Originally Posted by b19bal
this is the result
, im confused about all of this so if ya can take the time to help id like it
ya see its got that blinkara thingy on it
Quick look at your log shows the following fella !
O4 - HKLM\..\Run: [WINRUN] taskgmr.exe
Variant of W32.Mytob.R@mm Virus.
O4 - HKLM\..\Run: [WINRUN z] W1NT45K.exe
Another variant of W32.Mytob.R@mm Virus.
O4 - HKLM\..\Run: [A New Windows Updater] w32NTupdt.exe
Another variant of W32.Mytob.BM@mm
O4 - HKLM\..\Run: [NDdehsetdapter] wow123.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKLM\..\Run: [A N3w Windows Updater] w32NTupt.exe
another variant of the MYBTOB virus
O4 - HKLM\..\Run: [WIn32 Java DLLx] srtsr32.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKLM\..\Run: [Windows 32Bit Fixer] bilankara.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKLM\..\RunServices: [MSN service] mslima.exe
Spyware/malaware
REMOVE
O4 - HKLM\..\RunServices: [Video Process] yejpnjd.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKLM\..\RunServices: [WINRUN z] W1NT45K.exe
Variant of the W32.Mytob.BL@mm virus
O4 - HKLM\..\RunServices: [A New Windows Updater] w32NTupdt.exe
Variant of the W32.Mytob.BL@mm virus
O4 - HKLM\..\RunServices: [NDdehsetdapter] wow123.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKLM\..\RunServices: [A N3w Windows Updater] w32NTupt.exe
Variant of the W32.Mytob.BL@mm virus
O4 - HKLM\..\RunServices: [WIn32 Java DLLx] srtsr32.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKLM\..\RunServices: [Windows 32Bit Fixer] bilankara.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKLM\..\RunOnce: [Windows 32Bit Fixer] bilankara.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKLM\..\RunOnce: [NDdehsetdapter] wow123.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKCU\..\Run: [Windows 32Bit Fixer] bilankara.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKCU\..\Run: [ZEs3RWJ7i] mindexts.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKCU\..\Run: [WINRUN] taskgmr.exe
Variant of W32.Mytob.R@mm Virus.
O4 - HKCU\..\Run: [WINRUN z] W1NT45K.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKCU\..\Run: [A New Windows Updater] w32NTupdt.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKCU\..\Run: [NDdehsetdapter] wow123.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKCU\..\Run: [A N3w Windows Updater] w32NTupt.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKCU\..\RunOnce: [NDdehsetdapter] wow123.exe
Unsure, probably randomly generated filename for the MYTOB virus
O4 - HKCU\..\RunOnce: [Windows 32Bit Fixer] bilankara.exe
Unsure, probably randomly generated filename for the MYTOB virus
O23 - Service: NT login service (ntlogin32) - Unknown owner - C:\WINDOWS\System32\libsysmgr.exe (file missing)
SDBot Worm. Remove this entry.
I would say you have the MYTOB Virus !
Here’s how to remove it…. Use this removal tool.
http://securityresponse.symantec.com...oval.tool.html
First turn off system restore (if you have ME or XP)
http://service1.symantec.com/SUPPORT...rc=sec_doc_nam
Follow the instructions on the above page and then turn System Restore back on. It’s actually not as bad as it looks as I can only see one infection, just a lot of variants of it !
Enjoy.………….. sort of !