Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: tr/unpacked.gen trojan  (Read 5552 times)

0 Members and 1 Guest are viewing this topic.

nuttynibbles

    Topic Starter


    Rookie

    tr/unpacked.gen trojan
    « on: March 21, 2009, 12:25:14 PM »
    hi,

    i got free avira anti-virus installed. recently it detected tr/unpacked.gen trojan in C:/windows/temp/00001763.exe and i always choose to quarantine it. i realised that each time i quarantine, a new file reappear n avira will prompt. i need to know where to find the source of this trojan/virus..

    the thing is that, i scan it with the free online scanner from kaspersky, it detected nothing. apparently it is recommended to have high detection rate.

    what should i do?? thanks..
    Logged

    evilfantasy

    • Malware Removal Specialist
    • Moderator


      • Genius
    • Calm like a bomb
      • Thanked: 493
    • Experience: Experienced
    • OS: Windows 11
    Re: tr/unpacked.gen trojan
    « Reply #1 on: March 21, 2009, 01:24:08 PM »
    Download from DDS by sUBs and save it to your Desktop.

    Vista users. Right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

    * Double click on dds to run it.
    * When done, DDS.txt will open.
    * You will receive another prompt after a while. Click Yes at the prompt and for the next scan to complete.
    * When done, Attach.txt will open.
    * Please copy and paste the contents of DDS.txt and Attach.txt in your next reply.
    Logged

    nuttynibbles

      Topic Starter


      Rookie

      Re: tr/unpacked.gen trojan
      « Reply #2 on: March 21, 2009, 01:42:05 PM »
      Attach.txt

      UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
      IF REQUESTED, ZIP IT UP & ATTACH IT

      DDS (Ver_09-03-16.01)

      Microsoft Windows XP Professional
      Boot Device: \Device\HarddiskVolume1
      Install Date: 12/28/2006 11:29:01 AM
      System Uptime: 3/21/2009 1:03:47 PM (14 hours ago)

      Motherboard: TOSHIBA |  | Portable PC
      Processor:         Intel(R) Pentium(R) M processor 1400MHz | IC1005 | 1396/100mhz

      ==== Disk Partitions =========================

      C: is FIXED (NTFS) - 19 GiB total, 2.806 GiB free.
      D: is FIXED (NTFS) - 14 GiB total, 11.176 GiB free.
      E: is FIXED (NTFS) - 5 GiB total, 4.715 GiB free.
      F: is CDROM ()

      ==== Disabled Device Manager Items =============

      ==== System Restore Points ===================

      No restore point in system.

      ==== Installed Programs ======================

      Adobe Bridge 1.0
      Adobe Common File Installer
      Adobe Flash Player 10 ActiveX
      Adobe Flash Player 10 Plugin
      Adobe Help Center 1.0
      Adobe Photoshop CS2
      Adobe Reader 8.1.3
      Adobe Shockwave Player
      Adobe Stock Photos 1.0
      Apple Mobile Device Support
      Apple Software Update
      Audacity 1.2.4
      AVG 7.5
      Avira AntiVir Personal - Free Antivirus
      Big Fish Games Client
      BitComet 0.99
      Bitvise Tunnelier 4.28 (remove only)
      Bluetooth Stack for Windows by Toshiba
      Bonjour
      Butterfly Escape
      CCleaner (remove only)
      CD/DVD Drive Acoustic Silencer
      Compatibility Pack for the 2007 Office system
      Critical Update for Windows Media Player 11 (KB959772)
      Diner Dash 2
      Drag'n Drop CD+DVD
      DVD-RAM Driver
      EPSON Printer Software
      Google Chrome
      Hotfix for Windows Internet Explorer 7 (KB947864)
      Hotfix for Windows Media Format 11 SDK (KB929399)
      Hotfix for Windows Media Player 11 (KB939683)
      Hotfix for Windows XP (KB952287)
      Intel(R) Extreme Graphics Driver
      Intel(R) PRO Network Adapters and Drivers
      InterVideo WinDVD 4
      iTunes
      Java 2 Runtime Environment, SE v1.4.2
      Java(TM) 6 Update 3
      Java(TM) 6 Update 5
      LimeWire 4.12.6
      LiveUpdate 2.6 (Symantec Corporation)
      Macromedia Contribute 3.11
      Macromedia Dreamweaver 8
      Macromedia Extension Manager
      Macromedia Fireworks 8
      Macromedia Flash 8
      Macromedia Flash 8 Video Encoder
      Microsoft .NET Compact Framework 1.0 SP3 Developer
      Microsoft .NET Compact Framework 2.0
      Microsoft .NET Framework 1.1
      Microsoft .NET Framework 1.1 Hotfix (KB928366)
      Microsoft .NET Framework 2.0 Service Pack 1
      Microsoft Compression Client Pack 1.0 for Windows XP
      Microsoft Device Emulator version 1.0 - ENU
      Microsoft Document Explorer 2005
      Microsoft Internationalized Domain Names Mitigation APIs
      Microsoft National Language Support Downlevel APIs
      Microsoft Office OneNote 2003
      Microsoft Office Professional Edition 2003
      Microsoft SQL Server 2005
      Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
      Microsoft SQL Server 2005 Mobile [ENU] Developer Tools
      Microsoft SQL Server 2005 Tools Express Edition
      Microsoft SQL Server Native Client
      Microsoft SQL Server Setup Support Files (English)
      Microsoft SQL Server VSS Writer
      Microsoft User-Mode Driver Framework Feature Pack 1.0
      Microsoft Visual C++ 2005 Redistributable
      Microsoft Visual J# 2.0 Redistributable Package
      Microsoft Visual Studio 2005 Professional Edition - ENU
      Microsoft Visual Studio 6.0 Enterprise Edition
      Microsoft Web Publishing Wizard 1.53
      MobileMe Control Panel
      Mozilla Firefox (3.0.7)
      MSXML 4.0 SP2 (KB936181)
      MSXML 4.0 SP2 (KB954430)
      MSXML 6.0 Parser (KB933579)
      MultipleIEs
      Notepad++
      PC Inspector smart recovery
      PDFCreator
      PopCap Browser Plugin
      PSPad editor
      Quest Software Toad for MySQL Freeware 4.1
      QuickTime
      RealPlayer
      Safari
      Satisfashion
      Security Update for CAPICOM (KB931906)
      Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB925674)
      Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB937060)
      Security Update for Step By Step Interactive Training (KB898458)
      Security Update for Step By Step Interactive Training (KB923723)
      Security Update for Windows Internet Explorer 7 (KB928090)
      Security Update for Windows Internet Explorer 7 (KB929969)
      Security Update for Windows Internet Explorer 7 (KB931768)
      Security Update for Windows Internet Explorer 7 (KB933566)
      Security Update for Windows Internet Explorer 7 (KB937143)
      Security Update for Windows Internet Explorer 7 (KB938127)
      Security Update for Windows Internet Explorer 7 (KB939653)
      Security Update for Windows Internet Explorer 7 (KB942615)
      Security Update for Windows Internet Explorer 7 (KB944533)
      Security Update for Windows Internet Explorer 7 (KB950759)
      Security Update for Windows Internet Explorer 7 (KB953838)
      Security Update for Windows Internet Explorer 7 (KB956390)
      Security Update for Windows Internet Explorer 7 (KB958215)
      Security Update for Windows Internet Explorer 7 (KB960714)
      Security Update for Windows Internet Explorer 7 (KB961260)
      Security Update for Windows Media Player (KB911564)
      Security Update for Windows Media Player (KB952069)
      Security Update for Windows Media Player 11 (KB936782)
      Security Update for Windows Media Player 11 (KB954154)
      Security Update for Windows Media Player 6.4 (KB925398)
      Security Update for Windows Media Player 9 (KB917734)
      Security Update for Windows Media Player 9 (KB936782)
      Security Update for Windows XP (KB923689)
      Security Update for Windows XP (KB938464)
      Security Update for Windows XP (KB941569)
      Security Update for Windows XP (KB946648)
      Security Update for Windows XP (KB950760)
      Security Update for Windows XP (KB950762)
      Security Update for Windows XP (KB950974)
      Security Update for Windows XP (KB951066)
      Security Update for Windows XP (KB951376-v2)
      Security Update for Windows XP (KB951376)
      Security Update for Windows XP (KB951698)
      Security Update for Windows XP (KB951748)
      Security Update for Windows XP (KB952954)
      Security Update for Windows XP (KB953155)
      Security Update for Windows XP (KB953839)
      Security Update for Windows XP (KB954211)
      Security Update for Windows XP (KB954459)
      Security Update for Windows XP (KB954600)
      Security Update for Windows XP (KB955069)
      Security Update for Windows XP (KB956391)
      Security Update for Windows XP (KB956802)
      Security Update for Windows XP (KB956803)
      Security Update for Windows XP (KB956841)
      Security Update for Windows XP (KB957095)
      Security Update for Windows XP (KB957097)
      Security Update for Windows XP (KB958644)
      Security Update for Windows XP (KB958687)
      Security Update for Windows XP (KB958690)
      Security Update for Windows XP (KB960225)
      Security Update for Windows XP (KB960715)
      SingTel SmartFix
      SmartFix
      Sony Media Manager for PSP 2.5
      SoundMAX
      SpongeBob SquarePants Diner Dash
      Spyware Terminator
      SUPERAntiSpyware Free Edition
      Symantec AntiVirus
      Synaptics Pointing Device Driver
      TOSHIBA ConfigFree
      TOSHIBA Console
      TOSHIBA Controls
      Toshiba Hotkey Utility for Display Devices
      TOSHIBA Power Saver
      TOSHIBA SD Memory Card Format
      TOSHIBA Software Modem
      TOSHIBA TouchPad On/Off Utility V2.05.00
      TOSHIBA Utilities
      UltraEdit v14.00a
      Update for Windows XP (KB951072-v2)
      Update for Windows XP (KB951978)
      Update for Windows XP (KB955839)
      Update for Windows XP (KB967715)
      VideoLAN VLC media player 0.8.6c
      WampServer 2.0
      WebFldrs XP
      Windows Genuine Advantage Notifications (KB905474)
      Windows Genuine Advantage Validation Tool (KB892130)
      Windows Internet Explorer 7
      Windows Live installer
      Windows Live Messenger
      Windows Live OneCare safety scanner
      Windows Live Sign-in Assistant
      Windows Media Format 11 runtime
      Windows Media Player 11
      Windows XP Service Pack 3
      WinRAR archiver
      Wireless Hotkey
      Yahoo! Messenger

      ==== End Of File ===========================

      DDS.txt


      DDS (Ver_09-03-16.01) - NTFSx86 
      Run by sereneloo at  3:33:16.08 on Sun 03/22/2009
      Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_05
      Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1263.395 [GMT 8:00]

      AV: AVG 7.5.557 *On-access scanning enabled* (Updated)
      AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)
      AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)

      ============== Running Processes ===============

      C:\WINDOWS\system32\svchost -k DcomLaunch
      svchost.exe
      C:\WINDOWS\System32\svchost.exe -k netsvcs
      svchost.exe
      svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      C:\Program Files\Symantec AntiVirus\DefWatch.exe
      C:\WINDOWS\System32\DVDRAMSV.exe
      C:\Program Files\Common Files\Motive\McciCMService.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Symantec AntiVirus\SavRoam.exe
      C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      C:\Program Files\Spyware Terminator\sp_rsser.exe
      C:\WINDOWS\System32\igfxtray.exe
      C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
      C:\WINDOWS\System32\00THotkey.exe
      C:\WINDOWS\system32\TFNF5.exe
      C:\WINDOWS\System32\svchost.exe -k imgsvc
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
      C:\WINDOWS\system32\TPSMain.exe
      C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
      C:\WINDOWS\System32\ezSP_Px.exe
      C:\WINDOWS\LTSMMSG.exe
      C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      C:\PROGRA~1\SYMANT~1\VPTray.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\Program Files\SmartFix\bin\McciTrayApp.exe
      C:\WINDOWS\system32\TPSBattM.exe
      C:\Program Files\Symantec AntiVirus\Rtvscan.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\Common Files\Real\Update_OB\realsched.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
      C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Documents and Settings\sereneloo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\system32\RAMASST.exe
      C:\Program Files\SmartFix\bin\MotiveBrowser.exe
      C:\Program Files\SmartFix\bin\MotiveBrowser.exe
      C:\Program Files\SmartFix\bin\MotiveBrowser.exe
      C:\WINDOWS\system32\mdm.exe
      C:\WINDOWS\system32\inetsrv\inetinfo.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
      D:\chriz\App\dds.pif

      ============== Pseudo HJT Report ===============

      uStart Page = about:blank
      uSearch Page = hxxp://www.google.com
      uSearch Bar = hxxp://www.google.com/ie
      mSearch Page = hxxp://www.google.com
      mStart Page = about:blank
      uInternet Settings,ProxyOverride = 127.0.0.1;*.local
      uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
      BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
      BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
      BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.2.1.2.dll
      BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
      BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
      BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
      TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
      EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
      uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
      uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
      uRun: [Google Update] "c:\documents and settings\sereneloo\local settings\application data\google\update\GoogleUpdate.exe" /c
      uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
      mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
      mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
      mRun: [PmProxy] c:\program files\analog devices\soundmax\PmProxy.exe
      mRun: [00THotkey] c:\windows\system32\00THotkey.exe
      mRun: [000StTHK] 000StTHK.exe
      mRun: [TFNF5] TFNF5.exe
      mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
      mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
      mRun: [TouchED] c:\program files\toshiba\touched\TouchED.Exe
      mRun: [TPSMain] TPSMain.exe
      mRun: [TosHKCW.exe] "c:\program files\toshiba\wireless hotkey\TosHKCW.exe"
      mRun: [ezShieldProtector for Px] c:\windows\system32\ezSP_Px.exe
      mRun: [LTSMMSG] LTSMMSG.exe
      mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
      mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
      mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"
      mRun: [singtelTrayApp] "c:\program files\smartfix\bin\McciTrayApp.exe"
      mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
      mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
      mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
      mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
      mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe"  -osboot
      mRun: [SingTel_McciTrayApp] c:\program files\singtel\McciTrayApp.exe
      mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
      dRun: [AVG7_Run] c:\progra~1\grisoft\avg7\avgw.exe /RUNONCE
      StartupFolder: c:\docume~1\serene~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
      StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE
      StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
      IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
      IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
      IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
      IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
      IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.2.1.2.dll/206
      IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
      IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
      IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
      IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
      DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
      DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Supercow/Images/stg_drm.ocx
      DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
      DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-chocolatier/ChocolatierWeb.1.0.0.13.cab
      DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} - hxxps://npsdmail4.np.edu.sg/iNotes6W.cab
      DPF: {47CEF84E-92D8-4C4A-86D7-CB982889DCC0} - hxxp://mp1.mplay.oberon-media.com/client/flashnet.cab
      DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
      DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
      DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-US/a-_UNO/GAME_UNO1.cab
      DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167290453738
      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
      DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
      DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-delicious-deluxe/zylomgamesplayer.cab
      DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
      DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
      DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
      DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
      DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Supercow/Images/armhelper.ocx
      DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://npsdmail4.np.edu.sg/dwa7W.cab
      DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
      Notify: igfxcui - igfxsrvc.dll
      Notify: NavLogon - c:\windows\system32\NavLogon.dll
      SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
      SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

      ================= FIREFOX ===================

      FF - ProfilePath - c:\docume~1\serene~1\applic~1\mozilla\firefox\profiles\1q2ibpwb.default\
      FF - prefs.js: browser.startup.homepage - hxxp://steeztrend.com/
      FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
      FF - plugin: c:\documents and settings\sereneloo\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll
      FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll

      ============= SERVICES / DRIVERS ===============

      R1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys [2007-11-20 821856]
      R1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys [2007-11-20 4224]
      R1 Avg7RsXP;AVG7 Resident Driver XP;c:\windows\system32\drivers\avg7rsxp.sys [2007-11-20 27776]
      R1 AvgClean;AVG7 Clean Driver;c:\windows\system32\drivers\avgclean.sys [2007-11-20 10760]
      R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2009-3-9 11840]
      R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-2-17 8944]
      R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-2-17 55024]
      R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2005-2-4 324232]
      R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2005-2-4 53896]
      R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2007-10-7 141312]
      R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2009-3-9 68865]
      R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2009-3-9 151297]
      R2 Avg7Alrt;AVG7 Alert Manager Server;c:\progra~1\grisoft\avg7\avgamsvr.exe [2007-11-20 418816]
      R2 Avg7UpdSvc;AVG7 Update Service;c:\progra~1\grisoft\avg7\avgupsvc.exe [2007-11-20 49664]
      R2 AVGEMS;AVG E-mail Scanner;c:\progra~1\grisoft\avg7\avgemc.exe [2007-11-20 406528]
      R2 AvgTdi;AVG Network Redirector;c:\windows\system32\drivers\avgtdi.sys [2007-11-20 4960]
      R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2005-6-2 185968]
      R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2005-6-2 161392]
      R2 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2005-6-23 124608]
      R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2005-6-23 1715904]
      R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2009-3-9 52032]
      R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090320.003\naveng.sys [2009-3-21 89104]
      R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090320.003\navex15.sys [2009-3-21 876144]
      R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-2-17 7408]
      S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2005-6-2 83568]
      S4 msvsmon80;Visual Studio 2005 Remote Debugger;d:\programs\common7\ide\remote debugger\x86\msvsmon.exe [2005-9-23 2799808]

      =============== Created Last 30 ================

      2009-03-22 03:06   <DIR>   --d-----   c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
      2009-03-22 03:06   <DIR>   --d-----   c:\program files\SUPERAntiSpyware
      2009-03-22 03:06   <DIR>   --d-----   c:\docume~1\serene~1\applic~1\SUPERAntiSpyware.com
      2009-03-19 22:30   <DIR>   --d-----   c:\program files\CCleaner
      2009-03-10 23:17   0   a-------   C:\LOG14D.tmp
      2009-03-10 20:26   0   a-------   C:\LOGF3.tmp
      2009-03-09 23:29   <DIR>   --d-----   c:\program files\Avira
      2009-03-09 23:29   <DIR>   --d-----   c:\docume~1\alluse~1\applic~1\Avira
      2009-03-09 22:46   0   a-------   C:\LOG108.tmp
      2009-03-08 22:04   0   a-------   C:\LOGF7.tmp
      2009-03-07 10:09   0   a-------   C:\LOGD0.tmp
      2009-03-02 19:52   0   a-------   C:\LOGBE.tmp
      2009-03-01 21:01   0   a-------   C:\LOGA1.tmp
      2009-02-24 21:34   0   a-------   C:\LOG80.tmp
      2009-02-23 20:31   0   a-------   C:\LOG7D.tmp
      2009-02-22 21:15   <DIR>   --d-----   c:\docume~1\serene~1\applic~1\Software
      2009-02-22 21:14   <DIR>   --d-----   c:\program files\Quest Software
      2009-02-22 21:14   <DIR>   --d-----   c:\program files\common files\Quest Shared
      2009-02-22 21:10   0   a-------   C:\LOG71.tmp

      ==================== Find3M  ====================

      2009-02-22 21:13   161   a-------   c:\program files\INSTALL.LOG
      2009-02-09 19:13   1,846,784   a-------   c:\windows\system32\win32k.sys
      2008-11-02 01:22   1,851,544   a-------   c:\program files\install_flash_player(2).exe
      2008-10-25 12:35   28,868,320   a-------   c:\program files\FileFormatConverters.exe
      2008-08-09 16:01   1,495,112   a-------   c:\program files\install_flash_player.exe
      2008-07-06 01:32   0   a-------   c:\program files\temp01
      2008-07-03 23:43   7,496,920   a-------   c:\program files\Firefox Setup 3.0.exe
      2008-06-15 15:32   23,766,320   a-------   c:\program files\QuickTimeInstaller.exe
      2008-02-12 00:11   33,016,248   a-------   c:\program files\mediamanager2.5_setup.exe
      2007-10-31 20:40   51,422,520   a-------   c:\program files\iTunes743Setup.exe
      2007-10-07 20:41   10,378,944   a-------   c:\program files\SpywareTerminatorSetup.exe
      2007-08-11 00:48   7,649,240   a-------   c:\program files\Windows-KB890830-V1.31.exe
      2007-08-11 00:47   1,266,056   a-------   c:\program files\WindowsXP-KB927891-v3-x86-ENU.exe
      2007-05-27 23:24   21,822,168   a-------   c:\program files\AdbeRdr80_en_US.exe
      2007-05-18 11:39   473,664   a-------   c:\program files\msgr8sg.exe
      2007-01-29 12:20   20,193,072   a-------   c:\program files\SkypeSetup.exe
      2007-01-24 20:27   359,112   a-------   c:\program files\LimeWireWin.exe
      2006-12-28 19:30   820,875   a-------   c:\program files\setup.exe
      2006-12-28 14:57   16,332,072   a-------   c:\program files\Install_Messenger_nous.exe
      2008-09-12 03:14   32,768   a--sh---   c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008091220080913\index.dat

      ============= FINISH:  3:34:34.82 ===============
      Logged

      evilfantasy

      • Malware Removal Specialist
      • Moderator


        • Genius
      • Calm like a bomb
        • Thanked: 493
      • Experience: Experienced
      • OS: Windows 11
      Re: tr/unpacked.gen trojan
      « Reply #3 on: March 21, 2009, 01:51:01 PM »
      Go to Add or Remove Programs and uninstall:
      • AVG 7.5
      • LiveUpdate 2.6 (Symantec Corporation)
      • Symantec AntiVirus
      .
      ----------

      Download the Norton Removal Tool (SymNRT) to your Desktop.

      Once downloaded please close ALL open browsers, also save any work because this may require a restart.
      • Go to your desktop and double click on the removal tool and then click Setup.
      • Once open Click Next
      • Accept the license agreement and click Next
      • Type in the letters/numbers that you see into the text box then click Next.
      • Then click Next and the tool will start running.
      • Once finished restart the PC.
      • Delete Nortonremoval tool from your Desktop.
      .
      ----------

      Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

      Link #1
      Link #2

      **Note:  It is important that it is saved directly to your Desktop

      Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

      Temporarily disable your antivirus, and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
       
      Double click combofix.exe & follow the prompts.
      When finished ComboFix will produce a log for you.
      Post the ComboFix log in your next reply.

      Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

      Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

      If you have problems with ComboFix usage, see How to use ComboFix

      ----------

      Now run a new DDS scan and post the new DDS.txt log only, I won't need the Attach log.
      Logged

      nuttynibbles

        Topic Starter


        Rookie

        Re: tr/unpacked.gen trojan
        « Reply #4 on: March 23, 2009, 07:10:18 AM »
        sorry i haven reply for a couple of days. fell asleep that night ;D btw the computer is not with me now. i would reply again once i do ur instructions. thanks
        Logged
        Pages: [1]   Go Up
        « previous next »