The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at NortonLifeLock.com

Trojan Generic 12.ABGW

Posted 1/6/2009 1:38 AM
#70771
User avatar

Rafe K Member

Date Joined Nov 2016
Total Posts: 2
So I read the," Read before you post a log" thread but am unable to comply with the instructions. I recently was infected with this trojan I have not seen reference to the specific version of generic 12 that I have but I have been doing my best to get rid of it. I was using AVG free up until the infection. Once my computer become infected I was unable to use search engines clicking on search results would redirect me to a new window showing a unrelated seemingly random commericial site I was also unable to connect to avg's website or almost any other security site or download. A friend sent me ad aware and I was able to identify the virus using that program but its quarentee procedure didn't effect anything. I was then able to download bullguard though I am still unable to connect to most security sites, running the virus scan with that came up with the root kit for the virus and I was able to quarentee it I can now web search but still can't access most security sites.

Here is the log I got just before I quarentined the rootkit. Any advice on the next steps I can take to complete the cleaning of my computer would be greatly appreciated.

BullGuard Scan Report

Scan Profile: "My Computer"

___________________________________________________________



----[ System Info ]------------


OS Version: Microsoft Windows XP Home Edition - Service Pack 3 (Build 2600) [1 * x86 CPUs]

Physical memory: 504 MB

System up-time: 0 days, 01 hours, 40 minutes, 40 seconds

BullGuard up-time: 0 days, 01 hours, 39 minutes, 38 seconds

TopLayer Version: 8, 5, 0, 17

FileSpy5 Version: N/A

BdFileSpy Version: 3.13.0.63 built by: WinDDK

BsFileScan Version: 8, 5, 0, 69

Reconn Version: 1.1.0.5 built by: WinDDK

MailProxy Version: 8, 5, 0, 20

AntiVirus Version: 8, 5, 0, 47


----[ Scan Parameters ]------------


Folders to scan:

C:\


Excluded folders:

None


Files to scan:

None


Scan type:

[o] Scan all files

[ ] Scan program files only

[ ] Scan custom extensions:


[X] Exclude user extensions: lnk


[X] Scan boot sectors

[X] Scan packed files

[X] Scan archives

[X] Scan emails

[X] Scan running processes

[X] Scan registry

[X] Scan IE cookies

[X] Enable heuristic detection


[ ] Scan default action

___________________________________________________________


Scan Statistics

___________________________________________________________


Scan started: Monday, January 05, 2009 12:45:12

Scan duration: 0 days, 01 hours, 32 minutes, 26 seconds

Completion status: Successful


Total files scanned: 398973

Total files skipped: 132

Identified viruses: 13

Scan speed: 71.94 files/sec


Files skipped:

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [Open Failed]

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [Open Failed]

C:\Documents and Settings\LocalService\NTUSER.DAT [Open Failed]

C:\Documents and Settings\LocalService\ntuser.dat.LOG [Open Failed]

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [Open Failed]

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [Open Failed]

C:\Documents and Settings\NetworkService\NTUSER.DAT [Open Failed]

C:\Documents and Settings\NetworkService\ntuser.dat.LOG [Open Failed]

C:\Documents and Settings\Owner\Application Data\Adobe\Acrobat\7.0\Messages\ENU\read0600win_ENUadbe0700.pdf [Password protected]

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0023n0ov.default\parent.lock [Open Failed]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>Ad-Aware SE Default.skn [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>arrow1.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>arrow2.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bck1.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt11.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt12.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt13.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt21.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt22.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt23.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt31.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt32.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt33.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt41.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt42.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt43.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt51.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt52.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt53.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt61.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>bt62.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>checkbox1.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>checkbox2.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>checkbox3.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>checkbox4.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>defbtn1.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>defbtn2.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>defbtn3.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>glyph1.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>glyph2.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>glyph3.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>glyph4.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>glyph5.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>glyph6.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>glyph7.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>main.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>preview.bmp [Password protected]

C:\Documents and Settings\Owner\Desktop\Desktop Stuff\aawsepersonal.exe=>wise0021=>sprite1.bmp [Password protected]

C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [Open Failed]

C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [Open Failed]

C:\Documents and Settings\Owner\Local Settings\Temp\me_ewOI5dYKNDsWhAm [Open Failed]

C:\Documents and Settings\Owner\Local Settings\Temp\me_OrH7PCE5sPsbQ0Z [Open Failed]

C:\Documents and Settings\Owner\Local Settings\Temp\me_R9DHAm4PTEnH6iC [Open Failed]

C:\Documents and Settings\Owner\Local Settings\Temp\me_Ydhj4LT6w7BQoqb [Open Failed]

C:\Documents and Settings\Owner\Local Settings\Temp\me_YQLVNqRPaft7SPE [Open Failed]

C:\Documents and Settings\Owner\My Documents\My Dropbox\PNWPA\Resources\Website\Sandwich-passwords.pdf [Password protected]

C:\Documents and Settings\Owner\NTUSER.DAT [Open Failed]

C:\Documents and Settings\Owner\ntuser.dat.LOG [Open Failed]

C:\Program Files\Adobe\Acrobat 7.0\Reader\Messages\ENU\RdrMsgENU.pdf [Password protected]

C:\Program Files\Adobe\Acrobat 7.0\Reader\Messages\RdrMsgSplash.pdf [Password protected]

C:\Program Files\Adobe\Acrobat 7.0\Reader\WebSearch\WebSearchENU.pdf [Password protected]

C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig710\ENU\Data1.cab=>WebSearchENU.pdf [Password protected]

C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig710\ENU\Data1.cab=>RdrMsgENU.pdf [Password protected]

C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig710\ENU\Data1.cab=>RdrMsgSplash.pdf [Password protected]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.dat [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.idx [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.dat [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.idx [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\D0000000.FCS [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\L0000068.FCS [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.dat [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.idx [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.dat [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.idx [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.dat [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.idx [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.dat [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.idx [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.dat [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.idx [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.dat [Open Failed]

C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.idx [Open Failed]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>Ad-Aware SE Default.skn [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>arrow1.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>arrow2.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bck1.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt11.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt12.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt13.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt21.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt22.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt23.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt31.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt32.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt33.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt41.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt42.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt43.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt51.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt52.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt53.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt61.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt62.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox1.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox2.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox3.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox4.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>defbtn1.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>defbtn2.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>defbtn3.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph1.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph2.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph3.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph4.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph5.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph6.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph7.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>main.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>preview.bmp [Password protected]

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>sprite1.bmp [Password protected]

C:\System Volume Information\MountPointManagerRemoteDatabase [Open Failed]

C:\WINDOWS\system32\config\default [Open Failed]

C:\WINDOWS\system32\config\default.LOG [Open Failed]

C:\WINDOWS\system32\config\SAM [Open Failed]

C:\WINDOWS\system32\config\SAM.LOG [Open Failed]

C:\WINDOWS\system32\config\SECURITY [Open Failed]

C:\WINDOWS\system32\config\SECURITY.LOG [Open Failed]

C:\WINDOWS\system32\config\software [Open Failed]

C:\WINDOWS\system32\config\software.LOG [Open Failed]

C:\WINDOWS\system32\config\system [Open Failed]

C:\WINDOWS\system32\config\system.LOG [Open Failed]

C:\WINDOWS\system32\drivers\sptd.sys [Open Failed]


___________________________________________________________


Infected Files

___________________________________________________________


----[ Infected Files ]------------


Malware: Rootkit.10778

C:\WINDOWS\system32\wdmaud.sys


----[ Infected Spyware Files ]------------


Malware: Adware.Whenu.C

C:\Program Files\DAEMON Tools SearchBar\Search.exe


----[ Infected Cookies ]------------


Malware: Cookie.2o7

=>C:\Documents and Settings\Owner\Cookies\owner@avgtechnologies.112.2o7[1].txt

=>C:\Documents and Settings\Owner\Cookies\owner@msnbc.112.2o7[1].txt

=>C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt


Malware: Cookie.AdBureau

=>C:\Documents and Settings\Owner\Cookies\owner@inl.adbureau[1].txt


Malware: Cookie.Adrevolver

=>C:\Documents and Settings\Owner\Cookies\owner@adrevolver[3].txt

=>C:\Documents and Settings\Owner\Cookies\owner@media.adrevolver[1].txt


Malware: Cookie.BS.Serving-Sys

=>C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt


Malware: Cookie.DealTime

=>C:\Documents and Settings\Owner\Cookies\owner@dealtime[2].txt

=>C:\Documents and Settings\Owner\Cookies\owner@stat.dealtime[2].txt


Malware: Cookie.DomainSponsor

=>C:\Documents and Settings\Owner\Cookies\owner@landing.domainsponsor[1].txt


Malware: Cookie.Mediaplex

=>C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt


Malware: Cookie.PointRoll

=>C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt


Malware: Cookie.Statcounter

=>C:\Documents and Settings\Owner\Cookies\owner@statcounter[1].txt


Malware: Cookie.Trafficmp

=>C:\Documents and Settings\Owner\Cookies\owner@trafficmp[2].txt


Malware: Cookie.WindowsMedia

=>C:\Documents and Settings\Owner\Cookies\owner@serviceswitching[1].txt

=>C:\Documents and Settings\Owner\Cookies\owner@windowsmedia[1].txt


___________________________________________________________


Results after ROUND 0

___________________________________________________________


Scan started: Monday, January 05, 2009 11:12:46

Scan duration: 0 days, 01 hours, 32 minutes, 26 seconds

Infections solved: 0

Infections left: 18

Viruses left: 13


----[ Files Still Infected ]------------


Malware: Rootkit.10778

C:\WINDOWS\system32\wdmaud.sys


----[ Spyware Files Still Infected ]------------


Malware: Adware.Whenu.C

C:\Program Files\DAEMON Tools SearchBar\Search.exe


----[ Cookies Still Infected ]------------


Malware: Cookie.2o7

=>C:\Documents and Settings\Owner\Cookies\owner@avgtechnologies.112.2o7[1].txt

=>C:\Documents and Settings\Owner\Cookies\owner@msnbc.112.2o7[1].txt

=>C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt


Malware: Cookie.AdBureau

=>C:\Documents and Settings\Owner\Cookies\owner@inl.adbureau[1].txt


Malware: Cookie.Adrevolver

=>C:\Documents and Settings\Owner\Cookies\owner@adrevolver[3].txt

=>C:\Documents and Settings\Owner\Cookies\owner@media.adrevolver[1].txt


Malware: Cookie.BS.Serving-Sys

=>C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt


Malware: Cookie.DealTime

=>C:\Documents and Settings\Owner\Cookies\owner@dealtime[2].txt

=>C:\Documents and Settings\Owner\Cookies\owner@stat.dealtime[2].txt


Malware: Cookie.DomainSponsor

=>C:\Documents and Settings\Owner\Cookies\owner@landing.domainsponsor[1].txt


Malware: Cookie.Mediaplex

=>C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt


Malware: Cookie.PointRoll

=>C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt


Malware: Cookie.Statcounter

=>C:\Documents and Settings\Owner\Cookies\owner@statcounter[1].txt


Malware: Cookie.Trafficmp

=>C:\Documents and Settings\Owner\Cookies\owner@trafficmp[2].txt


Malware: Cookie.WindowsMedia

=>C:\Documents and Settings\Owner\Cookies\owner@serviceswitching[1].txt

=>C:\Documents and Settings\Owner\Cookies\owner@windowsmedia[1].txt


___________________________________________________________


Results after ROUND 1

___________________________________________________________


Scan started: Monday, January 05, 2009 12:49:05

Scan duration: 0 days, 00 hours, 00 minutes, 04 seconds

Infections solved: 17

Infections left: 1

Viruses left: 1


----[ Spyware Files Solved ]------------


Malware: Adware.Whenu.C

Status: Moved To Quarantine

C:\Program Files\DAEMON Tools SearchBar\Search.exe


----[ Cookies Solved ]------------


Malware: Cookie.2o7

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@avgtechnologies.112.2o7[1].txt

=>C:\Documents and Settings\Owner\Cookies\owner@msnbc.112.2o7[1].txt

=>C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt


Malware: Cookie.AdBureau

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@inl.adbureau[1].txt


Malware: Cookie.Adrevolver

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@adrevolver[3].txt

=>C:\Documents and Settings\Owner\Cookies\owner@media.adrevolver[1].txt


Malware: Cookie.BS.Serving-Sys

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt


Malware: Cookie.DealTime

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@dealtime[2].txt

=>C:\Documents and Settings\Owner\Cookies\owner@stat.dealtime[2].txt


Malware: Cookie.DomainSponsor

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@landing.domainsponsor[1].txt


Malware: Cookie.Mediaplex

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt


Malware: Cookie.PointRoll

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt


Malware: Cookie.Statcounter

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@statcounter[1].txt


Malware: Cookie.Trafficmp

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@trafficmp[2].txt


Malware: Cookie.WindowsMedia

Status: Deleted

=>C:\Documents and Settings\Owner\Cookies\owner@serviceswitching[1].txt

=>C:\Documents and Settings\Owner\Cookies\owner@windowsmedia[1].txt


----[ Files Still Infected ]------------


Malware: Rootkit.10778

Status: Disinfect Failed

C:\WINDOWS\system32\wdmaud.sys
Posted 1/6/2009 8:03 AM
#70772
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Hello :smile:





Please upload and have this file scanned:

C:\WINDOWS\system32\wdmaud.sys



Here:


[color=#0000ff>https://virusscan.jotti.org/[/url]https://www.virustotal.com/en/indexf.html[/color]


Post back the results

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 1/19/2009 10:48 PM
#71424
User avatar

Rafe K Member

Date Joined Nov 2016
Total Posts: 2
Sorry I had to leave my home computer for a few weeks I am back here form the moment and I can not access either of those sites I come up with a server error. Directly after a virus scan and fix I can use my internet normal except I can not access any security related sites except this one.
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Monday, July 4, 2022, 2:35 AM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,684 registered members. Please welcome our newest member, james44.
44 Guest(s), 0 Registered Member(s) are currently online.