Viruses, Spyware and other Nasties RSS Viruses, Spyware and other Nasties RSS

Please help- Virus Pop Up in Taskbar and Desktop Background Lock Out

Reply

Join Date: Jan 2007
Posts: 3
Reputation: pookie24680 is an unknown quantity at this point 
Solved Threads: 0
pookie24680 pookie24680 is offline Offline
Newbie Poster

Please help- Virus Pop Up in Taskbar and Desktop Background Lock Out

 
0
  #1
Jan 29th, 2007
Hi Everyone,

This is my first post and I'm hoping that I can get some advice on how to get rid of the viruses/trojans that are in my laptop.

I realized that my desktop background was locked out and was able to find this helpful thread:
http://www.daniweb.com/techtalkforums/thread36931.html

I followed the instructions and was able to access my desktop background again.

I have also been experiencing a pop up informing me of a virus in the taskbar and that I should run my anti virus program. I downloaded the AVG Anti-Virus program and the below is the log:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:21:10 AM 1/29/2007

+ Scan result:



HKLM\SOFTWARE\IEagent -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\143 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\206 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\339 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\348 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\387 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\675 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\757 -> Adware.ClearSearch : Cleaned with backup (quarantined).
C:\Documents and Settings\Eug\Local Settings\Temp\cd_clint.dll -> Adware.Cydoor : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Error during cleaning.
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\IE Security -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\IE Security\BlockedLocations -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Process Security -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Process Security\Policies -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Process Security\Policies\Allowed -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Process Security\Policies\Restricted -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Scan -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\System Security -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Updates -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MSEvents.MSEvents -> Adware.VirtuMonde : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MSEvents.MSEvents.1 -> Adware.VirtuMonde : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MSEvents.MSEvents\CLSID -> Adware.VirtuMonde : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MSEvents.MSEvents\CurVer -> Adware.VirtuMonde : Cleaned with backup (quarantined).
HKLM\SOFTWARE\webHancer -> Adware.WebHancer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\webHancer\CC -> Adware.WebHancer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ssqon.dll -> Downloader.ConHook.l : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ntsystem.exe -> Hijacker.Agent.hg : Cleaned with backup (quarantined).
C:\Documents and Settings\Eug\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-22213be0-6ba2efc3.zip/Dummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup (quarantined).
C:\Documents and Settings\Eug\Application Data\55185.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
C:\winstall.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
[3688] C:\Documents and Settings\Eug\Application Data\55185.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
[624] C:\winstall.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
:mozilla.225:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.137:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.189:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.294:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.306:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.472:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.90:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.92:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.93:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.94:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.95:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.96:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.99:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Eug\Cookies\eug@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.427:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.428:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.429:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.15:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.19:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.20:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.21:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.420:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.421:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.319:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.320:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.321:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.322:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.323:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.31:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Eug\Cookies\eug@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.52:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.53:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.312:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.313:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.314:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.176:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.175:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.400:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.24:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.80:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.81:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.82:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.83:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.33:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.34:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.35:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.36:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.37:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.38:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.39:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.40:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.369:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.370:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.371:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.443:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.486:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.487:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.489:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.490:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.491:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.387:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.388:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.363:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.364:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.368:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.397:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.398:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.415:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.416:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.417:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.88:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.276:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.75:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.76:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.77:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.79:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.10:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.8:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.9:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.242:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.243:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.244:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.143:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.144:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.145:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.146:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.147:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.148:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.149:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.150:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.151:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.329:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.330:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.331:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.423:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.424:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.425:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.18:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.27:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.223:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.207:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.208:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.209:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.210:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.211:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.212:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.233:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.234:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.235:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.236:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\SYSTEM32\ntoskrnl.dll -> Trojan.Agent.rx : Cleaned with backup (quarantined).


::Report end

--------------------------------------------------------------------------

I have also attached my hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 7:32:11 AM, on 1/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HiJackThis\HijackThis.exe

O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

/tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -

http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control

Object) - http://zone.msn.com/bingame/dsh2/def...2.1.0.0.55.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -

http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -

C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -

C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Program

Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program

Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program

Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Mrfs80b5porh - Unknown owner -

C:\WINDOWS\system32\drivers\drvnddm.sys (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\Program

Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation -

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - IntelĀ® Corporation - C:\Program

Files\Intel\Wireless\Bin\WLKeeper.exe

-----------------------------------------------------------------------------

When I restarted my laptop, the virus seems to be gone. I think it might have gone into quarantined. But how do I make sure that it is really gone?

Any help would be much appreciated!!! :cheesy:

Thank you.
Reply With Quote Quick reply to this message  
Join Date: Sep 2005
Posts: 21
Reputation: pip22 is an unknown quantity at this point 
Solved Threads: 2
pip22 pip22 is offline Offline
Newbie Poster

Re: Please help- Virus Pop Up in Taskbar and Desktop Background Lock Out

 
0
  #2
Jan 29th, 2007
Delete them all from the 'quarantined' area of AVG -- don't use AVG so can't be more specific. Just go through AVG's settings and options till you find the quarantined section. Delete all.

In future, when your antivirus finds any infections it's best to always choose 'Delete' if it's offered. No point in healing or quarantining useless virus files. None of them are likely to be vital Windows files. They are just virus-files pretending to be genuine Windows files. That's how most viruses propogate these days.

Two things you should now do in this order:

1. Delete all your existing 'Restore Points" used by System Restore if you have Windows XP. The reason is that those viruses could have been backed up inside a Restore Point before you found them. They are harmless in there UNTIL you do a System Restore in the near future, in which case you'll simply be putting them back where you just got rid of them! To delete all restore points: Control Panel->System->System Restore tab. Tick the little box to turn off SR and click 'Apply". and all restore points will be deleted. Now UNtick to turn SR back on. Click OK.

2. Now update your AV program and do another full and thorough scan.
Last edited by pip22; Jan 29th, 2007 at 3:34 pm.
Reply With Quote Quick reply to this message  
Join Date: Dec 2006
Posts: 907
Reputation: PhilliePhan will become famous soon enough PhilliePhan will become famous soon enough 
Solved Threads: 43
Moderator
PhilliePhan's Avatar
PhilliePhan PhilliePhan is offline Offline
Posting Shark

Re: Please help- Virus Pop Up in Taskbar and Desktop Background Lock Out

 
0
  #3
Jan 29th, 2007
Originally Posted by pip22 View Post
2. Now update your AV program and do another full and thorough scan.
Flushing System Restore might be a bit hasty since AVG Anti-spyware did not show and infected restore points - If the scan is done properly, it should show them.

Also, it's pretty difficult to update an AV program when none exists on your machine!! Not a safe way to go! See my linky below for some good and FREE options (including AVG Free). Install one! (AVG Anti-spyware is NOT an AV app)

While you are at it, update your Java as per the instructions in the linky! That way you are less likely to get hit again by Vundo and other baddies....

PP
Last edited by PhilliePhan; Jan 29th, 2007 at 4:49 pm.
In some sort of crude sense, which no vulgarity, no humor, no overstatement can quite extinguish, the physicists have known sin; and this is a knowledge which they cannot lose.
~ J. Robert Oppenheimer

ASAP
Reply With Quote Quick reply to this message  
Join Date: Jan 2007
Posts: 3
Reputation: pookie24680 is an unknown quantity at this point 
Solved Threads: 0
pookie24680 pookie24680 is offline Offline
Newbie Poster

Re: Please help- Virus Pop Up in Taskbar and Desktop Background Lock Out

 
0
  #4
Jan 29th, 2007
Thank you pip22 and PP for your advice - very much appreciated.

pip22 - I have followed your 2 suggestions and after rebooting the laptop, the virus does not show up on the taskbar anymore.

PP - I also followed your link and installed the AV as well as the Java program.

I was wondering - is there a way to make sure that my computer is virus free?

Logfile of HijackThis v1.99.1
Scan saved at 6:45:25 PM, on 1/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\uTorrent\utorrent.exe
C:\HiJackThis\HijackThis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/def...2.1.0.0.55.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mrfs80b5porh - Unknown owner - C:\WINDOWS\system32\drivers\drvnddm.sys (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - IntelĀ® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Thank you.
Reply With Quote Quick reply to this message  
Join Date: Dec 2006
Posts: 907
Reputation: PhilliePhan will become famous soon enough PhilliePhan will become famous soon enough 
Solved Threads: 43
Moderator
PhilliePhan's Avatar
PhilliePhan PhilliePhan is offline Offline
Posting Shark

Re: Please help- Virus Pop Up in Taskbar and Desktop Background Lock Out

 
0
  #5
Jan 29th, 2007
Originally Posted by pookie24680 View Post
I was wondering - is there a way to make sure that my computer is virus free?
I suggest looking at both of my links below for good tips, etc....

If you feel the need, try the Kaspersky Online Scan listed in my Self-help steps.

Definitely install Spyware Blaster and ZoneAlarm Firewall. Both are in my Protect Yourself linky.

O23 - Service: Mrfs80b5porh - Unknown owner - C:\WINDOWS\system32\drivers\drvnddm.sys (file missing) I am not sure about this HJT entry - You may want to investigate further. The file may not be missing / may even be legit...

Also, be careful with the BitTorrent and what you download. Lotta people get baddies that way. In many forums, we see "repeat customers" due to this and there is now an ongoing discussion among those of us who volunteer our free time in these forums as to whether we want to waste that time on people who are just going to get reinfected.......

Best
PP
In some sort of crude sense, which no vulgarity, no humor, no overstatement can quite extinguish, the physicists have known sin; and this is a knowledge which they cannot lose.
~ J. Robert Oppenheimer

ASAP
Reply With Quote Quick reply to this message  
Join Date: Jan 2007
Posts: 3
Reputation: pookie24680 is an unknown quantity at this point 
Solved Threads: 0
pookie24680 pookie24680 is offline Offline
Newbie Poster

Re: Please help- Virus Pop Up in Taskbar and Desktop Background Lock Out

 
0
  #6
Jan 31st, 2007
Thanks everyone for your help! :mrgreen:
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the Viruses, Spyware and other Nasties Forum
Thread Tools Search this Thread



adware anti-malware anti-virussitesaccessissue antivirus apple attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cybercrime cyberwarfare ddos domains e-mafia education email europe exam exploit facebook fake fancheckvirus gaming gtaiv gumblar halloween hijack hosting internet iphone logfiles mail malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch police policeprovirusmba-mblockedinternetaccess president privacy pro redirect redirecting reliability report research rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista war warning windows worm yahoo zeroday
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC