Member Avatar for pookie24680

Hi Everyone,

This is my first post and I'm hoping that I can get some advice on how to get rid of the viruses/trojans that are in my laptop.

I realized that my desktop background was locked out and was able to find this helpful thread:
http://www.daniweb.com/techtalkforums/thread36931.html

I followed the instructions and was able to access my desktop background again.

I have also been experiencing a pop up informing me of a virus in the taskbar and that I should run my anti virus program. I downloaded the AVG Anti-Virus program and the below is the log:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:21:10 AM 1/29/2007

+ Scan result:

HKLM\SOFTWARE\IEagent -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\143 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\206 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\339 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\348 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\387 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\675 -> Adware.ClearSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\IEagent\757 -> Adware.ClearSearch : Cleaned with backup (quarantined).
C:\Documents and Settings\Eug\Local Settings\Temp\cd_clint.dll -> Adware.Cydoor : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Error during cleaning.
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Windows installer -> Adware.PestTrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\IE Security -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\IE Security\BlockedLocations -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Process Security -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Process Security\Policies -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Process Security\Policies\Allowed -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Process Security\Policies\Restricted -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Scan -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\System Security -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKU\S-1-5-21-3945038207-276729148-93218849-1006\Software\PestTrap\Updates -> Adware.Pesttrap : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MSEvents.MSEvents -> Adware.VirtuMonde : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MSEvents.MSEvents.1 -> Adware.VirtuMonde : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MSEvents.MSEvents\CLSID -> Adware.VirtuMonde : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MSEvents.MSEvents\CurVer -> Adware.VirtuMonde : Cleaned with backup (quarantined).
HKLM\SOFTWARE\webHancer -> Adware.WebHancer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\webHancer\CC -> Adware.WebHancer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ssqon.dll -> Downloader.ConHook.l : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ntsystem.exe -> Hijacker.Agent.hg : Cleaned with backup (quarantined).
C:\Documents and Settings\Eug\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-22213be0-6ba2efc3.zip/Dummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup (quarantined).
C:\Documents and Settings\Eug\Application Data\55185.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
C:\winstall.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
[3688] C:\Documents and Settings\Eug\Application Data\55185.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
[624] C:\winstall.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Cleaned with backup (quarantined).
:mozilla.225:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.137:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.189:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.294:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.306:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.472:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.90:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.92:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.93:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.94:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.95:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.96:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.99:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Eug\Cookies\eug@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.427:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.428:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.429:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.15:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.19:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.20:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.21:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.420:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.421:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.319:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.320:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.321:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.322:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.323:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.31:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Eug\Cookies\eug@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.52:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.53:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.312:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.313:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.314:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.176:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.175:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.400:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.24:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.80:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.81:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.82:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.83:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.33:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.34:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.35:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.36:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.37:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.38:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.39:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.40:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.369:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.370:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.371:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.443:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.486:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.487:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.489:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.490:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.491:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.387:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.388:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.363:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.364:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.368:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.397:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.398:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.415:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.416:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.417:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.88:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.276:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.75:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.76:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.77:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.79:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.10:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.8:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.9:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.242:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.243:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.244:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.143:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.144:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.145:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.146:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.147:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.148:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.149:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.150:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.151:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.329:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.330:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.331:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.423:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.424:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.425:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.18:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.27:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.223:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.207:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.208:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.209:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.210:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.211:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.212:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.233:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.234:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.235:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.236:C:\Documents and Settings\Eug\Application Data\Mozilla\Firefox\Profiles\ybjxmobg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\SYSTEM32\ntoskrnl.dll -> Trojan.Agent.rx : Cleaned with backup (quarantined).


::Report end

--------------------------------------------------------------------------

I have also attached my hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 7:32:11 AM, on 1/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HiJackThis\HijackThis.exe

O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

/tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -

http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control

Object) - http://zone.msn.com/bingame/dsh2/default/DinerDash2.1.0.0.55.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -

http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -

C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -

C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Program

Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program

Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program

Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Mrfs80b5porh - Unknown owner -

C:\WINDOWS\system32\drivers\drvnddm.sys (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\Program

Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation -

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - IntelĀ® Corporation - C:\Program

Files\Intel\Wireless\Bin\WLKeeper.exe

-----------------------------------------------------------------------------

When I restarted my laptop, the virus seems to be gone. I think it might have gone into quarantined. But how do I make sure that it is really gone?

Any help would be much appreciated!!! :cheesy:

Thank you.

  • 3 Contributors
  • 5 Replies
  • 149 Views
  • 2 Days Discussion Span
  • Latest Post Latest Post by pookie24680
Member Avatar for pip22

Delete them all from the 'quarantined' area of AVG -- don't use AVG so can't be more specific. Just go through AVG's settings and options till you find the quarantined section. Delete all.

In future, when your antivirus finds any infections it's best to always choose 'Delete' if it's offered. No point in healing or quarantining useless virus files. None of them are likely to be vital Windows files. They are just virus-files pretending to be genuine Windows files. That's how most viruses propogate these days.

Two things you should now do in this order:

1. Delete all your existing 'Restore Points" used by System Restore if you have Windows XP. The reason is that those viruses could have been backed up inside a Restore Point before you found them. They are harmless in there UNTIL you do a System Restore in the near future, in which case you'll simply be putting them back where you just got rid of them! To delete all restore points: Control Panel->System->System Restore tab. Tick the little box to turn off SR and click 'Apply". and all restore points will be deleted. Now UNtick to turn SR back on. Click OK.

2. Now update your AV program and do another full and thorough scan.

Member Avatar for PhilliePhan

2. Now update your AV program and do another full and thorough scan.

Flushing System Restore might be a bit hasty since AVG Anti-spyware did not show and infected restore points - If the scan is done properly, it should show them.

Also, it's pretty difficult to update an AV program when none exists on your machine!! Not a safe way to go! See my linky below for some good and FREE options (including AVG Free). Install one! (AVG Anti-spyware is NOT an AV app)

While you are at it, update your Java as per the instructions in the linky! That way you are less likely to get hit again by Vundo and other baddies....

PP :)

Member Avatar for pookie24680

Thank you pip22 and PP for your advice - very much appreciated.

pip22 - I have followed your 2 suggestions and after rebooting the laptop, the virus does not show up on the taskbar anymore.

PP - I also followed your link and installed the AV as well as the Java program.

I was wondering - is there a way to make sure that my computer is virus free?

Logfile of HijackThis v1.99.1
Scan saved at 6:45:25 PM, on 1/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\uTorrent\utorrent.exe
C:\HiJackThis\HijackThis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/DinerDash2.1.0.0.55.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mrfs80b5porh - Unknown owner - C:\WINDOWS\system32\drivers\drvnddm.sys (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - IntelĀ® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Thank you.

Member Avatar for PhilliePhan

I was wondering - is there a way to make sure that my computer is virus free?

I suggest looking at both of my links below for good tips, etc....

If you feel the need, try the Kaspersky Online Scan listed in my Self-help steps.

Definitely install Spyware Blaster and ZoneAlarm Firewall. Both are in my Protect Yourself linky.

O23 - Service: Mrfs80b5porh - Unknown owner - C:\WINDOWS\system32\drivers\drvnddm.sys (file missing) I am not sure about this HJT entry - You may want to investigate further. The file may not be missing / may even be legit...

Also, be careful with the BitTorrent and what you download. Lotta people get baddies that way. In many forums, we see "repeat customers" due to this and there is now an ongoing discussion among those of us who volunteer our free time in these forums as to whether we want to waste that time on people who are just going to get reinfected.......

Best :)
PP

Member Avatar for pookie24680

Thanks everyone for your help! :mrgreen:

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.