Results 1 to 4 of 4

Thread: Hosts file and redirection

  1. #1
    Junior Member
    Join Date
    Mar 2011
    Posts
    2

    Default Hosts file and redirection

    (note that i am repairing my friend's laptop)Hi, i recently have not been able to go on google. it brings up a page telling me that my host file is infected and that it's taking over my system32 and how i need to download these spyware fighters....i went ahead and looked into the hosts file, everything was fine. I ran spybot scans and it detected quite a few things. However, it is unable to fix a few errors because it says "access is denied". I ran the scan under admin and even activated vista's hidden admin account and the same problem went on. I then tried to manually replace the host file but it didn't let me. So i deleted the host file. I then tried to place a new host file in there (thinking that im being clever since i'm not overwriting anything lol) and it says file already exists move and replace etc etc and same problem exists. This made me realise that the host file that i could c was prbly a phony. There's another host file that i can't seem to see (i have view hidden files checked but apparently this goes beyond that lol). Also the delete on next reboot didn't work. So here i am humbly asking for ur help cuz i've been at this for about 5 hours to no avail. log file is posted underneath.

    --- Search result list ---
    Fraud.CleanUpAntivirus: [SBI $3E7BA079] Settings (Registry value, fixing failed)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\URL

    Fraud.CleanUpAntivirus: [SBI $5FCE740B] Settings (Registry value, fixing failed)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\URL

    Fraud.CleanUpAntivirus: [SBI $C57A4661] Settings (Registry value, fixed)
    HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\URL

    Fraud.CleanUpAntivirus: [SBI $7C3FB000] Settings (Registry value, fixed)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\URL

    Fraud.CleanUpAntivirus: [SBI $5A6E39C5] Settings (Registry value, fixed)
    HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes\URL

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    4-open-davinci.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    securitysoftwarepayments.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    privatesecuredpayments.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    secure.privatesecuredpayments.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    getantivirusplusnow.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    secure-plus-payments.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    www.getantivirusplusnow.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    www.secure-plus-payments.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    www.getavplusnow.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    safebrowsing-cache.google.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    urs.microsoft.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    www.securesoftwarebill.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    secure.paysecuresystem.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    paysoftbillsolution.com=74.125.45.100

    Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
    protected.maxisoftwaremart.com=74.125.45.100

    Microsoft.Windows.RedirectedHosts: [SBI $B89FBA81] Redirected host (Redirected host, nothing done)
    www.securesoftwarebill.com=74.125.45.100

    Microsoft.Windows.RedirectedHosts: [SBI $19781685] Redirected host (Redirected host, nothing done)
    secure.paysecuresystem.com=74.125.45.100

    Microsoft.Windows.RedirectedHosts: [SBI $CEFF52BA] Redirected host (Redirected host, nothing done)
    paysoftbillsolution.com=74.125.45.100

    Win32.Delf.uv: [SBI $12FA0D13] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVP32.EXE\Debugger

    Win32.Delf.uv: [SBI $38809C6B] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVPCC.EXE\Debugger

    Win32.Delf.uv: [SBI $3E5A4CF7] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVPM.EXE\Debugger

    Win32.Delf.uv: [SBI $9F1BF249] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ACKWIN32.EXE\Debugger

    Win32.Delf.uv: [SBI $F08450FC] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ANTI-TROJAN.EXE\Debugger

    Win32.Delf.uv: [SBI $AEB50E08] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\APVXDWIN.EXE\Debugger

    Win32.Delf.uv: [SBI $14A47065] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AUTODOWN.EXE\Debugger

    Win32.Delf.uv: [SBI $E73FD4D9] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCONSOL.EXE\Debugger

    Win32.Delf.uv: [SBI $B89C0A2A] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVE32.EXE\Debugger

    Win32.Delf.uv: [SBI $3D6356BC] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGCTRL.EXE\Debugger

    Win32.Delf.uv: [SBI $0B730D22] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVKSERV.EXE\Debugger

    Win32.Delf.uv: [SBI $D9214457] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVNT.EXE\Debugger

    Win32.Delf.uv: [SBI $9554BC9A] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVP32.EXE\Debugger

    Win32.Delf.uv: [SBI $BF2E2DE2] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPCC.EXE\Debugger

    Win32.Delf.uv: [SBI $BC3A58AC] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPDOS32.EXE\Debugger

    Win32.Delf.uv: [SBI $98481766] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPM.EXE\Debugger

    Win32.Delf.uv: [SBI $6A9737AB] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPTC32.EXE\Debugger

    Win32.Delf.uv: [SBI $26D8D340] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPUPD.EXE\Debugger

    Win32.Delf.uv: [SBI $FD1848F3] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVSCHED32.EXE\Debugger

    Win32.Delf.uv: [SBI $50DB3580] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWIN95.EXE\Debugger

    Win32.Delf.uv: [SBI $C8F89CDB] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWUPD32.EXE\Debugger

    Win32.Delf.uv: [SBI $4D39EBEB] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BLACKD.EXE\Debugger

    Win32.Delf.uv: [SBI $72B5A289] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BLACKICE.EXE\Debugger

    Win32.Delf.uv: [SBI $71C0DC4A] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFIADMIN.EXE\Debugger

    Win32.Delf.uv: [SBI $0F5F97D0] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFIAUDIT.EXE\Debugger

    Win32.Delf.uv: [SBI $3FAB4A59] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFINET.EXE\Debugger

    Win32.Delf.uv: [SBI $BFF23910] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFINET32.EXE\Debugger

    Win32.Delf.uv: [SBI $8F954338] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLAW95.EXE\Debugger

    Win32.Delf.uv: [SBI $641C1698] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLAW95CF.EXE\Debugger

    Win32.Delf.uv: [SBI $37B4408C] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLEANER.EXE\Debugger

    Win32.Delf.uv: [SBI $82C70629] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLEANER3.EXE\Debugger

    Win32.Delf.uv: [SBI $2A60827B] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DVP95.EXE\Debugger

    Win32.Delf.uv: [SBI $A2F101E4] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DVP95_0.EXE\Debugger

    Win32.Delf.uv: [SBI $E140A125] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ECENGINE.EXE\Debugger

    Win32.Delf.uv: [SBI $013394FB] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ESAFE.EXE\Debugger

    Win32.Delf.uv: [SBI $25AC238F] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-AGNT95.EXE\Debugger

    Win32.Delf.uv: [SBI $B5D63785] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FINDVIRU.EXE\Debugger

    Win32.Delf.uv: [SBI $0D64ACA2] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPROT.EXE\Debugger

    Win32.Delf.uv: [SBI $B093F616] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-PROT.EXE\Debugger

    Win32.Delf.uv: [SBI $38D3A381] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-PROT95.EXE\Debugger

    Win32.Delf.uv: [SBI $5C97280E] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FP-WIN.EXE\Debugger

    Win32.Delf.uv: [SBI $FC91172C] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FRW.EXE\Debugger

    Win32.Delf.uv: [SBI $66E2E334] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-STOPW.EXE\Debugger

    Win32.Delf.uv: [SBI $757C4426] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IAMAPP.EXE\Debugger

    Win32.Delf.uv: [SBI $31D93FC3] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IAMSERV.EXE\Debugger

    Win32.Delf.uv: [SBI $B2917A4C] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IBMASN.EXE\Debugger

    Win32.Delf.uv: [SBI $DADBF360] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IBMAVSP.EXE\Debugger

    Win32.Delf.uv: [SBI $94009F2F] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICLOAD95.EXE\Debugger

    Win32.Delf.uv: [SBI $48059D4E] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICLOADNT.EXE\Debugger

    Win32.Delf.uv: [SBI $7BBE2E83] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICMON.EXE\Debugger

    Win32.Delf.uv: [SBI $14347142] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICSUPP95.EXE\Debugger

    Win32.Delf.uv: [SBI $C8317323] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICSUPPNT.EXE\Debugger

    Win32.Delf.uv: [SBI $198E83EB] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IFACE.EXE\Debugger

    Win32.Delf.uv: [SBI $4BB15A07] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IOMON98.EXE\Debugger

    Win32.Delf.uv: [SBI $4C2D9D6C] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\JEDI.EXE\Debugger

    Win32.Delf.uv: [SBI $02061F38] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LOCKDOWN2000.EXE\Debugger

    Win32.Delf.uv: [SBI $B09AF539] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LOOKOUT.EXE\Debugger

    Win32.Delf.uv: [SBI $4C0BC294] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LUALL.EXE\Debugger

    Win32.Delf.uv: [SBI $2D003D31] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MOOLIVE.EXE\Debugger

    Win32.Delf.uv: [SBI $6B299F39] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPFTRAY.EXE\Debugger

    Win32.Delf.uv: [SBI $84E5018B] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\N32SCANW.EXE\Debugger

    Win32.Delf.uv: [SBI $F963F0F7] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.EXE\Debugger

    Win32.Delf.uv: [SBI $83CDDB58] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapw32.EXE\Debugger

    Win32.Delf.uv: [SBI $D507D06A] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVLU32.EXE\Debugger

    Win32.Delf.uv: [SBI $AB0D8EB4] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVNT.EXE\Debugger

    Win32.Delf.uv: [SBI $ADCFE76A] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NISUM.EXE\Debugger

    Win32.Delf.uv: [SBI $B075B380] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NMain.EXE\Debugger

    Win32.Delf.uv: [SBI $A9BA902C] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NORMIST.EXE\Debugger

    Win32.Delf.uv: [SBI $0FD554DC] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NUPGRADE.EXE\Debugger

    Win32.Delf.uv: [SBI $5B4237D3] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NVC95.EXE\Debugger

    Win32.Delf.uv: [SBI $31CC89E0] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVCL.EXE\Debugger

    Win32.Delf.uv: [SBI $0B5A5E1B] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVSCHED.EXE\Debugger

    Win32.Delf.uv: [SBI $6F94CDE5] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVW.EXE\Debugger

    Win32.Delf.uv: [SBI $F8BFD485] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCCWIN98.EXE\Debugger

    Win32.Delf.uv: [SBI $41EE7A7C] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCFWALLICON.EXE\Debugger

    Win32.Delf.uv: [SBI $9BFB3235] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PERSFW.EXE\Debugger

    Win32.Delf.uv: [SBI $D6BFEC67] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAV7.EXE\Debugger

    Win32.Delf.uv: [SBI $77D585C7] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAV7WIN.EXE\Debugger

    Win32.Delf.uv: [SBI $2BAF4110] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SAFEWEB.EXE\Debugger

    Win32.Delf.uv: [SBI $95619944] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCAN32.EXE\Debugger

    Win32.Delf.uv: [SBI $A7762080] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCAN95.EXE\Debugger

    Win32.Delf.uv: [SBI $3A1A71D0] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCANPM.EXE\Debugger

    Win32.Delf.uv: [SBI $5C9D2188] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCRSCAN.EXE\Debugger

    Win32.Delf.uv: [SBI $04C7E526] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SERV95.EXE\Debugger

    Win32.Delf.uv: [SBI $6DDCE75E] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SMC.EXE\Debugger

    Win32.Delf.uv: [SBI $6C13BC00] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPHINX.EXE\Debugger

    Win32.Delf.uv: [SBI $503E0703] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SWEEP95.EXE\Debugger

    Win32.Delf.uv: [SBI $4F5130E5] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TBSCAN.EXE\Debugger

    Win32.Delf.uv: [SBI $EAF3EE5B] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TCA.EXE\Debugger

    Win32.Delf.uv: [SBI $780C0036] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TDS2-98.EXE\Debugger

    Win32.Delf.uv: [SBI $B6B7A145] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TDS2-NT.EXE\Debugger

    Win32.Delf.uv: [SBI $23477AE7] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VET95.EXE\Debugger

    Win32.Delf.uv: [SBI $5159CD7E] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VETTRAY.EXE\Debugger

    Win32.Delf.uv: [SBI $AF5A3F20] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSCAN40.EXE\Debugger

    Win32.Delf.uv: [SBI $D2F9875E] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSECOMR.EXE\Debugger

    Win32.Delf.uv: [SBI $E962910F] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSHWIN32.EXE\Debugger

    Win32.Delf.uv: [SBI $C93E9E72] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSSTAT.EXE\Debugger

    Win32.Delf.uv: [SBI $6E950E21] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WEBSCANX.EXE\Debugger

    Win32.Delf.uv: [SBI $B84CE5C5] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WFINDV32.EXE\Debugger

    Win32.Delf.uv: [SBI $AE0ED1C1] Settings (Registry value, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ZONEALARM.EXE\Debugger

    User abort!: Scan was not completed successfully. (Status)


    ps: i aborted cuz its 4 am and also cuz there's basically nothing after those. like i said i've been at this for a few hours and so i've done this scan quite a few times lol. ty for ur help

  2. #2
    Senior Member
    Join Date
    Oct 2005
    Location
    Germany
    Posts
    5,263

    Default

    Hello,

    Please delete your old host file.
    It should be stored here:
    Windows 2000/XP/NT: C:\windows\system32\drivers\etc

    Then download a new host file from this site.

    This is how to do it:
    Create a new txt file with notepad on your desktop.
    Therefore right click your desktop, choose "New", then choose "Text Document".
    Name it hosts. Then right click and choose rename.
    Now remove the .txt so that you have a file without any extensions, just named hosts.
    Then go to this site.
    Mark the whole text. Then copy the whole text.
    Open your new hosts file and insert the copied text here.
    Save the file.
    Now move the file by copy and paste to:
    C:\windows\system32\drivers\etc

    Best regards
    Sandra
    Team Spybot

  3. #3
    Junior Member
    Join Date
    Mar 2011
    Posts
    2

    Default

    Thanks for reply. Umm, that didn't work. The problem is still there. I myself managed to get it working but it only worked for one day. Now it just says page cannot be displayed (as opposed to the entire redirection window). any idea? (spybot still there are viruses in the host file and t hat it cannot delete them)

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello crazyshady,

    Someone can assist after taking a look at the system.

    Please see this FAQ "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) It includes instructions in post #2 on how to provide a preliminary DDS log, which is used for analysis.

    Then start a new topic in the Malware Removal Forum and a volunteer will advise when available.

    If the infection prevents a log being produced please start a new topic there anyway and let them know.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •