Welcome Guest ( Log In | Register )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.
      
 
 Closed TopicStart new topic
Browser and Desktop hijacked [RESOLVED], browser/desktop
panzer503
post Jun 30 2005, 04:24 PM
Post #1


Member
**
Posts: 19
OS: XP
Hello.

Both my browser and my desktop have been hijacked. Ive removed the games from system32 file. But cant get my desktop/browser up again. Currently useing Opera. Heres a copy of my Adware log.


Ad-Aware SE Build 1.06r1
Logfile Created on:Thursday, June 30, 2005 3:28:37 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R52 30.06.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SpywareNo(TAC index:7):10 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R47 24.05.2005
Internal build : 55
File location : C:\PROGRA~1\Lavasoft\AD-AWA~1\defs.ref
File size : 476246 Bytes
Total size : 1439523 Bytes
Signature data size : 1408291 Bytes
Reference data size : 30720 Bytes
Signatures total : 40174
CSI Fingerprints total : 886
CSI data size : 30371 Bytes
Target categories : 15
Target families : 679

6-30-2005 2:43:17 PM Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R52 30.06.2005
Internal build : 60
File location : C:\PROGRA~1\Lavasoft\AD-AWA~1\defs.ref
File size : 485588 Bytes
Total size : 1468054 Bytes
Signature data size : 1436270 Bytes
Reference data size : 31272 Bytes
Signatures total : 40920
CSI Fingerprints total : 919
CSI data size : 31888 Bytes
Target categories : 15
Target families : 697


6-30-2005 2:45:27 PM Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:61 %
Total physical memory:1048048 kb
Available physical memory:633388 kb
Total page file size:2484812 kb
Available on page file:2243044 kb
Total virtual memory:2097024 kb
Available virtual memory:2011388 kb
OS:Microsoft Windows XP Professional Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


6-30-2005 3:28:37 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 608
ThreadCreationTime : 6-30-2005 9:34:54 PM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 656
ThreadCreationTime : 6-30-2005 9:34:55 PM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 680
ThreadCreationTime : 6-30-2005 9:34:56 PM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 724
ThreadCreationTime : 6-30-2005 9:34:57 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 736
ThreadCreationTime : 6-30-2005 9:34:57 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 916
ThreadCreationTime : 6-30-2005 9:34:58 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 1036
ThreadCreationTime : 6-30-2005 9:34:58 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1220
ThreadCreationTime : 6-30-2005 9:34:58 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1284
ThreadCreationTime : 6-30-2005 9:34:59 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1404
ThreadCreationTime : 6-30-2005 9:34:59 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
ProcessID : 1432
ThreadCreationTime : 6-30-2005 9:34:59 PM
BasePriority : Normal
FileVersion : 1.03.4
ProductVersion : 1.03.4
ProductName : Event Manager
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:12 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1784
ThreadCreationTime : 6-30-2005 9:35:02 PM
BasePriority : Normal
FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
ProductVersion : 6.00.2800.1221
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:13 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 532
ThreadCreationTime : 6-30-2005 9:35:04 PM
BasePriority : Normal
FileVersion : 5.0.18
ProductVersion : 5.0.18
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:14 [wkufind.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
Command Line : "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
ProcessID : 560
ThreadCreationTime : 6-30-2005 9:35:04 PM
BasePriority : Normal
FileVersion : 6.00.3215.0
ProductVersion : 6.00.3215.0
ProductName : Microsoft® Works 6.0
CompanyName : Microsoft® Corporation
FileDescription : Microsoft® Works Update Detection
InternalName : WkUFind
LegalCopyright : Copyright © Microsoft Corporation 1987-2001. All rights reserved.
OriginalFilename : WkUFind.exe

#:15 [itouch.exe]
ModuleName : C:\Program Files\Logitech\iTouch\iTouch.exe
Command Line : "C:\Program Files\Logitech\iTouch\iTouch.exe"
ProcessID : 568
ThreadCreationTime : 6-30-2005 9:35:05 PM
BasePriority : Normal
FileVersion : 2.15.264
ProductVersion : 2.15.264
ProductName : iTouch
CompanyName : Logitech Inc.
FileDescription : iTouch Application
InternalName : iTouch
LegalCopyright : © 1998-2002 Logitech. All rights reserved.
LegalTrademarks : Logitech® and iTouch® are registered trademarks of Logitech Inc.
OriginalFilename : iTouch.exe
Comments : Created by the iTouch team

#:16 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 584
ThreadCreationTime : 6-30-2005 9:35:05 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:17 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 600
ThreadCreationTime : 6-30-2005 9:35:05 PM
BasePriority : Normal
FileVersion : 6.4
ProductVersion : QuickTime 6.4
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2003
OriginalFilename : QTTask.exe

#:18 [winampa.exe]
ModuleName : C:\Program Files\Winamp\winampa.exe
Command Line : "C:\Program Files\Winamp\winampa.exe"
ProcessID : 344
ThreadCreationTime : 6-30-2005 9:35:05 PM
BasePriority : Normal


#:19 [rundll32.exe]
ModuleName : C:\WINDOWS\System32\RUNDLL32.EXE
Command Line : "C:\WINDOWS\System32\RUNDLL32.EXE" C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
ProcessID : 632
ThreadCreationTime : 6-30-2005 9:35:05 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

#:20 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" /background
ProcessID : 648
ThreadCreationTime : 6-30-2005 9:35:05 PM
BasePriority : Normal
FileVersion : 4.7.2009
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:21 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 124
ThreadCreationTime : 6-30-2005 9:35:05 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:22 [wkcalrem.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
Command Line : "C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe"
ProcessID : 948
ThreadCreationTime : 6-30-2005 9:35:06 PM
BasePriority : Normal
FileVersion : 6.00.1911.0
ProductVersion : 6.00.1911.0
ProductName : Microsoft® Works 6.0
CompanyName : Microsoft® Corporation
FileDescription : Microsoft® Works Calendar Reminder Service
InternalName : WkCalRem
LegalCopyright : Copyright © Microsoft Corporation 1987-2000. All rights reserved.
OriginalFilename : WKCALREM.EXE

#:23 [sysdoc32.exe]
ModuleName : C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
Command Line : "C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\SYSDOC32.EXE" /STARTUP
ProcessID : 956
ThreadCreationTime : 6-30-2005 9:35:06 PM
BasePriority : Idle
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton System Doctor
InternalName : SYSDOC32
LegalCopyright : Copyright © 2003 Symantec Corporation
OriginalFilename : SYSDOC32.EXE

#:24 [calcheck.exe]
ModuleName : C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
Command Line : "C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe"
ProcessID : 964
ThreadCreationTime : 6-30-2005 9:35:06 PM
BasePriority : Normal
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
ProductName : Calendar Checker Application
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
LegalCopyright : Copyright © 1992-1999.Ulead Systems, Inc.
LegalTrademarks : Ulead Systems, MediaStudio, PhotoImpact and Photo Express are registered trademarks of Ulead Systems, Inc.
OriginalFilename : CalCheck.EXE

#:25 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : svchost.exe
ProcessID : 1024
ThreadCreationTime : 6-30-2005 9:35:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:26 [ghosts~2.exe]
ModuleName : C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
Command Line : C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
ProcessID : 1360
ThreadCreationTime : 6-30-2005 9:35:10 PM
BasePriority : Normal
FileVersion : 2003.775
ProductVersion : 2003.775
ProductName : Norton Ghost Start Service
CompanyName : Symantec Corporation
FileDescription : Norton Ghost Start
InternalName : GhostStartService
LegalCopyright : Copyright © 1998-2002 Symantec Corp. All rights reserved.
OriginalFilename : GhostStartService.exe

#:27 [stchost.exe]
ModuleName : C:\WINDOWS\stchost.exe
Command Line : C:\WINDOWS\stchost.exe
ProcessID : 1560
ThreadCreationTime : 6-30-2005 9:35:10 PM
BasePriority : Normal


#:28 [navapsvc.exe]
ModuleName : C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
Command Line : "C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe"
ProcessID : 1664
ThreadCreationTime : 6-30-2005 9:35:10 PM
BasePriority : Normal
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:29 [nprotect.exe]
ModuleName : C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
Command Line : "C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE"
ProcessID : 1680
ThreadCreationTime : 6-30-2005 9:35:10 PM
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright © 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE

#:30 [nvsvc32.exe]
ModuleName : C:\WINDOWS\System32\nvsvc32.exe
Command Line : C:\WINDOWS\System32\nvsvc32.exe
ProcessID : 1424
ThreadCreationTime : 6-30-2005 9:35:10 PM
BasePriority : Normal
FileVersion : 6.14.10.7730
ProductVersion : 6.14.10.7730
ProductName : NVIDIA Driver Helper Service, Version 77.30
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 77.30
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:31 [persfw.exe]
ModuleName : C:\Program Files\Kerio\Personal Firewall\persfw.exe
Command Line : "C:\Program Files\Kerio\Personal Firewall\persfw.exe"
ProcessID : 1820
ThreadCreationTime : 6-30-2005 9:35:10 PM
BasePriority : Normal
FileVersion : 2, 1, 5, 0
ProductVersion : 2, 1, 5, 0
ProductName : Kerio Personal Firewall
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall Engine
InternalName : PERSFW
LegalCopyright : Copyright © 2002
OriginalFilename : PERSFW.exe

#:32 [nopdb.exe]
ModuleName : C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
Command Line : C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
ProcessID : 1620
ThreadCreationTime : 6-30-2005 9:35:10 PM
BasePriority : Normal
FileVersion : 7.00.0.24
ProductVersion : 7.00.0.24
ProductName : Norton Speed Disk
CompanyName : Symantec Corporation
FileDescription : NOPDB
InternalName : NOPDB
LegalCopyright : Copyright © 2002
OriginalFilename : NOPDB.dll

#:33 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 2000
ThreadCreationTime : 6-30-2005 9:35:11 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:34 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 2032
ThreadCreationTime : 6-30-2005 9:35:11 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:35 [ad-aware.exe]
ModuleName : C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe
Command Line : "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe" /598853 +483832
ProcessID : 2744
ThreadCreationTime : 6-30-2005 9:43:04 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:36 [opera.exe]
ModuleName : C:\Program Files\Opera7\opera.exe
Command Line : "C:\Program Files\Opera7\opera.exe"
ProcessID : 1728
ThreadCreationTime : 6-30-2005 10:17:08 PM
BasePriority : Normal
FileVersion : 3218
ProductVersion : 7.21
ProductName : Opera Internet Browser
CompanyName : Opera Software
FileDescription : Opera Internet Browser
InternalName : Opera
LegalCopyright : Copyright © Opera Software 1995-2003
OriginalFilename : Opera.exe

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


SpywareNo Object Recognized!
Type : File
Data : A0133521.exe
TAC Rating : 7
Category : Misc
Comment :
Object : C:\System Volume Information\_restore{DC4C78C7-976B-4678-8F4C-61208B82CA4A}\RP419\



Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

SpywareNo Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\system
Value : Wallpaper

SpywareNo Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\desktop\general
Value : WallpaperLocalFileTime

SpywareNo Object Recognized!
Type : RegData
Data : 0
TAC Rating : 7
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoAddingComponents
Data : 0

SpywareNo Object Recognized!
Type : RegData
Data : 0
TAC Rating : 7
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoChangingWallpaper
Data : 0

SpywareNo Object Recognized!
Type : RegData
Data : 0
TAC Rating : 7
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoComponents
Data : 0

SpywareNo Object Recognized!
Type : RegData
Data : 0
TAC Rating : 7
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoEditingComponents
Data : 0

SpywareNo Object Recognized!
Type : RegData
Data : 0
TAC Rating : 7
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoHTMLWallPaper
Data : 0

SpywareNo Object Recognized!
Type : RegData
Data : 0
TAC Rating : 7
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\explorer
Value : ClassicShell
Data : 0

SpywareNo Object Recognized!
Type : RegData
Data : 0
TAC Rating : 7
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\explorer
Value : NoActiveDesktop
Data : 0

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 9
Objects found so far: 10

3:41:25 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:12:48.343
Objects scanned:155699
Objects identified:10
Objects ignored:0
New critical objects:10

This post has been edited by panzer503: Jun 30 2005, 04:52 PM
Go to the top of the page
 
+Quote Post
Rawe
post Jun 30 2005, 04:53 PM
Post #2


Visiting Staff
Group Icon
Posts: 4,746
From: Finland
OS: XP Home - SP2
Hello and welcome!
AAW has no power for this infection you have, because you have an virus/trojan there, as Ad-aware isn't anti-virus software.
#:27 [stchost.exe]
FilePath : C:\WINDOWS\
ProcessID : 1560
ThreadCreationTime : 6-30-2005 9:35:10 PM
BasePriority : Normal

(well, in addition to spyware you also have..)
Wait for an mod to come and move this topic to Malware removal forum.
You have to download HiJackThis v 1.99.1 and install it.
(Please do note, that unzip it to an permanent folder such as C:\HJT. Then you will have access to back ups.)
When installed, launch it and hit "Do a full system scan and save the logfile".
Once the scan has finished, a notepad file will open with a log. Please copy & paste all of it's content to your next reply to this thread.
When you have posted it, someone from our HJT staff will come and help you with your problems..

Mean while you're waiting,
run couple of these free online A/V scans here;
- RAV
- Kaspersky
- BitDefender
- Jotti Virusscan

And one of the following free anti-trojan scans;

- A2 <- Free Trojan scanner
- Trojan Hunter <-- 30 days free trial.


- Rawe thumbsup.gif
Go to the top of the page
 
+Quote Post
panzer503
post Jun 30 2005, 07:10 PM
Post #3


Member
**
Posts: 19
OS: XP
Wow, thanks for the quick reply! Here's a copy of my HJT log. Im also running the online virus scans.

Logfile of HijackThis v1.99.1
Scan saved at 6:07:49 PM, on 6/30/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
C:\WINDOWS\stchost.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera7\opera.exe
C:\Documents and Settings\psyklops\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B75F75B8-93F3-429D-FF34-660B206D897A} - C:\WINDOWS\System32\zolker001.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: ZToolbar Activator Class - {FFF5092F-7172-4018-827B-FA5868FB0478} - C:\WINDOWS\System32\ztoolb001.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Printer Spooler] C:\WINDOWS\System32\winspooler.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: Registration Brothers In Arms.LNK = D:\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe
O21 - SSODL: LiveReg - {EAF0F8E0-E338-C706-2883-49086EC3F47A} - c:\program files\common files\symantec shared\livereg\xnzww32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: stchost.exe (moto) - Unknown owner - C:\WINDOWS\stchost.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Go to the top of the page
 
+Quote Post
Kat
post Jul 4 2005, 02:13 PM
Post #4


Faerie Kitty Geek
Group Icon
Posts: 17,753
From: Crawfordsville, IN
OS: XP Pro
Hello and welcome to GeeksToGo! My name is Kat, and I will be helping you. I apologize for the delay in getting to you. blushing.gif

Please download ewido security suite it is a trial version of the program.
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Launch ewido, there should be an icon on your desktop double-click it.
  • The program will prompt you to update click the OK button
  • The program will now go to the main screen
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Click on Start
The update will start and a progress bar will show the updates being installed.
Once the updates are installed do the following:
  • Click on scanner
  • Make sure the following boxes are checked before scanning:
    • Binder
    • Crypter
    • Archives
  • Click on Start Scan
  • Let the program scan the machine
While the scan is in progress you will be prompted to clean files, click OK

Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report
  • Save the report to your desktop
Reboot your machine and post back a new HJT log and the ewido .txt log file you saved by using Add Reply
Go to the top of the page
 
+Quote Post
Kat
post Jul 4 2005, 02:14 PM
Post #5


Faerie Kitty Geek
Group Icon
Posts: 17,753
From: Crawfordsville, IN
OS: XP Pro
I forgot to mention that like most everyone...I will be leaving soon to go see fireworks. I will check back in later tonight to see if you've replied! I have subscribed to this thread, so I will know when you make a reply! spoton.gif
Go to the top of the page
 
+Quote Post
panzer503
post Jul 4 2005, 07:18 PM
Post #6


Member
**
Posts: 19
OS: XP
Hope you had fun with the firewoks! : ) I believe that my comp was used as a server for warez... Everything was hidden in C:\documents\psyklops\Complete folder. The problem was taht the folder was hidden. Is it possible to reveal such a file on my computer again in the future? *scratches head*


---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 6:13:04 PM, 7/4/2005
+ Report-Checksum: 75676CDB

+ Scan result:

C:\Documents and Settings\psyklops\Complete\1st Security Agent v6.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\1st Security Agent with 1st Screen Lock.v6.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\1st Security Agent with IE Internet Security.v6.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\3D Formula 1 Screensaver v1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\3d Studio Max 7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\3d Ultra Pinball Thrillride.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\3DMark 2005 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\ABBYY FineReader Professional Edition 7.0.0.1007.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Ability Office v4.9.000.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\ACD Systems Canvas X Build 899.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Acronis True ImageTrue Image Server 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\ActiveState Expect.v1.10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Adobe GoLive CS2 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Adobe Illustrator CS.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Adobe PageMaker 7.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Advanced Security Administrator v10.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\AdvancedPicHunter 20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Adware Spyware Removal 5.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\AdwareX Eliminator 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\AirStrike 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Alias Maya Unlimited v6.5 for Windows.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\AlienAbduction 1200.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\All Swish Products.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\ALO Audio CD Ripper 1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\ALO Audio CD Ripper v1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Anti-[bleep] .v7.0.6.10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\AnyDVD 4.5.7.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\AnyDVD 5.1.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\ApBackUp 2.5.1591.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Apollo DVD Copy 4.20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Apollo DVD Copy 4.3.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Apollo DVD Copy v4.3.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Apycom Java Menus and Buttons v5.00.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Ashampoo Photo Commander v3.50.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Ashampoo WinOptimizer Platinum Suite 2 1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Ashampoo WinOptimizer Platinum Suite 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\ASPMaker v4.10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Avast Professional 4.5.546.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Avast Professional 4.5.561.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Baby Album, Basic.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Batch Script Processor 3.08 for AutoCAD.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Battlefield 2 Reloaded iSO.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Battlefield 2 Reloaded.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Battlefield 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Black Pirate Fs 1.0 2005 Sneaky Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Blaze DVD Copy 3.5.9.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Blaze DVD Copy v3.5.9.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Blaze Media Pro 5.18.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Blindwrite 5.2.10.142.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Borland C++ Builder Enterpris.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Broken Cross Disk Manager v3.62 Pro + Re.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\BurnerSoft Easy DVD Shrink 3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\CA eTrust EZ Antivirus 2005 7.0.7.9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Catalyst SocketTools Visual Edition v4.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Celemony Melodyne Uno 1.1.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Cheetah Commandline Burner 1.21.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Cinderella Man (Good Quality).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Circuitmaker 2000.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Clean Disk Security v7.45.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\CleanCenter 1.34.60.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\ClockShop Lite v1.1.0.363.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Commandos 3 Destination Berlin.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Corel Designer Technical Suite v12.0 ful.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Corel Designer Technical Suite.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\CorelDRAWÂ Graphics Suite 12.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\DefencePlus 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Dekart Logon v2.20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Digital Light & Color Picture Window Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\DivX 6.0 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Downtime Manager v4.8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\DSL Speed 2.08.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\DVD Encoder 2.11.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\DVD Region-CSS Free 5.58.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\DvdComposer v1.0.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\DVDComposer v1.03.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\DVDFab Platinum 2.52.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\DVDIdle Pro 5.58.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Easy DVD CD Burner 3.0.51.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Easy DVD CD Burner v3.0.51.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\eMule 0.46a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\EShopper Deluxe v2.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Eudora Automation Tool v2.0.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\EVEREST Professional 1.10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\EVEREST Ultimate Edition 2005 2.01.347.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Farstone VirtualDrive v9.0 Incl Serial.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Final Fantasy 8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Firegraphic 8.0.803.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Flash Renamer 4.8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\FolderShine v1.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Foxit PDF Reader 1.3.2 Build 0701 Beta.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\FTP Voyager 12.1.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\FTPEditor Pro 3.2.2.435.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Game XP 1.5.6.29.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\GameBoost 1.6.20.2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Gangsters 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Genie Backup Manager Professi.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\GMail Drive 1.0.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Golden Keywords v4.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\GrabFile 3.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Grand Theft Auto San Andreas PC iSO.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Grand Theft Auto San Andreas [PC].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\GroundControl 3.32.176.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Hacker 2005 The Broken Link.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Halflife 2 iSO EMPORIO.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Hidden Cameras 2.11.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Hitman 3 Contracts.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\HomeRoom v1.11.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\HWDirect 1.66.0.25.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\IE Password v1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Indecent Proposal softEROTICA.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Installshield 10.5 Premier.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Internet Download Manager 4.05.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\IP-Tools 2.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\iPodSoft iPod Agent v1.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\IPodSoft MarkAble v1.1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Ipswitch WS_FTP Professional 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Jay-Z - The Red Album.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Jumeogi Unda DVD Rip Xvid.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Jumeogi Unda.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Kaspersky Antivirus Personal.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Kicking And Screaming SVCD.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Kingdia Dvd Ripper Professional 2.4.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Kingdia DVD Ripper Professional 2.4.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Kingdom of Heaven Xvid.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Kingdom of Heaven.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Klonsoft MP3 to WAV Converter v2.50.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Learn to play Guitar - GCHGA unit2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Limewire Pro 4.8.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\LinkStash 1.6.10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Longhorn Transformation Pack 10.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Longhorn Transformation Pack 10.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Magic ISO Maker 4.5.116.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\MagicTweak 2.80.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\MaxPayne I.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Medal Of Honor European Assault PS2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Medal Of Honor European Assault.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\MediaMonkey v2.4.1.872.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Microsoft AntiSpyware 1.0.613 Beta 1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Microsoft Windows Longhorn 50.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Midnight Club 3 DUB Edition W-ALL.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\MindHunters Xvid.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\MindHunters.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Mr. & Mrs. Smith Xvid.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Mr. &amp; Mrs. Smith.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Nero Media Player 1.4.0.25.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Newsleecher - V2.3 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\No 1 Video Converter 3.8.8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Nvidia nTune 2005 Retail.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\nVidia nTune 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\OkPress 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\OpenOffice.org 2.1 Beta for Windows (Snapshot Build 1.9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PartitionMagic 8.05.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PC Auto Shutdown v1.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PC OMR v6.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PC Repair - V2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PC Repair 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PCBoost v3.6.20.2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PDF Filler Pilot 1.18.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PDF Filler Pilot 1.22.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PDF Maker Pilot v1.22 Cracked.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PECompact 2.60.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Pendulum - Hold Your Colour (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Personal Internet Phone Equipment 2.72.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PerspecX version 1.0 i.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Photobuilder Platinum Version 5.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PhotoWatermark Pro 6.0.5.7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PhotoWatermark Professional v6.0.5.7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Pink Floyd - Full Discography.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Pinnacle Studio Plus 9.4.3.56.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Pinnacle TitleDeko Pro 2.0.1634.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Plato DVD Ripper 1.2 & Plato DVD Ripper.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Polybytes PolyView 4.251.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Pop up Blocker Pro v7.0.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Pop-Up Stopper Professional v1.8.1000.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Post Impact DVD Rip Xvid French.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Post Impact.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PowerPoint2DVD v2.24.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Privacy Shield 3.0.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Profab_Elite_with_Laser v7.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Pure CD Ripper 3.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Pure Motion Edit Studio Pro v5.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\PureBeautyMag.Daily.Issue.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Quake III - Urban Terror 3.7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Raxco PerfectDisk 7.0 Build 42.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Registry Repair 1.42.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\Remote Installer v1.3.74.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\psyklops\Complete\River Past Audio Conv