Awesome, so what about the ones that actually are infected, anything I can do about those?

c:\WINDOWS\SYSTEM\prutjct.exe Infected: Trojan-Spy.Win32.VB.eh
c:\WINDOWS\Q38118.com/DIAL.EXE Infected: Trojan-Dropper.DOS.Rute
c:\WINDOWS\Q38118.com Infected: Trojan-Dropper.DOS.Rute

You can delete those to ofcourse , i believe Merlin also said that.


Youre almost there When you deleted those entry's , can you post a new kaspersky log and HJT log to see if youre clean?

Ive deleted everything possible but I have a question, after my comp runs for a few hours it seems to get really choppy, like if a sound has to play it freezes for a sec, and its delayed so much my clock is like an hour behind from it doing it, its fine soon as I boot up but then it just seems to get worse and worse, could I have missed something?

Hey Osiris,

Gee your almost there, you must be really excited :lol: Make sure to post the logs for Joe to make sure you're clean, then you are probably going to want to defrag your system.

TTFN

T

Scan Statistics:
Total number of scanned objects: 43912
Number of viruses found: 16
Number of infected objects: 24
Number of suspicious objects: 0
Duration of the scan process: 4285 sec

Infected Object Name - Virus Name
c:\WINDOWS\SYSTEM\veev35b9.dll Infected: not-a-virus:AdWare.Veevo.b
c:\WINDOWS\SYSTEM\pdf107.dll Infected: not-a-virus:AdWare.Veevo.b
c:\WINDOWS\SYSTEM\pdfupd.dll Infected: not-a-virus:AdWare.Veevo.b
c:\WINDOWS\SYSTEM\vidctrl\vidctrl.exe Infected: not-a-virus:AdWare.DelphinMediaViewer.f
c:\WINDOWS\SYSTEM\m67m.oc$ Infected: not-a-virus:AdWare.MediaMotor.h
c:\WINDOWS\SYSTEM\HDPlugin1019.dl$ Infected: not-a-virus:AdWare.Gator.1019
c:\WINDOWS\SYSTEM\WinServAdX.dl$ Infected: not-a-virus:AdWare.WinAD.f
c:\WINDOWS\SYSTEM\wincoreak.dll Infected: not-a-virus:AdWare.Coreak
c:\WINDOWS\SYSTEM\unregister.exe Infected: not-a-virus:AdWare.ToolBar.VB.f
c:\WINDOWS\SYSTEM\prutjct.exe Infected: Trojan-Spy.Win32.VB.eh
c:\WINDOWS\Local Settings\Application Data\bp12.exe/data0002 Infected: not-a-virus:AdWare.FlashEnhancer.b
c:\WINDOWS\Local Settings\Application Data\bp12.exe Infected: not-a-virus:AdWare.FlashEnhancer.b
c:\WINDOWS\Q38118.com/DIAL.EXE Infected: Trojan-Dropper.DOS.Rute
c:\WINDOWS\Q38118.com Infected: Trojan-Dropper.DOS.Rute
c:\My Documents\My PSP8 Files\Workspaces\grad\purevolume\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616
c:\My Documents\My PSP8 Files\Workspaces\grad\purevolume\mirc616.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616
c:\Program Files\Common Files\Uninstall Information\RemoveDisplayUtility.exe Infected: not-a-virus:AdWare.DelphinMedia.Viewer.f
c:\Program Files\Common Files\Java\flacpy.cfg Infected: not-a-virus:AdWare.FlashEnhancer.b
c:\Program Files\mIRC\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.614
c:\Program Files\Ares\My Shared Folder\setup.exe/data0010/NHInstall.exe Infected: not-a-virus:AdWare.NavExcel.d
c:\Program Files\Ares\My Shared Folder\setup.exe/data0010 Infected: not-a-virus:AdWare.NavExcel.d
c:\Program Files\Ares\My Shared Folder\setup.exe Infected: not-a-virus:AdWare.NavExcel.d
c:\Program Files\tvs\BPCv2.Plugins.dll Infected: not-a-virus:AdWare.Broadcap.d
c:\MIRC\MIRC.EXE Infected: not-a-virus:Client-IRC.Win32.mIRC.91

Scan process completed.

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\AIM\AIM.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\HJT\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/k...bscan_ansi.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/pro...anner37240.cab

I just deleted the stuff from Ares so that is gone.

:smiley: Osiris,

That scan looks clean to me, I am going to mark this one Fixed! Let us know if you have any further problems with this.

TTFN

LGW

Marked as Fixed.