Sign in to follow this  
Turnitin23

TOO MANY POPUPS!!!!

Recommended Posts

i have attacheed the html file log

Edited by LS CalamityJane
Removed attachment - no longer needed.

Share this post


Link to post
Share on other sites

Ok thanks.

 

Not good news. Is your Antivirus expired?

 

Your PC has been hammered with multiple trojans, all of which are capable of causing severe damage

 

One of the trojans on the report is a keylogger and password stealer so all of your data is at risk that may have been stolen.

 

These are all the infected files that KAV found and need to be deleted, but that will not tell us what damage may have been done to allow the intruder re-access to your PC.

 

C:\814.exe

 

C:\bintheredunthat (folder)

 

C:\Documents and Settings\HP_Owner\Incomplete\Preview-T-4384609-02 Track 2.wma

 

C:\Documents and Settings\HP_Owner\Incomplete\T-4384609-02 Track 2.wma

 

C:\Documents and Settings\HP_Owner\Shared\ <---all files in that folder have been infected. Delete them all

 

C:\QooBox

 

C:\svhost.exe

 

C:\WINDOWS\bak\sys02258405102-1.exe (bak folder? Is that some sort of backup?)

 

C:\WINDOWS\bak\sys11-1258405102.exe

 

C:\WINDOWS\bak\win32102-125840510.exe

 

C:\WINDOWS\em.ocx

 

C:\WINDOWS\Setup90.exe

 

C:\WINDOWS\srvsqyjzfw.exe

 

C:\WINDOWS\system32\bak\wewemb.exe <--This looks like some sort of backups?

 

C:\WINDOWS\system32\ewxcksr.exe

 

C:\WINDOWS\system32\ipv6monl.dll

 

C:\WINDOWS\system32\OTFUZLUVZCGN (folder)

 

C:\WINDOWS\z.exe

 

If you are comfortable and capable of a reformat/reinstall - that would be my advice if you want to trust this computer again. :huh:

 

When should I re-format? How should I reinstall?

http://www.dslreports.com/faq/10063

 

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

http://www.dslreports.com/faq/10451

Share this post


Link to post
Share on other sites

I know it's not good news but you need to be aware of the risk because of what was infected on your computer

 

You should definitely take a look at link #2 I posted to protect any accounts, data, passwords should all be changed to be safe.

 

If you are not capable of #1, we can clean as best we can, I just can't make any guarantees that something might have been tampered with if your PC was accessed by a remote attacker :(

 

Did you delete those files? Were there any problems deleting any of them?

 

Edit 18 Apr 2007 by CalamityJane: Due to lack of response from the original topic starter, this topic will be archived in the "Resolved" Section (read only), to prevent others with similar issues from posting in it.

 

If anyone else has similar issues, please feel free to start a new topic.

Edited by LS CalamityJane

Share this post


Link to post
Share on other sites
Sign in to follow this