Infected with viruses - delete failed

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by SRBast, Jul 18, 2004.

  1. SRBast

    SRBast Specialist

    So I run my Norton Anti-Virus like a good girl. It brings up things that I should delete, but the delete fails or something else goes wrong and I wind up ending my session with "Your computer is still infected with viruses." I have clicked on the threatening virus which takes me to a website which tells me in no simple terms how to delete them. It all seems very dangerous and a lot of work to go through each one this way.

    I have Windows XP. I have run AdAware and SpyBot Search and Destroy to no avail. I have pasted the offending files below. Please let me know how to get rid of them!!! Thank you, Stephanie.

    ,Threat category: AdwareSource: C:\WINDOWS\preInsTT.exe,Description: The file C:\WINDOWS\preInsTT.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\krwv.exe,Description: The file C:\WINDOWS\krwv.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\alchem.exe,Description: The file C:\WINDOWS\alchem.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL,Description: The file C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL is a Adware threat.
    ,Threat category: VirusSource: {6BE63F2A-2DA5-49F0-BD54-455F01A0B652}\Message Store\Attachments\message_part2.pif,Description: The compressed file message_part2.pif within C:\Documents and Settings\David & Stephanie\My Documents\IncrediMail Data.cab is infected with the     W32.Netsky.D@mm virus.
    ,Threat category: VirusSource: {6BE63F2A-2DA5-49F0-BD54-455F01A0B652}\Message Store\Attachments\message_details.pif,Description: The compressed file message_details.pif within C:\Documents and Settings\David & Stephanie\My Documents\IncrediMail Data.cab is infected with the     W32.Netsky.D@mm virus.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.dll,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.dll is a Adware threat.
    ,Threat category: AdwareSource: polall1t.exe,Description: The compressed file polall1t.exe within polall1t.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: polall1t.exe,Description: The compressed file polall1t.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: preInsTT.exe,Description: The compressed file preInsTT.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: twaintec.dll,Description: The compressed file twaintec.dll within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\preInsTT.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\preInsTT.exe is a Adware threat.
    ,Threat category: AdwareSource: polmx.exe,Description: The compressed file polmx.exe within polmx.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.cab is a Adware threat.
    ,Threat category: AdwareSource: polmx.exe,Description: The compressed file polmx.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\FLEOK\msbb.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\FLEOK\msbb.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.exe is a Adware threat.
    ,Threat category: AdwareSource: alchem.exe,Description: The compressed file alchem.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\preInsTT.exe,Description: The file C:\WINDOWS\preInsTT.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\krwv.exe,Description: The file C:\WINDOWS\krwv.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\Downloaded Program Files\jao.dll,Description: The file C:\WINDOWS\Downloaded Program Files\jao.dll is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\alchem.exe,Description: The file C:\WINDOWS\alchem.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL,Description: The file C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL is a Adware threat.
    ,Threat category: VirusSource: {6BE63F2A-2DA5-49F0-BD54-455F01A0B652}\Message Store\Attachments\message_part2.pif,Description: The compressed file message_part2.pif within C:\Documents and Settings\David & Stephanie\My Documents\IncrediMail Data.cab is infected with the     W32.Netsky.D@mm virus.
    ,Threat category: VirusSource: {6BE63F2A-2DA5-49F0-BD54-455F01A0B652}\Message Store\Attachments\message_details.pif,Description: The compressed file message_details.pif within C:\Documents and Settings\David & Stephanie\My Documents\IncrediMail Data.cab is infected with the     W32.Netsky.D@mm virus.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.dll,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.dll is a Adware threat.
    ,Threat category: AdwareSource: polall1t.exe,Description: The compressed file polall1t.exe within polall1t.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: polall1t.exe,Description: The compressed file polall1t.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: preInsTT.exe,Description: The compressed file preInsTT.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: twaintec.dll,Description: The compressed file twaintec.dll within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\preInsTT.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\preInsTT.exe is a Adware threat.
    ,Threat category: AdwareSource: polmx.exe,Description: The compressed file polmx.exe within polmx.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.cab is a Adware threat.
    ,Threat category: AdwareSource: polmx.exe,Description: The compressed file polmx.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\FLEOK\msbb.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\FLEOK\msbb.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.exe is a Adware threat.
    ,Threat category: AdwareSource: alchem.exe,Description: The compressed file alchem.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.cab is a Adware threat.
    ,Threat category: VirusSource: old_photos.zip,Description: The email attachment old_photos.zip within Unknown00000000.data is infected with the     W32.Netsky.P@mm virus.
    ,Threat category: VirusSource: {6BE63F2A-2DA5-49F0-BD54-455F01A0B652}\Message Store\Attachments\message_part2.pif,Description: The compressed file message_part2.pif within C:\Documents and Settings\David & Stephanie\My Documents\IncrediMail Data.cab is infected with the     W32.Netsky.D@mm virus.
    ,Threat category: VirusSource: {6BE63F2A-2DA5-49F0-BD54-455F01A0B652}\Message Store\Attachments\message_details.pif,Description: The compressed file message_details.pif within C:\Documents and Settings\David & Stephanie\My Documents\IncrediMail Data.cab is infected with the     W32.Netsky.D@mm virus.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.dll,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.dll is a Adware threat.
    ,Threat category: AdwareSource: polall1t.exe,Description: The compressed file polall1t.exe within polall1t.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: polall1t.exe,Description: The compressed file polall1t.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: preInsTT.exe,Description: The compressed file preInsTT.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: twaintec.dll,Description: The compressed file twaintec.dll within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\preInsTT.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\preInsTT.exe is a Adware threat.
    ,Threat category: AdwareSource: polmx.exe,Description: The compressed file polmx.exe within polmx.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.cab is a Adware threat.
    ,Threat category: AdwareSource: polmx.exe,Description: The compressed file polmx.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\FLEOK\msbb.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\FLEOK\msbb.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.exe is a Adware threat.
    ,Threat category: AdwareSource: alchem.exe,Description: The compressed file alchem.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\wsem218.dll,Description: The file C:\WINDOWS\wsem218.dll is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\system32\twugck.exe,Description: The compressed file twugck.exe within C:\WINDOWS\system32\twugck.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\system32\twugck.exe,Description: The file C:\WINDOWS\system32\twugck.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\preInsTT.exe,Description: The file C:\WINDOWS\preInsTT.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\polmx.exe,Description: The compressed file polmx.exe within C:\WINDOWS\polmx.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\polmx.exe,Description: The file C:\WINDOWS\polmx.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\krwv.exe,Description: The file C:\WINDOWS\krwv.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\WINDOWS\alchem.exe,Description: The file C:\WINDOWS\alchem.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL,Description: The file C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL is a Adware threat.
    ,Threat category: VirusSource: {6BE63F2A-2DA5-49F0-BD54-455F01A0B652}\Message Store\Attachments\message_part2.pif,Description: The compressed file message_part2.pif within C:\Documents and Settings\David & Stephanie\My Documents\IncrediMail Data.cab is infected with the     W32.Netsky.D@mm virus.
    ,Threat category: VirusSource: {6BE63F2A-2DA5-49F0-BD54-455F01A0B652}\Message Store\Attachments\message_details.pif,Description: The compressed file message_details.pif within C:\Documents and Settings\David & Stephanie\My Documents\IncrediMail Data.cab is infected with the     W32.Netsky.D@mm virus.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.dll,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.dll is a Adware threat.
    ,Threat category: AdwareSource: polall1t.exe,Description: The compressed file polall1t.exe within polall1t.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: polall1t.exe,Description: The compressed file polall1t.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: preInsTT.exe,Description: The compressed file preInsTT.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: twaintec.dll,Description: The compressed file twaintec.dll within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\preInsTT.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\preInsTT.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\polall1t.exe,Description: The compressed file polall1t.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\polall1t.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\polall1t.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\polall1t.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.exe,Description: The compressed file polmx.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.exe is a Adware threat.
    ,Threat category: AdwareSource: polmx.exe,Description: The compressed file polmx.exe within polmx.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.cab is a Adware threat.
    ,Threat category: AdwareSource: polmx.exe,Description: The compressed file polmx.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\polmx.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\FLEOK\msbb.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\FLEOK\msbb.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.exe is a Adware threat.
    ,Threat category: AdwareSource: alchem.exe,Description: The compressed file alchem.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.cab is a Adware threat.
    Source: c:/windows/nem219.dll,Description: C:\PROGRA~1\Lavasoft\AD-AWA~1\Cache\627966
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temporary Internet Files\Content.IE5\50O39XOH\nem219[1].txt,Description: The compressed file nem219[1].txt within C:\Documents and Settings\David & Stephanie\Local Settings\Temporary Internet Files\Content.IE5\50O39XOH\nem219[1].txt is a Adware threat.
    ,Threat category: VirusSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temporary Internet Files\Content.IE5\50O39XOH\nem219[1].txt,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temporary Internet Files\Content.IE5\50O39XOH\nem219[1].txt is infected with the Bloodhound.Packed virus.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.dll,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.dll is a Adware threat.
    ,Threat category: AdwareSource: polall1t.exe,Description: The compressed file polall1t.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: preInsTT.exe,Description: The compressed file preInsTT.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: twaintec.dll,Description: The compressed file twaintec.dll within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\twaintec.cab is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\preInsTT.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\preInsTT.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\polall1t.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\THI7CF2.tmp\polall1t.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.exe is a Adware threat.
    ,Threat category: AdwareSource: alchem.exe,Description: The compressed file alchem.exe within C:\Documents and Settings\David & Stephanie\Local Settings\Temp\alchem.cab is a Adware threat.
    Source: C:\WINDOWS\nem219.dll,Description: C:\WINDOWS\nem219.dll
    Source: C:\Documents and Settings\David & Stephanie\Local Settings\Temporary Internet Files\Content.IE5\50O39XOH\nem219[1].txt,Description: C:\Documents and Settings\David & Stephanie\Local Settings\Temporary Internet Files\Content.IE5\50O39XOH\nem219[1].txt
    ,Threat category: AdwareSource: C:\WINDOWS\Downloaded Program Files\bridge.dll,Description: The file C:\WINDOWS\Downloaded Program Files\bridge.dll is a Adware threat.
    ,Threat category: AdwareSource: C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL,Description: The file C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL is a Adware threat.
    ,Threat category: AdwareSource: C:\Program Files\ClearSearch\Loader.exe,Description: The file C:\Program Files\ClearSearch\Loader.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Program Files\Bargain Buddy\bin\bargains.exe,Description: The file C:\Program Files\Bargain Buddy\bin\bargains.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Program Files\Bargain Buddy\bin\apuc.dll,Description: The file C:\Program Files\Bargain Buddy\bin\apuc.dll is a Adware threat.
    ,Threat category: AdwareSource: C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe,Description: The file C:\Documents and Settings\David & Stephanie\Local Settings\Temp\cdt_bbi8016.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL,Description: The file C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL is a Adware threat.
    ,Threat category: AdwareSource: C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL,Description: The file C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL is a Adware threat.
    Source: C:\Documents and Settings\David & Stephanie\Local Settings\Application Data\IM\Runtime\Message\{E1E0EEF6-FA6C-4E28-A96C-AEB0067BDBD2}\Show\hvdby1.exe
    Source: C:\Documents and Settings\David & Stephanie\Local Settings\Application Data\IM\Runtime\Message\{02BF53C2-4633-4B7E-B79C-F1D61D1E42BB}\Show\hfcrg1.bat
    Source: C:\Documents and Settings\David & Stephanie\Local Settings\Application Data\IM\Identities\{C218FCDF-87BB-4287-A602-7006D12EF25D}\Message Store\Attachments\Q428474.exe
    ,Threat category: AdwareSource: C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL,Description: The file C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL is a Adware threat.
    ,Threat category: AdwareSource: C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL,Description: The file C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL is a Adware threat.
    ,Threat category: AdwareSource: C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL,Description: The file C:\RECYCLER\S-1-5-21-2072854403-2559755613-73389121-1005\Dc93.DLL is a Adware threat.
    ,Threat category: AdwareSource: C:\Program Files\WebSavingsfromEbates\System\Code\Main.class,Description: The file C:\Program Files\WebSavingsfromEbates\System\Code\Main.class is a Adware threat.
    ,Threat category: AdwareSource: C:\Program Files\RVP\bpc.exe,Description: The file C:\Program Files\RVP\bpc.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL,Description: The file C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL is a Adware threat.
    ,Threat category: AdwareSource: C:\Program Files\RVP\bpc.exe,Description: The file C:\Program Files\RVP\bpc.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL,Description: The file C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL is a Adware threat.
    ,Threat category: VirusSource: file.pif,Description: The email attachment file.pif within Unknown00000000.data is infected with the     W32.Novarg.A@mm virus.
    ,Threat category: VirusSource: file.pif,Description: The email attachment file.pif within Unknown00000000.data is infected with the     W32.Novarg.A@mm virus.
    ,Threat category: VirusSource: test.pif,Description: The email attachment test.pif is infected with the     W32.Novarg.A@mm virus.
    ,Threat category: VirusSource: body.zip,Description: The email attachment body.zip is infected with the     W32.Novarg.A@mm virus.
    ,Threat category: AdwareSource: C:\Program Files\WebSavingsfromEbates\System\Code\Main.class,Description: The file C:\Program Files\WebSavingsfromEbates\System\Code\Main.class is a Adware threat.
    ,Threat category: AdwareSource: C:\Program Files\RVP\bpc.exe,Description: The file C:\Program Files\RVP\bpc.exe is a Adware threat.
    ,Threat category: AdwareSource: C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL,Description: The file C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL is a Adware threat.
     
    SRBast, Jul 18, 2004
    #1
  2. TheLastMessenger

    TheLastMessenger Private E-2

    Well, you got a bunch of good stuff on there... Did you run all the programs correctly and delete all the files? Heres a basic how to...

    First do these free online scans and post what it picked up, plus delete those that are found:
    http://housecall.trendmicro.com/housecall/start_corp.asp
    http://www.pandasoftware.com/activescan/com/activescan_principal.htm

    Second Step is to make sure you have all the SpywarePrograms below Downloaded (Make sure you download them all to your ProgramFiles NOT Temporary) and UPDATE THEM!!

    Download Microsofts Critial Updates and Patches:
    http://v4.windowsupdate.microsoft.com/en/default.asp

    Then do this:
    Showing hidden files; follow step by step:
    http://www.xtra.co.nz/help/0,,4155-1916458,00.html

    Disable System Restore:
    http://www.pchell.com/virus/systemrestore.shtml
    If you got 2000 -- don't worry about System Restore:
    http://www.cts.duq.edu/content_pages/students/s_virus/s_virus_xprestore.html

    Boot in safe mode: http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406/

    Try running AdAware in safe mode --- Make sure you've already gotten the latest UPDATES (Open, then press the Check for Updates button) and apply the following settings:
    This is where you get Adaware --- http://www.majorgeeks.com/download506.html
    This is a link on how to run it --- http://www.lavahelp.com/howto/fullscan/index.html --- Or You can use the instructions here:
    Click on Start -- custom scanning options -- Customize.
    Check the following settings:
    Scan within archives
    Scan active processes
    Scan registry
    Deep scan registry
    Scan my IE Favorites for banned URL
    Scan my host-file
    Click on Tweak:
    Select -- Scanning Engine
    Check "Unload recognized processes during scanning"
    Check "Include additional Adaware settings in LogFile"
    Select -- Cleaning Engine
    Check "Automatically try to unregister objects prior to deletion" and "Let windows remove files in use at next reboot"
    Then click "proceed" to save your settings.
    Click on Next then Scan. Everything AdAware finds is safe to delete.

    Run SpyBot Search and Destroy --- Make sure you have gotten the latest UPDATES (Open, then Search for Updates button)
    This is where you get SpyBot --- http://www.majorgeeks.com/download2471.html

    Empty your Temporary Internet Files and history in Internet Options. And clean out your
    %Userprofile%\Local Settings\Temp
    folder. You can also use Crapcleaner to help you clear out some stuff:
    This is where you get ccleaner --- http://www.majorgeeks.com/download4191.html

    Reboot

    Enable System Restore

    Run HJT and POST log --- Make sure you have the latest Updates/Versions (Open, Config, then MiscTools, and Check for Updates Online)
    This is where you get HJT --- http://www.majorgeeks.com/download3155.html

    There are also many other programs here that are very useful
    http://forums.majorgeeks.com/index.php?

    FOR FUTURE SECURITY
    Download freeware here:
    http://www.javacoolsoftware.com/spywareblaster.html
     
    TheLastMessenger, Jul 18, 2004
    #2
  3. SRBast

    SRBast Specialist

    Holy Crap! Thanks for the in-depth reply. I'll have to tackle this tomorrow since it's so involved. Thank you. BTW, when you say "if you have 2000, don't worry about it" do you mean Windows 2000 or a program. I have Windows XP, so I'm assuming that I have to disable System Restore.

    Thanks again,
    Stephanie
     
    SRBast, Jul 18, 2004
    #3
  4. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    More importantly, do this while disconnected and you can remove quite a few things there from add\remove programs. Looks like TheLastMessenger has you covered. Thats a lot of items!
     
    Major Attitude, Jul 18, 2004
    #4
  5. SRBast

    SRBast Specialist

    Hey M.A.,
    What do you mean by disconnected? From the Internet? From my Network? Can you explain it to me as though I'm computer dumb? Which I am...but slowly getting better thanks to MG :)

    Stephanie
     
    SRBast, Jul 18, 2004
    #5
  6. TheLastMessenger

    TheLastMessenger Private E-2

    You will be doing system restore since your in XP... the instructions are there. Also Major Attitude has made the right correction, it would be better to be disconnected.
     
    TheLastMessenger, Jul 18, 2004
    #6
  7. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    If your on dialup, dont connect. If you are on broadband, when going to safe mode choose "safe mode without networking" and that will disable your network card and keep you off the net :)

    Its not a huge deal, its just another of those things to be cautious about.
     
    Major Attitude, Jul 18, 2004
    #7
  8. SRBast

    SRBast Specialist

    Gotcha. I'll let you know how it goes. :)
     
    SRBast, Jul 19, 2004
    #8
  9. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    If they do not delete, it is probably because they are running. Windows can not delete a file that is in use. Heres an example using one of your files that will not delete:

    Your program can not delete alchem.exe. Hit the ctrl, alt and delete keys at the same time and task manager will come up. Go to the process tab, find alchem.exe, click on it and press the end process button. Now, you should be able to delete it :)
     
    Major Attitude, Jul 19, 2004
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds