Home > General > Pancolp.com

Pancolp.com

Back to top #5 troy152 troy152 Topic Starter Members 8 posts OFFLINE Local time:02:58 PM Posted 17 December 2008 - 12:49 PM Malwarebytes' Anti-Malware 1.31 Database version: 1508 Windows 5.1.2600 Repeat as many times as necessary to remove each Java versions. But I saw it should be used after your advice. bricat View Public Profile Send a private message to bricat Find all posts by bricat Bookmarks Digg del.icio.us StumbleUpon Google Facebook « Previous Thread | Next Thread » Thread Tools Show

There is no option to clean/disinfect, however, we need to analyze the information on the report. Graphics & Imaging Music & audio Video & CGI Hardware Tablets, smartphones and e-readers Computer components and accessories Other Hardware All C:\WINDOWS\system32\zodawadi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. Click View scan report at the bottom. http://www.pancolp.com/

C:\WINDOWS\system32\ezusuyep.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. Please have a look. O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. bricat View Public Profile Send a private message to bricat Find all posts by bricat #3 03-12-08, 14:59 blueshuki Newbie Join Date: Dec 2008 Posts: 9 Re: pop HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\pornpro.pornpro_bho (Adware.PlayaZ) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\pornpro.pornpro_bho.1 (Adware.PlayaZ) -> Quarantined and deleted successfully. or read our Welcome Guide to learn how to use this site. Once the license is accepted, reset to 100%. =========== Run DDS again and post DDS.txt in your reply. =========== Logs Required C:\Combofix.txt Kaspersky Scan Report DDS.txt How is your system running Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 下午 10:54:49, on 2008/12/3 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe

Back to top #9 troy152 troy152 Topic Starter Members 8 posts OFFLINE Local time:02:58 PM Posted 18 December 2008 - 06:40 AM I went to Start/control panel/but no software and Referring to the picture above, drag CFScript.txt into ComboFix.exe. Press the OK button to close that box and continue. HKEY_CLASSES_ROOT\main.bho (Trojan.BHO) -> Quarantined and deleted successfully.

Click Exit on the Main menu to close the program. ========= Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky Online Scanner Click Accept, when prompted http://forum.webuser.co.uk/showthread.php?t=78841 c:\WINDOWS\system32\fugikubu.dll (Trojan.Vundo) -> Delete on reboot. C:\Documents and Settings\All Users\Start Menu\Programs\Ascentive (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\main.bho.1 (Trojan.BHO) -> Quarantined and deleted successfully.

C:\Program Files\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully. Find all posts by Vegas #3 03-12-08, 23:03 bricat Global Moderator Join Date: Jun 2003 Location: belfast Posts: 34,622 Re: pop ups (pancolp.com, pantomi.com, precata.com) please don't reply C:\System Volume Information\_restore{705F393B-7BA4-487A-8373-6B62B26D1958}\RP495\A0048279.dll (Rogue.AscentivePerformance) -> Quarantined and deleted successfully. If you have Firefox installed: Click Firefox at the top and choose: Select All Click the Empty Selected button.

Click here to Register a free account now! All Rights Reserved. Can you please tell me what my weakness is on my system? Die hier angezeigten Sponsored Listings werden von dritter Seite automatisch generiert und stehen weder mit dem Domaininhaber noch mit dem Dienstanbieter in irgendeiner Beziehung.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\buguretu.dll -> Quarantined and deleted successfully. I drag it in and combofix did start automatically. c:\program files\INSTALL.LOG c:\windows\Downloaded Program Files\setup.inf c:\windows\system32\dijipire.dll c:\windows\system32\fufakili.dll c:\windows\system32\giveyaha.dll c:\windows\system32\giwasabu.dll c:\windows\system32\gomebomu.dll c:\windows\system32\jawepuwa.dll c:\windows\system32\jomoziyi.dll c:\windows\system32\kekiyala.dll c:\windows\system32\madudori.dll c:\windows\system32\mcrh.tmp c:\windows\system32\mekawiba.dll c:\windows\system32\pimimoso.dll c:\windows\system32\siruguhu.dll c:\windows\system32\vizalodu.dll c:\windows\system32\zibuyubo.dll D:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-11-11 to 2008-12-11 ))))))))))))))))))))))))))))))) .

After removing and rebooting, here is the new HJT report: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:58:12 PM, on 12/3/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet

C:\Program Files\Common\helper.dll (Trojan.BHO) -> Quarantined and deleted successfully. If you have Opera installed: Click Opera at the top and choose: Select All Click the Empty Selected button. C:\WINDOWS\system32\kafehera.dll (Trojan.Vundo) -> Quarantined and deleted successfully. bricat View Public Profile Send a private message to bricat Find all posts by bricat #4 04-12-08, 03:11 Vegas Newbie Join Date: Dec 2008 Location: Florida Posts: 5

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:40:18 PM, on 2008/12/3 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe Reboot your computer once all Java components are removed. Please download Malwarebytes' Anti-Malware from Here or Here Double Click mbam-setup.exe to install the application.

    [*]Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Copyright Dennis Publishing 2010, All rights reserved Toggle navigation Premium Domains Transfer Features Login Sign Up Interested in domain names?

    Make sure it is set to Instant Notification, then click Subscribe. ======== Please follow all instructions and in which order they come, if you have any questions, please ask before proceeding. C:\Program Files\DomPlayer (Trojan.Lop) -> Quarantined and deleted successfully. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\risumega.dll -> Quarantined and deleted successfully.

    is your router firewall set up? If you are not this user, do NOT follow these directions as they could damage the workings of your system. Completion time: 2008-12-10 22:18:15 - machine was rebooted ComboFix-quarantined-files.txt 2008-12-11 03:17:43 Pre-Run: 9,172,054,016 bytes free Post-Run: 20,028,960,768 bytes free 212 --- E O F --- 2008-11-12 01:18:21 I ran DDS again...txt