confirm.
* Click OK.
Delete these:
C:\Documents and Settings\Melzy\Application Data\Sun\Java\Deployment\cache\6.0\47\bd7ce2f-439830c0
C:\Documents and Settings\Melzy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6b13a7e7-50c10158.zip
Then we need to re-hide system files. To do so, please follow the steps below:
- Double-click My Computer.
- Click the Tools menu, and then click Folder Options.
- Click the View tab.
- Put a check by
Hide file extensions for known file types.- Under the
Hidden files
folder, select
Show hidden files and folders.
- Check
Hide protected operating system files.- Click Apply, and then click OK.
These will be deleted when you uninstall ComboFix:
C:\QooBox\Quarantine\C\WINDOWS\system32\buplsan.dll.vir Infected: Trojan.Win32.BHO.ebx 1
C:\QooBox\Quarantine\C\WINDOWS\system32\papdfim.dll.vir Infected: Trojan.Win32.BHO.ebx 1
C:\QooBox\Quarantine\C\WINDOWS\system32\tapdfo.dll.vir Infected: Trojan.Win32.BHO.ebx 1
C:\QooBox\Quarantine\C\WINDOWS\system32\tupdfan.dll.vir Infected: Trojan.Win32.BHO.ebx 1
This is ok:
C:\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.a 1
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
thanks so much. Everything is fixed.
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
Note:If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.
If it has been less than five days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.