Help! Win32.P2P-Worm.Alcan.a worm.

  1. 15-12-2006  #11
    Neal
    Neal is offline Dedicated Member

    Re: Help! Win32.P2P-Worm.Alcan.a worm.

    SunJava have changed the version since I was there a few days ago, I have to change mine also now. Yes the JRE 6 is what you need.

    No idea on the hard drive thing maybe an indication of imminent failure, let's do a scan with the new AVG anti-spyware tool different from AVG free and see what it finds, quarantine everything it finds if anything.



    INSTRUCTIONS FOR USING AVG ANTI-SPYWARE in "NORMAL MODE"

    Download and scan with AVG Anti-Spyware
    1. After download, double click on the file to launch the install process.
    2. Choose a language, click "OK" and then click "Next".
    3. Read the "License Agreement" and click "I Agree".
    4. Accept default installation path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5, click "Next", then click "Install".
    5. After setup completes, click "Finish" to start the program automatically or launch AVG Anti-Spyware by double-clicking its icon on your desktop or in the system tray.
    6. The main "Status" menu will appear. Select "Change state" to inactivate 'Resident Shield' and 'Automatic Updates'.
    7. Then right click on AVG Anti-Spyware in the system tray and uncheck "Start with Windows".
    8. Go to Start > Run and type: services.msc

    * Press "OK".
    * Click the "Extended tab" and scroll down the list to find AVG Anti-Spyware guard.
    * When you find the guard service, double-click on it.
    * In the Properties Window > General Tab that opens, click the "Stop" button.
    * From the drop-down menu next to "Startup Type", click on "Manual".
    * Now click "Apply", then "OK" and close the Services window.

    9. Select the "Update" button and click "Start update". Wait until you see the "Update succesfull message". If you are having problems with the updater, manually update with the AVG Anti-Spyware Full database installer from HERE .

    Once the updates are installed do the following:
    1. Click on the "Scanner" button and choose the "Settings" tab.

    * Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
    * Under "How to Scan?" check all (default).
    * Under "Possibly unwanted software" check all (default).
    * Under "What to Scan?" make sure "Scan every file" is selected (default).
    * Under "Reports" select "Automatically generate report after every scan" and UNcheck "Only if threats were found".

    2. Click the "Scan" tab to return to scanning options.
    3. Click "Complete System Scan" to start.
    4. When the scan has finished you will be presented with a list of infected objects found. Click "Apply all actions" to place the files in Quarantine.

    IMPORTANT! Do not save the report before you have clicked the "Apply all actions button". If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the "Apply all actions" button?

    5. Click on "Save Report" to view all completed scans. Click on the most recent scan you just performed and select "Save report as" - the default file name will be in date/time format as follows: Report-Scan-20060620-142816.txt. Save to your desktop. A copy of each report will also be saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\
    6. Exit AVG Anti-Spyware when done and submit the log report in your next response.

    Close all open windows, programs, and DO NOT USE the computer while AVG Anti-Spyware is scanning. If Explorer or other programs are open during the scan that means certain files will also be in use. Some malware will insert itself and hide in areas that are "protected" by Windows when the files are being used. This can hamper AVG Anti-Spyware's ability to clean properly and may result in reinfection.

    New hijackthis log also please.

  3. 16-12-2006  #12
    shakti
    shakti is offline Newbie
    It found a lot. 155 items. Why do you think they werent caught with the earlier steps. Heres my logs.

    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 8:54:00 PM 12/15/2006

    + Scan result:



    D:\SoftWarez\Audio FX and Plugins\WaveSurround DirectX Audio Pluggin ZONE.zip/WaveSurround Crack.exe -> Backdoor.Theef.111 : Cleaned with backup (quarantined).
    D:\SoftWarez\Audio\!Audio FX and Plugins\WaveSurround DirectX Audio Pluggin ZONE.zip/WaveSurround Crack.exe -> Backdoor.Theef.111 : Cleaned with backup (quarantined).
    D:\SoftWarez\Plugins\Audio_FX_&_Plugins\WaveSurrou nd DirectX Audio Pluggin ZONE.zip/WaveSurround Crack.exe -> Backdoor.Theef.111 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Eric\Desktop\----MUSIC SOFTWARE\VSTI\Kontakt\CrcCheck.exe -> Downloader.Dadobr.bk : Cleaned with backup (quarantined).
    C:\Documents and Settings\Eric\Desktop\----MUSIC SOFTWARE\VSTI\Native Instruments VSTi\Kontakt\CrcCheck.exe -> Downloader.Dadobr.bk : Cleaned with backup (quarantined).
    D:\SoftWarez\Adobe PhotoShop CS 8.0\_Cracks\Adobe Photoshop CS Keygen\keygen.RB0 -> Logger.Delf.ncs : Cleaned with backup (quarantined).
    D:\SoftWarez\Adobe PhotoShop CS 8.0\_Cracks\Adobe Photoshop CS Keygen\keygen.exe -> Logger.Delf.ncs : Cleaned with backup (quarantined).
    D:\SoftWarez\Plugins\Adobe_Plugins_&_Docs\Photosho p Plugins\Adobe Photoshop 7.0 Keygen.zip/Adobe Photoshop 7.0 Keygen/keygen.exe -> Logger.Delf.ncs : Cleaned with backup (quarantined).
    C:\Program Files\WinRAR\WinRAR 3.0 Patch.RB0 -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
    C:\Program Files\WinRAR\WinRAR 3.0 Patch.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
    D:\SoftWarez\WinRAR\WinRAR 3.0 Patch.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
    D:\SoftWarez\WinRAR\WinRAR3\WinRAR 3.0 Patch.RB0 -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
    D:\SoftWarez\WinRAR\WinRAR3\WinRAR 3.0 Patch.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
    :mozilla.113:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.114:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.115:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.116:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.118:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.119:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.120:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.121:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.122:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.123:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.124:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.125:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2.tmp -> TrackingCookie.2o7 : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4C.tmp -> TrackingCookie.2o7 : Cleaned.
    :mozilla.387:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Admarketplace : Cleaned.
    :mozilla.283:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.301:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.328:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.330:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.331:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.332:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.342:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.345:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.359:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.360:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.427:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.432:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.434:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.454:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.455:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.79:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.80:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.81:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.82:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.83:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.84:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.85:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.191:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.192:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.193:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.194:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.195:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.196:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.32:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.33:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.34:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.35:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.36:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.37:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.41:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.43:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.45:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.46:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.47:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.48:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.52:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.53:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4E.tmp -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.93:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Bluestreak : Cleaned.
    :mozilla.278:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Bridgetrack : Cleaned.
    :mozilla.470:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.471:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.19:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.21:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.22:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.24:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.25:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.30:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.7:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.265:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Centrport : Cleaned.
    :mozilla.266:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Centrport : Cleaned.
    :mozilla.392:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Coremetrics : Cleaned.
    :mozilla.57:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.325:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.185:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.186:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.187:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.188:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.60:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.61:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.62:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.364:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.365:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.366:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.382:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.384:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.385:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.386:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15.tmp -> TrackingCookie.Hitbox : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4F.tmp -> TrackingCookie.Hitbox : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq50.tmp -> TrackingCookie.Hitbox : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB.tmp -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.465:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Masterstats : Cleaned.
    :mozilla.134:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.279:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned.
    :mozilla.280:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned.
    :mozilla.74:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.75:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.463:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Paycounter : Cleaned.
    :mozilla.256:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.257:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.258:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.259:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.315:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Pro-market : Cleaned.
    :mozilla.316:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Pro-market : Cleaned.
    :mozilla.137:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.292:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Revenue : Cleaned.
    :mozilla.100:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.101:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.99:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.245:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.246:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.247:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.248:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.249:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.213:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.218:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.219:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.220:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.395:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Targetnet : Cleaned.
    :mozilla.179:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.180:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.65:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.66:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.67:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.68:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.69:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.70:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.71:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.72:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.73:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.95:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.132:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Valueclick : Cleaned.
    :mozilla.133:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Valueclick : Cleaned.
    :mozilla.263:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.362:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.87:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.88:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.89:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.90:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.91:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.189:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.190:C:\Documents and Settings\Susie\Application Data\Mozilla\Firefox\Profiles\cjcphc9n.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
    C:\Documents and Settings\Eric\.jpi_cache\file\1.0\Dummy.class-4ffef27c-4f468b2b.class -> Trojan.ClassLoader.Dummy.d : Cleaned with backup (quarantined).
    D:\System Volume Information\_restore{B95F074C-E5A8-40B3-A26E-4939E018AA17}\RP2\A0001300.exe -> Worm.Delf.bd : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{B95F074C-E5A8-40B3-A26E-4939E018AA17}\RP2\A0001298.exe -> Worm.VB.an : Cleaned with backup (quarantined).


    ::Report end

    And My HIJACK THIS
    Logfile of HijackThis v1.99.1
    Scan saved at 9:00:30 PM, on 12/15/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
    C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Ahead\NEROPH~1\data\xtras\mssysmgr.exe
    C:\Program Files\FinePixViewer\QuickDCF.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0. dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0. dll
    O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\xtras\mssysmgr.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


    Thanks
  4. 17-12-2006  #13
    Neal
    Neal is offline Dedicated Member
    How is your computer behaving now?
  5. 17-12-2006  #14
    shakti
    shakti is offline Newbie
    My computer is a little slow and the hardrive is ticking like crazy constantly. What should I do with the 159 files in the AVG quarantine?

    Why do you think those weren't caught before by AVG, or did i just get infected with them?

    The little orange lite that indicates HD activity keeps blinking. I don't know if I made things better or worse yet. Well, at least I can access the registry and task manager now.

    Any advice?
    Thanks,
  6. 17-12-2006  #15
    Neal
    Neal is offline Dedicated Member
    Save 20% on AVG Internet Security 2012 Suite!
    you used a different AVG on that scan and it picks up more stuff.

    If I was you i would start backing up all you want to save in case you have hard drive failure.

    Are you sure it is your hard drive and not your fan making the noise.



    Open Hijackthis.

    Click the "Open the Misc Tools" section Button.

    Click the "Open Uninstall Manager" Button.

    Click the "Save list..." Button.

    Save it to your desktop. Copy and paste the contents into your reply.




    1. Download this file - combofix.exe
    2. Double click combofix.exe & follow the prompts.
    3. When finished, it will produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall
    Last edited by Neal; 17-12-2006 at 05:24 PM.
+ Reply to Thread
Page 2 of 2 FirstFirst 1 2
« web address error message & hijack this log | Slow Startup »