Results 1 to 8 of 8

Thread: Trojan?

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2008-02-18, 00:27 #1
    Sarpi
    Sarpi is offline
    Junior Member
    Join Date
    Feb 2008
    Posts
    7

    Default Trojan?

    EDIT************ I had to split this post up cos of the 20,000 character limit of the fourm.

    My computer randomly started opening IE and going to pages such as:

    PHP Code:
    http://www.setthetrend.com/search.php?query=t=1&source=ao&adgroupid=LocalList15aojwhite&adpartner=112194&adkw=t=1&
    https://www.planetonline.com/online_shopping/shopperregistration_coupon.asp
    http://college.us.com/Aff/?partner=1268&source=1014&key=adon
    http://www.wallst.net/
    http://www.nightlifetelevision.com/?utm_source=AO&utm_medium=banner2=112194
    https://www.planetonline.com/online_shopping/shopperregistration_coupon.asp 
    They started coming up every 5 minutes or so but now they are about once a minute.

    I normally use Firefox.

    I did Spybot scans and they come up with various things, smitfraud is a common one. It always says it cleans them.

    I did a virus scan:

    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Friday, February 15, 2008 6:01:49 PM
    Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 15/02/2008
    Kaspersky Anti-Virus database records: 567337
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    A:\
    C:\
    D:\
    E:\
    F:\

    Scan Statistics:
    Total number of scanned objects: 65772
    Number of viruses found: 7
    Number of infected objects: 15
    Number of suspicious objects: 0
    Duration of the scan process: 00:56:20

    Infected Object Name / Virus Name / Last Action
    C:\itouch_crash_info.txt Object is locked skipped
    C:\Program Files\Internet Explorer\keygen.exe/data0000.cab/update.exe Infected: Trojan.Win32.Agent.efb skipped
    C:\Program Files\Internet Explorer\keygen.exe/data0000.cab Infected: Trojan.Win32.Agent.efb skipped
    C:\Program Files\Internet Explorer\keygen.exe Rsrc-Package: infected - 2 skipped
    C:\Program Files\Internet Explorer\keygen.exe UPX: infected - 2 skipped
    C:\Program Files\Internet Explorer\keygen.exe PE_Patch.UPX: infected - 2 skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{6C8960AE-6C34-4A55-9874-730A9A03C459}\RP115\A0016808.exe Object is locked skipped
    C:\System Volume Information\_restore{6C8960AE-6C34-4A55-9874-730A9A03C459}\RP115\change.log Object is locked skipped
    C:\xDocuments and Settings\adam\Old computer\Bits and pieces\Bits and Pieces\free rip mp3.exe/data0011 Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
    C:\xDocuments and Settings\adam\Old computer\Bits and pieces\Bits and Pieces\free rip mp3.exe Inno: infected - 1 skipped
    C:\xDocuments and Settings\adam\Old computer\Bits and pieces\Bits and Pieces\vnc-3.3.3r9_x86_win32.zip/vnc_x86_win32/vncviewer/vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.333 skipped
    C:\xDocuments and Settings\adam\Old computer\Bits and pieces\Bits and Pieces\vnc-3.3.3r9_x86_win32.zip ZIP: infected - 1 skipped
    C:\xDocuments and Settings\adam\Old computer\Bits and pieces\Bits and Pieces\vnc-4_1_1-x86_win32.exe/file1 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4110 skipped
    C:\xDocuments and Settings\adam\Old computer\Bits and pieces\Bits and Pieces\vnc-4_1_1-x86_win32.exe/file3 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
    C:\xDocuments and Settings\adam\Old computer\Bits and pieces\Bits and Pieces\vnc-4_1_1-x86_win32.exe Inno: infected - 2 skipped
    C:\xDocuments and Settings\adam\Old computer\Bits and pieces\Bits and Pieces\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.333 skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0522f592f6c0dceea18444012f0fe77a_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0538940fc5823ea3b6b04d3836ff7245_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06817489d4f2c76b51a303939f5efe19_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06b6f1f5b3693bcf4aed9f7e535700a8_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06cbc44cebcdc6fb17cedccbbf79beb0_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06fda4f0db54a2eaac4647c7ce4d5b4b_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\07a410e89f65949f9b1cb56fc536cbd7_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\07a850a521d103d56d039b941f062af4_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\087c867220193124df1c23d76785be0f_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0b4b77a2214019feda9c349a0c9f5f3f_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0b8d54b015ca6a1473202089104d09d7_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0b9e29fa5be157851d629f171d0e522d_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0df10d3668bc72c18ef0e38c6d5fbca2_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e808b2bf26a0d9df40a609b3c7532ac_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f269423080e13c04f5adc8c136a9c63_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f2dcd85cd3a6366c8a25cb147765f3c_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f30847a0b509fb3d272de6bf0fe7826_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f768ba464102869d92391fe98f8f58a_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f9fe93d9450cb3d219e8260c2771be9_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0fb19b17fc2a88034246b1857feb1c4b_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0fb990dc2a1512df699695ddb500c0d1_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0fbeec92e6e6b7d2a60daea1bca1fcaf_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1067c31fe6274ef4a83dd79eb79fda30_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\10fcf92dd7cd4361e1ef7f0a1a6ce6cf_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1171a9dcec7c9120a269314173fbda6d_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\12025b469e4abab673839d2ad5a744be_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\12424d5dc311a4856d0b2af7ab75be88_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1545713ea75917dda27a7dc2d41586bc_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\155ba891e883a1957eb9d703b378d697_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1569a2ac17d97a9e7a80be64134840e1_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\166c4dd2d095b0eaed71abc85e7b8897_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1858a28835770e611f6cfe5cbabff123_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\185b265d465711cc795c435e24b49ae3_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1879c35b7de72ce57c2bd55ef825788d_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18891e602e3b9b9cdb727f8cd2b1494e_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18c8eb1076db8d976589146ed8fbea96_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18d4d635fb11b84748096b288cf96184_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    C:\xDocuments and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\19239e9adc60bf04f7604fe66f33a8f2_4bc421ab-97ef-4d8a-92f1-48ef78fd55ba Object is locked skipped
    Last edited by tashi; 2008-02-18 at 01:07. Reason: Disabled links
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules