We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Real hassle from virus/spyware
Options
Comments
-
Hi Rosy,
It would appear you have several different problems here. You've identified one of them which is various Lop trojans. This is an adware program usually installed with a program called Messenger plus when the installation instructions are not read properly. Have you recently uninstalled this program? There's no sign of it in your HJT log....
The Lop adware is relatively straight forward to clear up. You've already identified most of the folders and files it installs by doing the Panda scan. We'll need to see the Panda scan results though so we can tell you what needs to be deleted. However, there's another file which Panda doesn't show which can reinstall the adware. To identify this file I need you to do the following:
Open HijackThis and click 'Config' (bottom right)
Click 'Misc Tools'
Then hit the "Generate Startup List button.
This will open a text file with all sorts of information.
Scroll down the text file until you get to the section entitled "Enumerating Task Scheduler jobs"
It will look like this with possibly more entries listed......
Enumerating Task Scheduler jobs:
A2E41B6091979A08.job
Please copy & paste this section of the log file ONLY back here please.
Please also post a fresh HJT log and the latest Panda results in your next reply as PCHelpman has suggested above. We need these to completely remove the Lop adware program.
Note: There are still Lop related entries in your HJT log which need removing but we'll deal with those in good time. The entry below however, needs removing immediately...O16 - DPF: !!56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/157bb591...p/RdxIE601.cab
You should find your internet connection speeds up after removing this entry and restarting the computer.0 -
cannot seem to get my brain into gear today, knew I was missing something in that log !!Ex forum ambassador
Long term forum member0 -
Just to let you know I'm trying to tackle this - firstly the bleeping computer link could not uninstall virus burst - I downloaded roguescanfix but it couldn't download the program it needed. So no joy there. I am off to try the next lot of instructions - please bear with me it's taking me ages! Thanks to all.
Edited to add - I think I uninstalled the messenger plus with Windows defender yesterday.
Here is the first bit from the Hijack this program:
Enumerating Task Scheduler jobs:
A8C0A1C091CF55D4.job
AF95FD95919A6F91.job0 -
no problem, we will get there in the end...did'nt help me missing that earlierEx forum ambassador
Long term forum member0 -
Right, here goes, I'll post this lot in bits. First the new Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 21:56:49, on 23/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\SOINTGR.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\VoyagerTest\fts.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\Twain_32\SlimU2TA\HotKey.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL\Broadband CheckUp\bin\mpbtn.exe
C:\Documents and Settings\Ros\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ipehluzjdx.org/TePo0AAID6wdNcbByC2rtWQ4u3vKeJmJnm5hRVELqalKoDYUKQmpziDHcvyv/RII.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Yahoo! Companion BHO - !!02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - !!53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SO5 Integrator Pass Two] C:\WINDOWS\SOINTGR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB002" /M "Stylus C66"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\SlimU2TA\HotKey.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Broadband Check-Up.lnk = C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-gb\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-gb\msntabres.dll/229?baf4cc0bf14f4849937c1031a101
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-gb\msntabres.dll/230?baf4cc0bf14f4849937c1031a101
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: !!00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: !!14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: !!17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: !!193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: !!2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: !!39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: !!4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab
O16 - DPF: !!4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: !!8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: !!9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe0 -
Next the last Panda Scan I did ( this was earlier on today ) . Next bit of it in next post. ( Don't know how these angels are appearing
)
Incident Status Location
Adware:adware/safetybar Not disinfected c:\documents and settings\all users\desktop\Online Security Guide.url
Spyware:spyware/web3000 Not disinfected c:\windows\hh.ico
Adware:adware/ncase Not disinfected c:\windows\msbbau.dat
Spyware:spyware/searchcentrix Not disinfected Windows Registry
Adware:adware/systemdoctor Not disinfected Windows Registry
Adware:Adware/Lop Not disinfected C:\Documents and Settings\All Users\Application Data\Four Book Grim Noun\oozeobj.bk!
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Christopher\Application Data\LONGBARBEGGS\bleh sixth obj great.exe
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Christopher\Cookies\christopher@atwola[1].txt
Spyware:Cookie/VirusBurst Not disinfected C:\Documents and Settings\Christopher\Cookies\christopher@www.virusburst[1].txt
Adware:Adware/Lop Not disinfected C:\Documents and Settings\John\Application Data\LONGBARBEGGS\bleh sixth obj great.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Michael\Application Data\LONGBARBEGGS\bleh sixth obj great.exe
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Michael\Cookies\michael@adopt.hbmediapro[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Michael\Cookies\michael@adultfriendfinder[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Michael\Cookies\michael@ath.belnk[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Michael\Cookies\michael@atwola[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Michael\Cookies\michael@belnk[1].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Michael\Cookies\michael@c2.gostats[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Michael\Cookies\michael@ccbill[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Michael\Cookies\michael@cgi-bin[1].txt
Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Michael\Cookies\michael@ct.360i[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Michael\Cookies\michael@dist.belnk[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Michael\Cookies\michael@drivecleaner[2].txt
Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\Michael\Cookies\michael@gangbangsquad[1].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Michael\Cookies\michael@gostats[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Michael\Cookies\michael@i.screensavers[1].txt
Spyware:Cookie/Kount Not disinfected C:\Documents and Settings\Michael\Cookies\michael@kount[1].txt
Spyware:Cookie/Malwarewipe Not disinfected C:\Documents and Settings\Michael\Cookies\michael@malwarewipe[1].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Michael\Cookies\michael@rn11[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Michael\Cookies\michael@searchportal.information[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Michael\Cookies\michael@stats.drivecleaner[2].txt
Spyware:Cookie/TeensForCash Not disinfected C:\Documents and Settings\Michael\Cookies\michael@teensforcash[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Michael\Cookies\michael@toplist[1].txt
Spyware:Cookie/Affiliate fuel Not disinfected C:\Documents and Settings\Michael\Cookies\michael@www.affiliatefuel[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Michael\Cookies\michael@www.drivecleaner[1].txt
Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\Michael\Cookies\michael@www.gangbangsquad[1].txt
Spyware:Cookie/TeensForCash Not disinfected C:\Documents and Settings\Michael\Cookies\michael@www.teensforcash[1].txt
Spyware:Cookie/VirusBurst Not disinfected C:\Documents and Settings\Michael\Cookies\michael@www.virusburst[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Michael\Cookies\michael@xiti[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Michael\Cookies\michael@xmts[1].txt
Potentially unwanted tool:Application/VirusBurst Not disinfected C:\Documents and Settings\Michael\Local Settings\Temp\vb19EE.exe0 -
And the last bit of it:
Adware:Adware/PestTrap Not disinfected C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\SB5JAQ3X\theuptodatesafety[1].htm
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Application Data\LONGBARBEGGS\abcmlnyf.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Application Data\LONGBARBEGGS\bleh sixth obj great.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Application Data\LONGBARBEGGS\ciseoxxf.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Application Data\LONGBARBEGGS\gzrvhuag.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Application Data\LONGBARBEGGS\nzlyxpbz.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Application Data\LONGBARBEGGS\oyqpdvbt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Application Data\LONGBARBEGGS\pop ball comp.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Application Data\LONGBARBEGGS\WAIT HECK INSIDE.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Application Data\LONGBARBEGGS\xqcvjhbb.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Application Data\LONGBARBEGGS\yoyudyzf.exe
Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Ros\Cookies\ros@anm.co[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Ros\Cookies\ros@atwola[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Ros\Cookies\ros@belnk[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Ros\Cookies\ros@cgi-bin[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Ros\Cookies\ros@dist.belnk[2].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Ros\Cookies\ros@go[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Ros\Cookies\ros@searchportal.information[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Ros\Cookies\ros@toplist[1].txt
Spyware:Cookie/VirusBurst Not disinfected C:\Documents and Settings\Ros\Cookies\ros@www.virusburst[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Ros\Cookies\ros@xiti[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Ros\Cookies\ros@xmts[2].txt
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Ros\Local Settings\Temp\pueyifok.exe
Adware:Adware/StrCodec Not disinfected C:\Program Files\strCodec\isauninst.exe
Adware:Adware/PCodec Not disinfected C:\Program Files\strCodec\pmuninst.exe
Adware:Adware/StrCodec Not disinfected C:\Program Files\strCodec\uninst.exe0 -
Sheesh..that doesn't look good.0
-
This looks horrendous to me seeing it like that. ( BTW internet connection is definitely quicker now . Re Messenger Plus - I do remember getting Windows Defender to remove it but noone here has ever actually installed it, so no idea how it got there in the first place) I do have to say thanks a lot to all of you for helping me out like this. Believe me I am beginning to be a bit more hopeful and you are definitely decreasing my stress levels ! Thanks! ( I hope I haven't tempted fate there...)0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244K Work, Benefits & Business
- 598.8K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards