« previous next »
Pages: [1]   Go Down

Author Topic: Please help - Computer infected  (Read 3538 times)

0 Members and 1 Guest are viewing this topic.

hardcoreholly

  • Guest
Please help - Computer infected
« on: May 29, 2011, 10:11:03 PM »
I downloaded Avast and now I keep getting a Malicious URL warning. Its always in c/windows/system32/svchost.exe

My browser is hijacked, its really bad in Google, not soyauch in yahoo

I've ran Avast full scan on boot, Malware bytes, and Spybot, and CC CLeaner and deleted everything that came up but it persists.

Problem is after the programs are done they want me to reboot and when I do that it seems to come back full force. Last time the bug modified Avast software on startup.


Please help





Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67183
Re: Please help - Computer infected
« Reply #1 on: May 29, 2011, 10:17:20 PM »
I suggest:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use Comodo Cleaning Essentials (CCE), or MBAM, or SUPERantispyware to scan for spywares and trojans. If any infection is detected, it is better and safer to send the infected file(s) to quarantine (Chest), rather than simply deleting them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Read this instructions and provide more info with the logs generated.
6. Clean your Hosts file (replacing it) with HostsMan tool.
7. Disable System Restore and then reenable it again.
8. Immunize your system with SpywareBlaster.
9. Check if you have insecure applications with Secunia Software Inspector.
Logged
The best things in life are free.

hardcoreholly

  • Guest
Re: Please help - Computer infected
« Reply #2 on: May 29, 2011, 10:23:00 PM »
I;m not understanding how to generate a log.
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37700
Re: Please help - Computer infected
« Reply #3 on: May 29, 2011, 10:31:55 PM »
Follow this guide from our expert malware remover Essexboy
http://forum.avast.com/index.php?topic=53253.0
( post the logs here in this topic and not in the guide )


To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( Malwarebytes log / OTS log ) save OTS log as ANSI

Logged

Offline Simion

  • Advanced Poster
  • **
  • Posts: 976
Re: Please help - Computer infected
« Reply #4 on: May 29, 2011, 10:33:20 PM »
Quote from: hardcoreholly on May 29, 2011, 10:23:00 PM
I;m not understanding how to generate a log.
For which program?
Logged

hardcoreholly

  • Guest
Re: Please help - Computer infected
« Reply #5 on: May 29, 2011, 10:39:45 PM »
Here is the Malware Scan results


Scan type: Quick scan
Objects scanned: 259629
Time elapsed: 34 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 45
Registry Values Infected: 5
Registry Data Items Infected: 0
Folders Infected: 27
Files Infected: 383

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{99EB6A92-0CA5-0F34-9473-71862BFA0C2A} (Adware.UltimateContext) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{46772340-BB40-626C-D3CE-EEBFCE31E724} (Adware.UltimateContext) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{22FED6C4-395F-D724-C957-0BDCE13FAE84} (Adware.UltimateContext) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\UltimateContext.PornPro_BHO.1 (Adware.UltimateContext) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\UltimateContext.PornPro_BHO (Adware.UltimateContext) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99EB6A92-0CA5-0F34-9473-71862BFA0C2A} (Adware.UltimateContext) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{99EB6A92-0CA5-0F34-9473-71862BFA0C2A} (Adware.UltimateContext) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3AA42713-5C1E-48E2-B432-D8BF420DD31D} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEAC7DC8-E106-4C6A-931E-5A42E7362883} (Adware.GameVance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF5C6A80-C938-478C-BC8B-8D7B00788154} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) ->
Logged

hardcoreholly

  • Guest
Re: Please help - Computer infected
« Reply #6 on: May 29, 2011, 10:42:15 PM »
And More



HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2EFF3CF7-99C1-4c29-BC2B-68E057E22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A6573479-9075-4A65-98A6-19FD29CF7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} (Adware.MywaySearch) -> Value: {0494D0D9-F8E0-41AD-92A3-14154ECE70AC} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} (Adware.MywaySearch) -> Value: {0494D0D9-F8E0-41AD-92A3-14154ECE70AC} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\Zango 10.3.65.0 (Adware.Zango) -> Value: Zango 10.3.65.0 -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\documents and settings\bradley tausch\application data\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\funwebproducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\funwebproducts\Data\bradley tausch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\IESkins (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0 (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\HostOI (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\HostOI\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\HostOL (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\HostOL\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\tooltipxml (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\ustat (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\static (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\static\1 (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\static\2 (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\static\DownLoad (Adware.Zango) -> Quarantined and deleted successfully.
c:\program files\fbrowseradvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\MyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
Logged

hardcoreholly

  • Guest
Re: Please help - Computer infected
« Reply #7 on: May 29, 2011, 10:44:33 PM »
and more





c:\program files\screensavers.com\installer\bin (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\installer\Ready (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\installer\temp (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\installer\Upload (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\wallpaper (Adware.Comet) -> Quarantined and deleted successfully.

Files Infected:
c:\documents and settings\bradley tausch\my documents\downloads\audioconvertersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\local settings\temporary internet files\Content.IE5\0EPQBVGM\windows-update-sp3-kb68547-setup[1].exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\local settings\Temp\0.043041056890003926.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\local settings\Temp\0.8902514142080511.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Adobe\plugs\mmc102.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\funwebproducts\Data\bradley tausch\avatar.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\funwebproducts\Data\bradley tausch\zbucks.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1003204.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1018775.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\102369.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1035049.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1035209.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1035898.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1042547.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1043399.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1047045.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1050329.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1052531.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1055937.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1055993.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1055998.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1056077.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1056180.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1056305.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1056966.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1057079.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1057390.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1058131.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1059014.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1063425.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1063918.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1066422.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1066594.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1066790.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1139319.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1166828.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1228929.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\124590.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\125037.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1258679.sdf (Adware.Zango) -> Quarantined and deleted successfully.
Logged

hardcoreholly

  • Guest
Re: Please help - Computer infected
« Reply #8 on: May 29, 2011, 10:45:31 PM »

c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1288140.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1298417.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1300790.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1331927.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\134312.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\135259.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1385176.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1385179.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1385217.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1385232.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1385467.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1385940.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1388487.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1388761.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1400879.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1405661.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\144984.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1560586.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\156424.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\178445.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1785312.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\180552.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1840276.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1848010.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\189779.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1903530.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\1938157.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2070394.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2173031.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\219483.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2208948.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\221540.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\229238.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2313502.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2426392.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2434326.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2451.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\250215.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2548311.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2746161.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\27549.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2785603.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\286877.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2883897.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2884302.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2884303.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2884305.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2884306.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2884308.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2884309.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2884729.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2885061.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2893760.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2894190.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2896108.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2897123.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\2897171.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\322619.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\3240882.sdf (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\bradley tausch\application data\Zango\v3.0\Zango\dynamic\3240891.sdf (Adware.Zango) -> Quarantined and deleted successfully.
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37700
Re: Please help - Computer infected
« Reply #9 on: May 29, 2011, 10:45:45 PM »
when you post logs you should not cut away anything...... post it all from top to bottom... you may cut out important info

also as i posted above

To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach
Logged

hardcoreholly

  • Guest
Re: Please help - Computer infected
« Reply #10 on: May 29, 2011, 11:02:51 PM »
Sorry, I attached it
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37700
Re: Please help - Computer infected
« Reply #11 on: May 30, 2011, 12:13:53 AM »
see my reply Nr #3 and continue with OTS log

Logged
Pages: [1]   Go Up
« previous next »