Spybot Detects OPACHKl.RU TROJANS C

[ken545]

Hi,

Not sure what thats all about ? How are things running now ?

[Need To Know]

Hey Ken,


I was not sure how to get the log from the last scan. The computer seems to be running fine. Should I Fix The Opachki.ru with Spybot ? I think that File I posted posibly came from the Eset scan. I did notice there seems to be some info about pictures I've received from a friend , Im sure his computer is infected as sometimes he tries to sneek shocking pics in.
Are there other scans I can routinely perform as only Spybot picked up
the trojen and only the Escan picked up the worms.... By the way I belive
a friend of mine does the same type of work for a hospital that you do.
Thanks A Lot for all of your help ! Oh could I ask How do you get a logfile
from c:\programfile\

Hope Your Having A Good Day !!!

[ken545]

Hi,

Yes, I would run Spybot and have it remove that entry or file it found. I am not sure what log file your talking about to post ??

[Need To Know]

Hello,


The log I was talking about was from the Eset scan. You had asked me to use notepad to open the log file located at C:\ProgramFiles\EsetOnlineScanner\Log.txt ,but I didn't know how to use notepad to open the log file.

[ken545]

You can find it here, just click on it to open

C:\ProgramFiles\EsetOnlineScanner\Log.txt


When it opens, go to the top and click on Edit> Select All........Edit> Copy and then just paste it into the forum please

[Need To Know]

Hi

I may have found the Eset Scanner log !!! The only log that said Eset log.

Thu Feb 01 05:29:05 2007 GameConsole INFO Log session opened
Thu Feb 01 05:29:08 2007 UpdateManager INFO Starting new manifest download from http://console.wildgames.com/client/...ctManifest.xml
Thu Feb 01 05:29:11 2007 ArcadeClientController INFO Navigation to C:\Program Files\WildTangent\Apps\Dell Game Console\ui\htdocs\Home.html
Thu Feb 01 05:29:12 2007 ArcadeClientController INFO Navigation to C:\Program Files\WildTangent\Apps\Dell Game Console\ui\htdocs\Home.html
Thu Feb 01 05:29:32 2007 ArcadeClientController INFO Navigation to C:\Program Files\WildTangent\Apps\Dell Game Console\ui\htdocs\product\scrabble\GameInfo.html
Thu Feb 01 05:29:38 2007 ProductManager INFO Installing {6B6A7665-DB48-4762-AB5D-BEEB9E1CD7FA}
Thu Feb 01 05:29:38 2007 ProductManager INFO Running installer for {6B6A7665-DB48-4762-AB5D-BEEB9E1CD7FA}
Thu Feb 01 05:30:08 2007 Download INFO Cancelling download
Thu Feb 01 05:37:34 2007 GameConsole INFO App closing down


Looks like something related to games. My son used to play games on this computer. Still not sure this is right.

[ken545]

Good Morning,

Thats not the whole log. Where you able to delete the file I posted about in a previous reply ? How are things running now ?

[Need To Know]

Greetings !


Thanks for your patients. I think I finaly got it. What I posted the last time is what came up on the only Eset log.txt. I did another Escan,then both correct logs showed up on the only Eset log.txt ??? This one looks to be the correct type of info. Spybot always shows 3 WILD TANGENT PUPS that cannot be deleted. Im assuming because they have something to do with the I-POD program? I did delete c:\windows\system32\57A.temp. You had said c;\windows\system32\57a.temp, the difference being 57a small "a" as opposed to 57A capital "A" . Hope I got the right one as it was the only 57A. The computer seems to be fine so far.


ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=1d740fb2afe01048bdcff9c12cff4563
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-11-09 02:27:53
# local_time=2009-11-08 09:27:53 (-0500, Eastern Standard Time)
# country="United States"
# lang=9
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 5806370 5806370 0 0
# compatibility_mode=1024 16777191 100 0 0 0 0 0
# compatibility_mode=6912 16777215 100 0 10710262 10710262 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=89938
# found=3
# cleaned=3
# scan_time=2494
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent49.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent59.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent89.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=1d740fb2afe01048bdcff9c12cff4563
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-11-13 08:31:11
# local_time=2009-11-13 03:31:11 (-0500, Eastern Standard Time)
# country="United States"
# lang=9
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 6172329 6172329 0 0
# compatibility_mode=1024 16777175 100 0 0 0 0 0
# compatibility_mode=6912 16777215 100 0 11076221 11076221 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=92448
# found=0
# cleaned=0
# scan_time=3934

[ken545]

That what I needed and it looks fine

You can delete that file if present either big or small A doesn't matter


How are things running now ?

[Need To Know]

My computer seems to be running fine! Thanks A Lot For Your Help! You guys are a great help to those of us that know very little about computers. Hope your having a great weekend !