Trojan
Results 1 to 3 of 3

Thread: Trojan

  1. #1
    Registered User Ky.Rose's Avatar
    Join Date
    May 2003
    Posts
    45

    Question Trojan

    I ran StopSign Threat Scanner and it said I had a Trojan.DownLoad.12944: Virus in my
    system volume information\_restore and I was wanting to know how to remove it ? Here is a copy of the scan I have Win XP

    1 Virus infection(s):
    Infection Name: Type: Status:
    Trojan.DownLoad.12944 Virus Infected



    more...
    24 Spyware, Adware and other infection(s):
    Infection Name: Type: Status:
    Date Cookie Spyware Cookie Infected
    MediaPlex Cookie Spyware Cookie Infected
    QuestionMarket Cookie Spyware Cookie Infected
    WebtrendsLive Cookie Spyware Cookie Infected
    more...
    Full Virus Scan Details:

    Trojan.DownLoad.12944: Virus
    c:\system volume information\_restore{2711c854-b028-4acc-86a0-0319e470c27f}\rp782\a0067549.dll is Infected.
    Full Spyware, Adware, and Other Threat Details:

    AdDynamix Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[1].txt is Infected.
    AdServer Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@wjadserver[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[10].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[3].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[4].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[5].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[6].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[7].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[8].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[9].txt is Infected.
    Ads-Track Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@login.tracking101[2].txt is Infected.
    AngelFire Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@angelfire[1].txt is Infected.
    Bluestreak Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@bluestreak[1].txt is Infected.
    CoreMetrics Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@data.coremetrics[1].txt is Infected.
    Coupons Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@couponbar.coupons[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@print.coupons[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@print.coupons[3].txt is Infected.
    Date Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@technixupdate[2].txt is Infected.
    FastClick Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@fastclick[1].txt is Infected.
    MediaPlex Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@mediaplex[2].txt is Infected.
    MediatrackRevenue Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@revenue[2].txt is Infected.
    Omniture Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wakywgdjgbp.stats.esomniture[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wck4sncjabp.stats.esomniture[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wck4sncjabp.stats.esomniture[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wck4sncjabp.stats.esomniture[3].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wfl4qocjwdp.stats.esomniture[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wfliciczwap.stats.esomniture[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wgkiqjd5aao.stats.esomniture[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6whkoqhcjwep.stats.esomniture[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjkokgazwko.stats.esomniture[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjkyolc5who.stats.esomniture[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjlywocpkho.stats.esomniture[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjnyqicpikp.stats.esomniture[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wmkoamdzeco.stats.esomniture[2].txt is Infected.
    PointRoll Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[3].txt is Infected.
    Program.PopcapLoader.4: Riskware Program
    c:\program files\skilljam technologies\secure player\uninstall.exe:SkillJamLoader.dll is Infected.
    c:\documents and settings\all users\application data\skilljam\secureplayer\skilljamloader.dll is Infected.
    QuestionMarket Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt is Infected.
    RealMedia Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@247realmedia[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@247realmedia[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@247realmedia[4].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@network.realmedia[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@realmedia[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@realmedia[3].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@realmedia[4].txt is Infected.
    StatCounter Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@stat.onestat[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@stat.onestat[3].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@statcounter[2].txt is Infected.
    Tracking Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@2o7[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@2o7[3].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@americanexpress.122.2 o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@blockbuster.112.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@electronicarts.112.2o 7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@electronicarts.112.2o 7[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@electronicarts.112.2o 7[3].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@ge.112.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@ge.112.2o7[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@guthyrenker.112.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@ldproducts.122.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@medhelpinternational. 112.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@microsoftwlsearchcrm. 112.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@microsoftwlsearchcrm. 112.2o7[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@paypal.112.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@paypal.112.2o7[3].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@radarnetworks.112.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@samsclub.112.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@snapfish.112.2o7[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@waterfrontmedia.112.2 o7[1].txt is Infected.
    Trafficmp Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@cache.trafficmp[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@cache.trafficmp[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@cache.trafficmp[3].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@trafficmp[2].txt is Infected.
    TribalFusion Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[3].txt is Infected.
    WebtrendsLive Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@webtrends.chase[1].txt is Infected.
    C:\Documents and Settings\Owner\Cookies\owner@webtrends.chase[2].txt is Infected.
    Zedo Cookie: Spyware Cookie
    C:\Documents and Settings\Owner\Cookies\owner@zedo[1].txt is Infected.
    iWon Toolbar Application: Spyware Program
    HKCR\Interface\{83654582-4333-11D5-B0DF-0050DAC24E8F} is Infected.
    HKCR\Interface\{83654583-4333-11D5-B0DF-0050DAC24E8F} is Infected.
    HKCR\Interface\{83654584-4333-11D5-B0DF-0050DAC24E8F} is Infected.
    HKCR\Interface\{83654585-4333-11D5-B0DF-0050DAC24E8F} is Infected.
    HKLM\SOFTWARE\Classes\Interface\{83654582-4333-11D5-B0DF-0050DAC24E8F} is Infected.
    HKLM\SOFTWARE\Classes\Interface\{83654583-4333-11D5-B0DF-0050DAC24E8F} is Infected.
    HKLM\SOFTWARE\Classes\Interface\{83654584-4333-11D5-B0DF-0050DAC24E8F} is Infected.
    HKLM\SOFTWARE\Classes\Interface\{83654585-4333-11D5-B0DF-0050DAC24E8F} is Infected


    Thanks For Any Help !!!

  2. #2
    Super Moderator Ferrit's Avatar
    Join Date
    Apr 2001
    Location
    Vancouver Island The Real Canada
    Posts
    4,915
    Ok first thing you need is to shut off the system restore for the cleaning process.
    Right click My Computer and choose Properties.
    At the top is a tab called Restore. Click it and then Turn off for C drive and click Apply.
    Then download both
    Malwarebytes
    http://www.malwarebytes.org/mbam.php
    Spybot Search and Destroy.
    http://fileforum.betanews.com/downlo...y/1043809773/1
    Install them,
    Update them then reboot to safemode and scan with them.
    Oh and by the way I would believe nothing Stop Sign threat scanner tells me.
    Use the above scanners,they are likely the best.
    Gigabyte 990XA-UD3
    AMD FX 8350 4ghz OCTO-Core
    Windows 8.1 PRO 64
    Adata 256 gig SSD
    Kingston HyperX 1600 32 Gigs
    Sapphire 7770 1gig
    Enermax Liberty Modular 620
    www.northernaurora.net
    http://www.northernaurora.net/page/chat.html

  3. #3
    Driver Terrier NooNoo's Avatar
    Join Date
    Dec 2000
    Location
    UK
    Posts
    31,843
    According to Spywarewarrior.net Stop-sign are now behaving themselves... it might be a false positive Rose... Follow ferrit's suggestion (don't have them both scanning at the same time!) and then if it finds nothing in safe mode, do it again in normal mode.

    With malwarebytes you have to tell it to do a slow scan (which means everything) the quick scan can miss things.

    Post the malwarebytes log if it finds anything... it will create one automatically.
    Never, ever approach a computer saying or even thinking "I will just do this quickly."

Similar Threads

  1. Replies: 0
    Last Post: September 21st, 2005, 03:11 AM
  2. trojan or boot sector virus?
    By cypherth in forum Spyware & Antivirus - Security
    Replies: 3
    Last Post: February 9th, 2005, 04:05 PM
  3. possible trojan
    By freddy in forum Spyware & Antivirus - Security
    Replies: 3
    Last Post: December 21st, 2003, 04:16 AM
  4. Which trojan?
    By ilovetheusers in forum Tech-To-Tech
    Replies: 12
    Last Post: September 30th, 2002, 03:20 PM
  5. Error on startup
    By jasonflorida1 in forum Tech-To-Tech
    Replies: 5
    Last Post: October 12th, 2000, 08:34 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •