Virus Scan Results:

Run: 6/10/2007 12:54:16 PM

Scanned:
Boot Sector
Boot Sector
All files, including those in archives, on all local hard drives

Results:

Found potential threat
In File: C:\Documents and
Settings\Administrator.HOME-4C4A79B7C3\Application
Data\VCOM\Fix-It\Quarantine\eied_s7[1].chm.QUAR00
Name: CHM_PSYME.BY
Requested action: Remove potential threat.
Results: Potential threatremoval failed. File containing potential
threat quarantined to folder C:\Documents and
Settings\Doug.HOME-FB03ED6486\Application Data\VCOM\Fix-It\Quarantine

Found potential threat
In File: C:\Documents and
Settings\Administrator.HOME-4C4A79B7C3\Application
Data\VCOM\Fix-It\Quarantine\eied_s7[1].chm.QUAR01
Name: CHM_PSYME.BY
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and
Settings\Administrator.HOME-4C4A79B7C3\Application
Data\VCOM\Fix-It\Quarantine\eied_s7[1].chm.QUAR02
Name: CHM_PSYME.BY
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and
Settings\Administrator.HOME-4C4A79B7C3\Application
Data\VCOM\Fix-It\Quarantine\eied_s7[2].chm.QUAR00
Name: CHM_PSYME.BY
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and
Settings\Administrator.HOME-4C4A79B7C3\Application
Data\VCOM\Fix-It\Quarantine\kilacln.exe.QUAR00
Name: ADW_UNSPY.A
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and
Settings\Administrator.HOME-4C4A79B7C3\Application
Data\VCOM\Fix-It\Quarantine\56AAFCCA-C0FE-437B-8187-5D681A4572E7.exe.QUAR00
Name: ADW_UNSPY.A
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug\Local Settings\Temporary
Internet Files\Content.IE5\6LO3Y1KF\cyber[1].wmf
Name: EXPL_WMF.GEN
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug\Local Settings\Temporary
Internet Files\Content.IE5\6LO3Y1KF\test[2].html
Name: HTML_PSYME.AIH
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug\Local Settings\Temporary
Internet Files\Content.IE5\8LMNWTIR\ms-counter[1].jar\BaaaaBaa.class
Name: JAVA_BYTEVER.AY
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug\Local Settings\Temporary
Internet Files\Content.IE5\8LMNWTIR\ms-counter[1].jar\VaaaaaaaBaa.class
Name: JAVA_BYTEVER.AY
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug\Local Settings\Temporary
Internet Files\Content.IE5\8LMNWTIR\ms-counter[1].jar\Baaaaa.class
Name: JAVA_BYTEVER.AY
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug\Local Settings\Temporary
Internet Files\Content.IE5\YHO38ZOH\in[1].htm
Name: JS_PSYME.ANT
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and
Settings\Doug.HOME-FB03ED6486\Desktop\2file.tmp~
Name: TROJ_Generic.Z
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug.HOME-FB03ED6486\Local
Settings\Temp\ecka.exe~
Name: TROJ_MULP.BN
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug.HOME-FB03ED6486\Local
Settings\Temp\fdnh.exe~
Name: TROJ_MULP.BN
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug.HOME-FB03ED6486\Local
Settings\Temp\svchost.com~
Name: TROJ_FEMAD.AN
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug.HOME-FB03ED6486\Local
Settings\Temporary Internet Files\Content.IE5\G5E3W72H\count[1].htm
Name: JS_WONKA.AK
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Documents and Settings\Doug.HOME-FB03ED6486\Local
Settings\Temporary Internet Files\Content.IE5\XWXD5NVG\index[3].htm
Name: JS_SMALL.HEP
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\explorer1.exe
Name: TROJ_FEMAD.CQ
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\itigcsp.exe
Name: TROJ_DLENA.BE
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\lo-632622783.exe
Name: TROJ_MULP.BT
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Program Files\Common Files\Microsoft Shared\Web
Folders\ibm00001.dll
Name: TSPY_SINOWAL.GT
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Program Files\Common Files\Microsoft Shared\Web
Folders\ibm00002.dll
Name: TSPY_SINOWAL.GT
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\svchost.exe
Name: TROJ_DLOADER.LVW
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\svchost2.exe
Name: TROJ_DLOADER.LVW
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\t12eqweqw3.exe
Name: Possible_MLWR-5
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\Temp\SB1083.exe
Name: TROJ_DLOADER.NEI
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\WINDOWS\xpupdate.exe
Name: TROJ_AGENT.JAH
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\WINNT\msiau1.dll
Name: TROJ_Generic
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\WINNT\rhds.exe
Name: TROJ_AGENT.LMP
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\WINNT\smssa1.dll
Name: TROJ_AGENT.LMP
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\WINNT\system32\ldcore.dll
Name: TROJ_DLOADER.IVD
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\WINNT\system32\ldcore.dll_tobedeleted_old
Name: TROJ_DLOADER.IVD
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\WINNT\taskmgr1.dll
Name: TROJ_AGENT.LMP
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\WINNT\uvchost1.dll
Name: TROJ_AGENT.LMP
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\WINNT\winlogon1.dll
Name: TROJ_AGENT.LMP
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Found potential threat
In File: C:\xebnmeah.exe
Name: TROJ_DLOADER.IRQ
Requested action: Automatically attempt to remove potential threat from
infected file.
Results: Removal attempt failed. File still infected. See
recommendation below.

Files not scanned:
C:\Documents and Settings\Doug.HOME-FB03ED6486\Local
Settings\Application Data\Microsoft\Windows\UsrClass.dat
C:\Documents and Settings\Doug.HOME-FB03ED6486\Local
Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
C:\Documents and Settings\Doug.HOME-FB03ED6486\NTUSER.DAT
C:\Documents and Settings\Doug.HOME-FB03ED6486\ntuser.dat.LOG
C:\pagefile.sys
C:\System Volume Information
C:\WINNT\system32\config\default
C:\WINNT\system32\config\default.LOG
C:\WINNT\system32\config\SAM
C:\WINNT\system32\config\SAM.LOG
C:\WINNT\system32\config\SECURITY
C:\WINNT\system32\config\SECURITY.LOG
C:\WINNT\system32\config\software
C:\WINNT\system32\config\software.LOG
C:\WINNT\system32\config\system
C:\WINNT\system32\config\SYSTEM.ALT

8691 Executables scanned
83 Macros scanned
4506 Files inside archives scanned
15 Files that could not be scanned (files in use, encrypted
archives, etc.)
206546 Total files scanned

Recommended action:

Certain potential threats may not be automatically cleaned by this
scanner. You may still be able to manually clean these potential
threats.

If a potential threat could not be cleaned, please note its name and
look it up in our web-based virus encyclopedia at
http://www.v-com.com/virusinfo/virupedia.html. The encyclopedia will
contain additional information and help guide you through the removal of
the potential threat.

Never assume your machine is free of viruses until a complete scan of
your system reports no viruses found.

Some files could not be scanned. These files may be encrypted or in use
by either Windows or another application.

The scanner cannot scan files that are locked by Windows, but most of
these files are at a very low risk of infection. These include files
with a .log extension (or no extension at all), virtual memory files
(*.swp in Windows 95/98 or pagefile.sys in Windows NT/2000) and System
Registry files (user.dat, system.dat, ntuser.dat).

If you would like to scan these files, close all open applications,
decrypt any encrypted files, and try again. If you still cannot access
the files, use the Virus Rescue Disk to scan them.

In some cases you may need to use the Virus Rescue Disk set. The disk
set, including instructions, can be downloaded from
http://www.v-com.com/virusinfo/rescue.html. Please use a machine that
is not infected with a virus to create the disk set. Please note the
Virus Rescue Disk set is only compatible with FAT file systems. Windows
NT and operating systems that are installed on NTFS file system are
incompatible.

You may wish to boot into Safe Mode and run Deep Scan.

Try HiJackThis.

try avg,ad-aware(by lavasoft.com).i use thes e2 back to back.they find
more flup-ups than norton or mcafee put together.

oh also with trojans you MUST reformat your hard drive.

GhostRecon,

After trying other tools, and any other suggestions people may have:

if you still have DLLs which are not being disinfected, I would wipe and
reinstall.

I suppose one could boot into safe mode (or use a live CD, even a linux
live CD would work) and manually delete and replace each of the
individual infected files, if you have a clean back-up of them
somewhere... but a clean wipe and re-install is probably easier. Plus
you'll be 100% certain its gone.

Definiatelly reformat. There are ways to get rid of these probs, but the
quickest easy way is to reinstall the OS. You could spend hours tring to
pick and replace files, when you can reinstall in about an hour or
so.(not including updates and such)

you cab also do one other thing chances arer the file that is infected is your network card file seeing as though it is labeled vcom... remove your network card from your system through the software add/ remove boot up in safe mode do the scan if it doesn't find the infected file because you deleted it safely reinstall your drivers for your network card and again reboot this time normally.. you just saved yourself about 1 hours worth of work

I agree

AVG first
Then Adaware SE in "safe" mode
Hijackthis last ... if after all this fails .. reformat?

try xsoftspy, its free, then you need to find the crack but man does it work, clean everything. I love it

Is xsoftspy a anti virus? My pc is sooooooooo slow ..any slower it wouldnt be moving...help!

Im sorry Ghost.I didnt mean to take your thread...

looks like you should do the avg

and avg spyware

scans to nascar

hugz

Stop looking at so much porn?


NAH, I am only kidding. But yea if your virus protection is not deleting them, then it is either time to try a new one or reformat as much as nobody enjoys doing that.

reformat

to ease the pain

get an exturnal drive box

take that big hard drive out of yer comp

replace it with a 40 or 60 gig drive

only put your programs on it

and save everything else on the external usb 2.0 drive

then it is just a matter of reinstalling the programs

and you do not loose the important stuff

just a thought

but hey what do i know

I had closee to the same problem. I could not get rid of them . I finally went to the microsoft update and downloaded the june 2007 malisouis (sp) software removal tool. It fouond 19 infected files. I did the recommend ations. reran my virus software complete hardrive scan. It then picked up trojans and deleted them I have no problems now. From what i have found out if you download a software program ie my son dowwnloaded a spyware program that popedup and said free scan. That it was the main problem and it wanted u to buy it or your computer went very slow or would go to this web site all the time. My understanding is your security software does not pick up on a file you say it is ok to download. I had never used the mal.software tool MS puts out but it did wonders for me.. Good luck.. Miles