Not clean yet :( Help

I have followed the guideline above, and still today, my ZA got a warning on win32.p2p.worm

In the windows system32\bszip.dll

Should I post the hjt log?

I don't have the saved log of when I ran the avg free, but clicked fix or the appropriate action. Then restarted out of safe mode.

Scanned last night with avg and was clean, haven't been online and zone alarm gave me the above warning. I can post a screenshot.

I had alcan worm & sdbot worm and now, I get p2p worm

This laptop has not been on a p2p site, and has does not do adult sites.

I have transfered some software from another machine, but that machine seems to be OK

I do use yahoo IM and T-mobile hotspot

I had trouble a half year ago and posted here...http://forums.majorgeeks.com/showthread.php?t=89502 ... and thought I was clean.

Well last week my ebay account was locked as ebay detected fraudulent activity on my account. I went and changed all password etc, put fraud alert on credit etc. I am totally paranoid now, and haven't even been trusting the AV software companies.

I do know I have gotten exempliary help here at MG, and and trust the knowledge and wisdom of the techs here, even if some of my opinions in other non tech forums may differ.

Anyway, can someone advise on next steps to take. I do not want to hook the laptop online, but can.

Thanks much
Dave

 

If you have followed all the steps below, then attach the requested logs.

 

I couldn't follow all the steps as described

Machine was not online and I had to transfer files from a dial up connection over to the laptop to run stuff.

When I did the scan, I forgot to tic the save log, But I have the log before things got fixed from avg free. After that log, avg fixed those items. Then restarted to normal startup and finished fixing.

Some of the downloaded software would not run without online authentication.

I am not comfortable connecting it still. I get a p2p.worm warning from zone alarm, and I am not online.

I have run many scans all say I am clean, and I still get this zone alarm warning.



I am on my mac for now, and all I will use it until I either get this bunk of the laptop or put a new HD in. I really don't think I should have to install a new hd.

Last night a tech friend and I went through alot of the registry manually, found some odd scripts in dreamweaver registry values, full on java,

I have uninstalled dreamweaver and smart ftp

So with exception to some screenshots and some before logs, and one report, I have none of the above to post except all clean scans.

 

This is what has me worried yet, all scans say I am clean and this happens???

I am not confident it is gone even using the delete from za.

Any help on locating this and removing it permanently, (not quaranteen) would be appreciated.

Thanks and Merry Christmas
Dave

 

screenshot won't attatch

 

You didn't attach these logs?

• Bitdefender - from step 6
• Panda Scan - from step 6
• runkeys.txt - the log from GetRunKey.bat
• newfiles.txt - the log from ShowNew.bat

 

2hours into the bitdefender scan, my laptop shut down. (half way done)

Earlier panda scan was clean I do not see the point in running yet another annoying scan

I don't have a persistant internet connection, starbucks does close up for the night, and I must work during the day. And my other internet is dialup

I attatched what I have, will you or anybody help?

 

That last post was supposed to have the two you mentioned attatched. I must have missed a step in attatching, seems I'm good at missing steps. I noticed it yesterday, and just haven't been able to get to the laptop and remember to add them.

The runkey and shownew. I have those. I will post them soon.

(on my mac now)

Happy New Year!
Dave

 

Here it is hopefully