Darksma spyware removal

I couldnt get it in a link so I had to paste it.
BitDefender Online Scanner







Scan report generated at: Fri, Aug 01, 2008 - 19:46:16









Scan path: C:\;D:\;















Statistics

Time


01:30:18

Files


374675

Folders


14469

Boot Sectors


4

Archives


5494

Packed Files


26561







Results

Identified Viruses


7

Infected Files


15

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


15







Engines Info

Virus Definitions


1412813

Engine build


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins


16

Archive plugins


43

Unpack plugins


7

E-mail plugins


6

System plugins


5







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Documents and Settings\Danny Lee\My Documents\My Videos\Setup.exe


Detected with: Adware.Zango.V

C:\Documents and Settings\Danny Lee\My Documents\My Videos\Setup.exe


Deleted

C:\Downloads\SpongeBobDDGESetup-dm[1].exe


Detected with: Adware.Trymedia.B.2

C:\Downloads\SpongeBobDDGESetup-dm[1].exe


Deleted

C:\Program Files\Real\RealArcade\GoogleInstApp.exe


Infected with: Trojan.Generic.105811

C:\Program Files\Real\RealArcade\GoogleInstApp.exe


Deleted

C:\Program Files\Real\RealArcade\Setup\setup_rac.exe=>(Embedded EXE o)


Infected with: Trojan.Generic.105811

C:\Program Files\Real\RealArcade\Setup\setup_rac.exe=>(Embedded EXE o)


Deleted

C:\Program Files\Real\RealArcade\Setup\setup_rac.exe


Update failed

C:\Program Files\SpongeBob SquarePants Diner Dash\bfgt_silent_en.exe=>(CAB Sfx r)=>nickarcade.dll


Infected with: Trojan.Delf.EZ

C:\Program Files\SpongeBob SquarePants Diner Dash\bfgt_silent_en.exe=>(CAB Sfx r)=>nickarcade.dll


Deleted

C:\Program Files\SpongeBob SquarePants Diner Dash\bfgt_silent_en.exe=>(CAB Sfx r)


Update failed

C:\QooBox\Quarantine\C\WINDOWS\system32\dDspopPH.dll.vir


Infected with: Trojan.Vundo.FBB

C:\QooBox\Quarantine\C\WINDOWS\system32\dDspopPH.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\dDspopPH.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\faqalukr.dll.vir


Infected with: Trojan.Vundo.FCF

C:\QooBox\Quarantine\C\WINDOWS\system32\faqalukr.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\faqalukr.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ftcuppws.dll.vir


Infected with: Trojan.Vundo.FCF

C:\QooBox\Quarantine\C\WINDOWS\system32\ftcuppws.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ftcuppws.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\lJawvtRi.dll.vir


Infected with: Trojan.Vundo.FBB

C:\QooBox\Quarantine\C\WINDOWS\system32\lJawvtRi.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\lJawvtRi.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\ljJBtssr.dll.vir


Infected with: Trojan.Vundo.FBB

C:\QooBox\Quarantine\C\WINDOWS\system32\ljJBtssr.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\ljJBtssr.dll.vir


Deleted

C:\QooBox\Quarantine\C\WINDOWS\system32\opnLEvtt.dll.vir


Infected with: Trojan.Vundo.FBB

C:\QooBox\Quarantine\C\WINDOWS\system32\opnLEvtt.dll.vir


Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\opnLEvtt.dll.vir


Deleted

C:\QooBox\Quarantine\catchme2008-07-26_ 10215.32.zip=>lJawvtRi.dll


Infected with: Trojan.Vundo.FBB

C:\QooBox\Quarantine\catchme2008-07-26_ 10215.32.zip=>lJawvtRi.dll


Disinfection failed

C:\QooBox\Quarantine\catchme2008-07-26_ 10215.32.zip=>lJawvtRi.dll


Deleted

C:\QooBox\Quarantine\catchme2008-07-26_ 10215.32.zip


Updated

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP2\A0000272.exe


Infected with: Trojan.Retapu.D

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP2\A0000272.exe


Disinfection failed

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP2\A0000272.exe


Deleted

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP2\A0000321.exe


Detected with: Adware.Trymedia.B.2

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP2\A0000321.exe


Deleted

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP2\A0000322.exe


Infected with: Trojan.Generic.105811

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP2\A0000322.exe


Deleted

forgot to run the hj log after deleteing file in safe mode. here it is

your log looks clean

How is your computer running

TrendMicro™ HouseCall Java Scan

• Please go HERE to run the Trend Micro™ HouseCall Scan.
• Click Scan now. It's free!
• Read and put a Check next to Yes I accept the terms of use.
• Click the Launching HouseCall>> button.
• Under Using Java-based HouseCall kernel click the Starting HouseCall>> button.
• You may receive a Security Warning about the TrendMicro Java applet, click YES.
• Under Scan complete computer for malware, grayware, and vulnerabilities click the Next>> button.
• Please be patient while it installs, updates, and scans your system.
• Once the scan is complete, it will take you to the summary page.
• Under Cleanup options, choose clean all detected infections automatically.
• Click the Clean now>> button.
• If anything was found you may be prompted to run the scan again, you can just close the browser window.

Hi, My computer seems to be working ok. I tried to run TrendMico. I clicked on launch house call and the page opens but will not load.

My computer still seems to be working ok but my ca antivirus is poping up a virus alert when I run my spyware program. here is the alert
C:\System Volume Information Win32/Vundo.ASU

Clear system restore points

• 
  Clear your existing system restore points and establish a new clean restore point:
  • Go to Start > All Programs > Accessories > System Tools > System Restore
  • Select Create a restore point, and Ok it.
  • Next, go to Start > Run and type in cleanmgr
  • Select the More options tab
  • Choose the option to clean up system restore and OK it.
  This will remove all restore points except the new one you just created.

Update your java then try to tun the scan again

Update your Java Runtime Environment

First try going to Start -> Control Panel -> double click Java
Select the Update Tab at the top of the Java console
Click the Check for Updates button at the bottom
If it finds the newer version (Java 6 Update 7) Follow the on screen instructions (uncheck the yahoo toolbar option)
After it installs the newest version Go back to Control Panel -> Add/remove programs (programs and features in vista)
Uninstall any older versions of Java

If for some reason you couldn't update through the above instructions.
Update your Java Runtime Environment
Click the following link
Java Runtime Environment 6 Update 7
The 5th option down is the one you want (click Download)
Check the box to agree to terms of service
Check the box for your operating system and click 'Download selected'at the bottom
After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_07 folder

What link?

I have updated my java and set my security stting to medium. I also disabled my firewall. figured that was stopping it but it wasn't. the Trend Micro still wan't load for some reason.

ok then try this one

Please go HERE to run Panda's TotalScan

• Select the bubble for Full scan
• It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
• Then the scan will begin
• When the scan completes, click the Save button on the right of Scan details
• Save it to a convenient location. Post the contents of the TotalScan report

The link for panda totalscan you posted says
An error occurred while processing your request.
Reference #97.a6fc8d5.1217780545.349a935

Panda Online Scan

• Please visit Panda Online Scanner
• Click on "Scan your PC".
• A new browser window will open with Panda ActiveScan.
• Click the big "Check Now" button
• Enter your Country, State/Province, e-mail address and click send
• Select either Home User or Company
• Click the big Scan Now button
• If it wants to install an ActiveX component allow it

Note: If this is the first time you scanned your PC, you´ll have to download the ActiveX controls (8 MB). The time it takes to download these can vary depending on your connection

• Click on "Local Disks" to start the scan
• Save the log file to your desktop

here is the log for panda

I would run this - then daniel can help you remove any leftovers that it misses

SuperAntiSpyware Home Edition Free Version

• Please download SuperAntiSpyware from HERE
• Launch SuperAntiSpyware and click on 'Check for updates'.
• Wait for the updates to be installed
• On the main screen click on 'Scan your computer'.
• Check: 'Perform Complete Scan then Click 'Next' to start the scan.
• Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
• Make sure everything found has a checkmark next to it,then press 'Next'.
• Click on 'Finish' when you've done.
  
  It's possible that the program will ask you to reboot in order to delete some files.
  
  Obtain the SuperAntiSpyware log as follows:
  Click on 'Preferences'.
  Click on the 'Statistics/Logs' tab.
  Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
  It will then open in your default text editor,such as Notepad.
  Attach the notepad file here on your reply

here is the SuperAntiSpyware log.

On IE the windows are freezing and takes along time for them to close out.

This will not hurt the support being offered

How to use Reset Internet Explorer Settings (RIES)

To use RIES in Internet Explorer 7, follow these steps:

1. Click the Tools menu, and then click Internet Options.
2. On the Advanced tab, click Reset.
3. In the Reset Internet Explorer Settings dialog box, click Reset.
4. When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times.
5. Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7.

Note for users who cannot start Internet Explorer 7 for some reason, use RIES from Internet Options in Control Panel.

Please let me know if it helped.

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only

• 
  Double-click ATF-Cleaner.exe to run the program.
  Under Main choose: Select All
  Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

• Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Then post a fresh hijackthis log

Ok ran the ATF Cleaner. Here is the HJ Log. Thanks

I'd remove zeropop program
Also RIES not run
But xxdanielxx is more knowledgable on this, I just like IE all clean