# C:\WINDOWS\mrofinu572.exe



## greenennifer (Jan 23, 2008)

HI,
I've tried scanning with ad-aware, ewido and bitdefender but it didn't remove it. I tried downloading Smitfraudit, but my computer wouldn't let me or allow me to download a few other anti-virus softwares (my security is on low right now). OTMoveIt said that C:\WINDOWS\mrofinu572.exe didn't exist. I tried to restore my computer, however it won't let me go past the time/day that i was infected.
When I search my computer in my docs and folders C:\WINDOWS\mrofinu572.exe comes up. Any suggestions?


----------



## tetonbob (Jan 10, 2005)

Follow the instructions in the sticky:

http://www.techsupportforum.com/f112/if-you-think-your-computer-is-infected-203704.html


----------



## greenennifer (Jan 23, 2008)

Gday again. Here is my log from the ActiveScan that I just did. Before I started the scan I got rid of Ewido and Ad Aware, however forgot about SmitfraudFix. (thanks for helping me out, I really, really appreciate it)ray:

Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\vtsqq.exe 
Virus:Trj/Downloader.SCO Disinfected Operating system 
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\vtsqq.dll 
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Jennifer Walker.D2YL5S91\Cookies\[email protected][2].txt 
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Jennifer Walker.D2YL5S91\Cookies\[email protected][2].txt 
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Jennifer Walker.D2YL5S91\Cookies\[email protected][2].txt 
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Jennifer Walker.D2YL5S91\Cookies\[email protected][2].txt 
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Jennifer Walker.D2YL5S91\Cookies\[email protected][2].txt 
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Jennifer Walker.D2YL5S91\Cookies\[email protected][1].txt 
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Jennifer Walker.D2YL5S91\Cookies\[email protected][1].txt 
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Jennifer Walker.D2YL5S91\Cookies\[email protected][2].txt 
Virus:Trj/Downloader.SCO Disinfected C:\Documents and Settings\Jennifer Walker.D2YL5S91\Local Settings\Temp\TMP20.tmp 
Potentially unwanted tool:Application/Processor Not disinfected C:\Downloads\SmitfraudFix.zip[SmitfraudFix/Process.exe] 
Virus:Trj/Rebooter.J Disinfected C:\Downloads\SmitfraudFix.zip[SmitfraudFix/Reboot.exe] 
Potentially unwanted tool:Application/SuperFast Not disinfected C:\Downloads\SmitfraudFix.zip[SmitfraudFix/restart.exe] 
Adware:Adware/DnsInsider Not disinfected C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe 
Virus:Trj/Rebooter.J Disinfected C:\Program Files\SmitfraudFix\Reboot.exe 
Potentially unwanted tool:Application/SuperFast Not disinfected C:\Program Files\SmitfraudFix\restart.exe 
Virus:Trj/Downloader.SCO Disinfected C:\WINDOWS\mrofinu.exe 
Virus:Trj/Downloader.PLF Disinfected C:\WINDOWS\system32\nGpxx01\nGpxx011065.exe


----------



## tetonbob (Jan 10, 2005)

Hi -

The idea behind the stickys is to have you create a new thread in the HijackThis Log help forum, not here. 

http://www.techsupportforum.com/forumdisplay.php?f=50

Logs are not analyzed in this forum, and we don't want them posted here.

http://www.techsupportforum.com/sec...-not-post-your-hijackthis-logs-here-span.html


Please create a new topic in the HijackThis Log Help forum, and include all the requested logs, Panda online scan, and Deckard's System Scanner.


Thanks.


----------

