I was installing and uninstalling trying different antivirus programs and no longer have the avast log, unless if it’s still stored in some folder. I tried spydoctor, avg, avast … i think spydoc caught 22 infected files, and i took a picture of the avg, and avast found 5 or so including rootkit.
http://i118.photobucket.com/albums/o106/dakapx/viruslist-1.jpg
Here is the log for a quick scan using superantispy in safe mode:
tiSpyware Scan Log
http://www.superantispyware.com
Generated 10/31/2008 at 04:43 PM
Application Version : 4.21.1004
Core Rules Database Version : 3618
Trace Rules Database Version: 1603
Scan type : Quick Scan
Total Scan Time : 00:12:11
Memory items scanned : 159
Memory threats detected : 0
Registry items scanned : 337
Registry threats detected : 0
File items scanned : 6450
File threats detected : 2
Trojan.Dropper/Gen
C:\DOCUMENTS AND SETTINGS\J\LOCAL SETTINGS\TEMP\129.TMP
C:\DOCUMENTS AND SETTINGS\J\LOCAL SETTINGS\TEMP\12A.TMP
And I ran mbam earlier in normal xp mode:
Malwarebytes’ Anti-Malware 1.30
Database version: 1348
Windows 5.1.2600 Service Pack 2
10/31/2008 3:32:23 PM
mbam-log-2008-10-31 (15-32-23).txt
Scan type: Quick Scan
Objects scanned: 67780
Time elapsed: 6 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 11
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\J\Local Settings\Temp\111.tmp (Spyware.Passwords) → Quarantined and deleted successfully.
C:\Documents and Settings\J\Local Settings\Temp\11F.tmp (Spyware.Passwords) → Quarantined and deleted successfully.
C:\Documents and Settings\J\Local Settings\Temp\121.tmp (Spyware.Passwords) → Quarantined and deleted successfully.
C:\Documents and Settings\J\Local Settings\Temp\124.tmp (Spyware.Passwords) → Quarantined and deleted successfully.
C:\WINDOWS\k.txt (Trojan.FakeAlert) → Quarantined and deleted successfully.
C:\Documents and Settings\J\Start Menu\Search Online.url (Rogue.Link) → Quarantined and deleted successfully.
C:\Documents and Settings\J\Start Menu\VIP Casino.url (Rogue.Link) → Quarantined and deleted successfully.
C:\Documents and Settings\J\Start Menu\Cheap Pharmacy Online.url (Rogue.Link) → Quarantined and deleted successfully.
C:\WINDOWS\Temp\tempo-A95.tmp (Trojan.FakeAlert) → Quarantined and deleted successfully.
C:\Documents and Settings\J\Local Settings\Temp\myconfig.php (Trojan.FakeAlert) → Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSxekj.dll (Rootkit.Agent) → Quarantined and deleted successfully.