Internet Explorer & My Documents won't open [RESOLVED]

Hi and welcome to GeeksToGo! My name is Sam and I will be helping you.

Please download Ewido Security Suite it is a trial version of the program.

• Install ewido security suite
• When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
• Launch ewido, there should be an icon on your desktop double-click it.
• The program will now go to the main screen

You will need to update ewido to the latest definition files.

• On the left hand side of the main screen click update
• Then click on Start Update

The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update ewido.
http://www.ewido.net...wnload/updates/

Once the updates are installed do the following:

• Click on scanner
• Click on Complete System Scan and the scan will begin.
• While the scan is in progress you will be prompted to clean files, click OK
• When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
• Once the scan has completed, there will be a button located on the bottom of the screen named Save report
• Click Save report.
• Save the report .txt file to your desktop.

Now close ewido security suite.


Reboot your computer and post a new hijackthis log and the log from Ewido.

Thank you for helping
Now I can open Internet explorer and such, here is my scan report and hijack this log:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 8:26:19 AM, 8/1/2005
+ Report-Checksum: 886AF887

+ Scan result:

HKLM\SOFTWARE\AutoLoader -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\AutoLoader\os0c1QLTXIXa -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\AutoLoader\os0q1QLTXIXa -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{016235BE-59D4-4CEB-ADD5-E2378282A1D9} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B5AB638F-D76C-415B-A8F2-F3CEAC502212} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{B548B7D8-3D03-4AED-A6A1-4251FAD00C10} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{B99A727F-0782-4A71-BCC2-6E1E66414904} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{016235BE-59D4-4CEB-ADD5-E2378282A1D9} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\SearchRelevancy -> Spyware.SearchRelevancy : Cleaned with backup
HKLM\SOFTWARE\SearchRelevancy\Update -> Spyware.SearchRelevancy : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Apropos -> Spyware.AproposMedia : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6CB0-410C-8C3D-8FA8D2011D0A} -> Spyware.iMesh : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000010-6F7D-442C-93E3-4A4827C2E4C8} -> Spyware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{016235BE-59D4-4CEB-ADD5-E2378282A1D9} -> Spyware.AproposMedia : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -> Spyware.WinFavorites : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D7E3B41-23CE-469B-BE1B-A64B877923E1} -> Spyware.BlazeFind : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{339BB23F-A864-48C0-A59F-29EA915965EC} -> Spyware.HuntBar : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{36A59337-6EEF-40AE-94B1-ED443A0C4740} -> Spyware.BetterInternet : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{386A771C-E96A-421F-8BA7-32F1B706892F} -> Spyware.ISTBar : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6685509E-B47B-4F47-8E16-9A5F3A62F683} -> Spyware.MoneyMaker : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} -> Spyware.YourSiteBar : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79849612-A98F-45B8-95E9-4D13C7B6B35C} -> Spyware.Crazywinnings : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C559105-9ECF-42B8-B3F7-832E75EDD959} -> Spyware.ISTBar : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87766247-311C-43B4-8499-3D5FEC94A183} -> Spyware.HuntBar : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8952A998-1E7E-4716-B23D-3DBE03910972} -> Spyware.HuntBar : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} -> Spyware.MoneyTree : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0} -> Spyware.Webhancer : Cleaned with backup
HKU\S-1-5-21-2743728672-3134376168-3156483829-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA} -> Spyware.BargainBuddy : Cleaned with backup
[1940] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Cleaned with backup
[1796] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[1868] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[1896] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[1908] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[1916] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[1640] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[208] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[252] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[384] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[592] C:\WINDOWS\system32\sndcfg16.exe -> Worm.Krepper.c : Cleaned with backup
[632] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[1188] C:\WINDOWS\system32\363c17ob.exe -> Adware.Saha : Cleaned with backup
[1204] C:\Program Files\czle7993\czle7993.exe -> Spyware.ClearSearch : Cleaned with backup
[1256] C:\Program Files\Media Gateway\MediaGateway.exe -> Spyware.WinAD : Cleaned with backup
[2092] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[2120] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[2152] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[2464] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[2552] C:\WINDOWS\system32\eck7qbec.dll -> Adware.SAHA : Error during cleaning
[3576] C:\Program Files\Aprps\WinGenerics.dll -> Spyware.AproposMedia : Cleaned with backup
C:\a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-1237e05d-66456739.class -> Trojan.Nocheat : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@a-1shz2prbmdj6wvny-1sez2pra2dj6wjkokodpsdog-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@a-1shz2prbmdj6wvny-1sez2pra2dj6wjny-1ocjcepaqdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickhype : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@addcontrol[1].txt -> Spyware.Cookie.Addcontrol : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@hypertracker[1].txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@pro-market[2].txt -> Spyware.Cookie.Pro-market : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@y-1shz2prbmdj6wvny-1sez2pra2dj6wfloajdjihpqqdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@y-1shz2prbmdj6wvny-1sez2pra2dj6wjk4whd5alpgidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkoojajwcqqydj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkykkajcaqaudj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkysgcpohpg2dj6x9ny-1seq-2-2.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlikgdpkboqidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@y-1shz2prbmdj6wvny-1sez2pra2dj6wjliuhd5maqaidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlowkdjcgpwqdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlycpazshqaydj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temp\AutoUpdate0\auto_update_install.exe -> Spyware.AproposMedia : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2DOZQ961\SinglesSetup-dm[1].exe -> Spyware.Trymedia : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2VMRAD8B\greatfilmquotes[1].htm -> Spyware.BookedSpace : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\8TMRKLE7\EmilyGilmore[1].htm -> Backdoor.IRC.Sitex : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\A5OZ0PEL\moments00[1].htm -> Spyware.BookedSpace : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\IL745KNI\topquotes2[1].htm -> Spyware.BookedSpace : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O5ENKDYF\adscripts[1].js -> Spyware.BookedSpace : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O5ENKDYF\worstquotes[1].htm -> Spyware.BookedSpace : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\YHDABYLO\RoryGilmore[1].htm -> Backdoor.IRC.Sitex : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Ad-aware Pro Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Adobe Acrobat Reader crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Adobe Golive v6.0 Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Adobe Illustrator v10.0 Time Limit Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Adobe ImageReady v1.0 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Adobe PageMaker v7.0 Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Adobe Photoshop 7 keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Adobe Photoshop all.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Adobe Serial Generator v2.0.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Age of Empires II The Age of Kings NO CD crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Age Of Mythology - The Titans no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Age Of Mythology no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Alias Acclaim crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\All Macromedia Products Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Anti-Trojan 4.0.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Avant Browser.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Backyard Baseball 2003 no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Backyard Wrestling 2 - There Goes the Neighborhood Eidos Interactive crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Battlefield 1942 no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Battlefield Vietnam EA Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Battlefield Vietnam Multiplayer Online Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Besieger Strategy DreamCatcher Interactive crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Blinx 2 - Masters of Time & Space Microsoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Blitzkrieg - Burning Horizon Strategy CDV Software GmbH crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Call of Duty Activision crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Call Of Duty no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\City of Heroes Role-Playing NCsoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Civilization III crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Classic NES Series - The Legend of Zelda GBA Role-Playing Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\CloneDVD v1.x crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Command & Conquer - Generals no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Command & Conquer - Generals Zero Hour no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Command & Conquer - Generals Zero Hour Strategy EA Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Counter-Strike Condition Zero Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Credit card generator.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Crusader Kings Strategy Paradox Entertainment crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Cubase Audio XT 3.X crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Dark Age Of Camelot - Trials Of Atlantis no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Dark Matter - The Baryon Proj crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Deus Ex Invisible War NO CD Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Diablo 2 no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\DivX Player and Codec.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Doom 3 Activision crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Doom 3 NO CD Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Download Accelerator Plus (spyware free).exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Dragon Ball Z - Budokai 3 Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Dragon Ball Z - Supersonic Warriors GBA Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Dragon Warrior VIII Role-Playing Square Enix crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\DRIV3R Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Dungeon Lords Role-Playing DreamCatcher Interactive crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Dungeon Siege no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Enter the Matrix Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\ESPN NFL 2K5 Sega crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\F.E.A.R. VU Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Fable Role-Playing Microsoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Far Cry Ubisoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Final Fantasy VII - Advent Children PSP Role-Playing Square Enix crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Final Fantasy XI - Square Enix USA no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Final Fantasy XII Role-Playing Square Enix crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Fire Emblem - Seima no Kouseki GBA Role-Playing Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\FlashFXP 2 RC2 Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\FlashFXP v1.4.1 Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\FlashFXP v1.4.3 Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\FlashFXP v2.0 Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\FlashFXP v2.1 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\FlashFXP v2.2 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\FlashGet.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Forgotten Realms - Demon Stone Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Forgotten Realms - Demon Stone crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Freedom Force no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Front Mission 4 Strategy Square Enix crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Full Spectrum Warrior Strategy THQ crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Geist GC Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Goblin Commander - Unleash the Horde Strategy Jaleco Entertainment crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Gran Turismo 4 SCEA crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Grand Theft Auto - San Andreas Rockstar Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Grand Theft Auto 3 no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Grand Theft Auto III no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Grand Theft Auto San Andreas NO CD crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Grand Theft Auto Vice City NO CD crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\GTA crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Half-Life 2 Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Half-Life 2 NO CD Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Half-Life 2 VU Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Halo - Combat Evolved - Microsoft no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Halo 2 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Harry Potter & The Sorcerers Stone no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Harry Potter and the Prisoner of Azkaban Adventure EA Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Harry Potter and the Sorcerers Stone no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Heroes of Might & Magic IV no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Hidden & Dangerous 2 NO CD Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Icewind Dale 2 no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\ICQ 4.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\ICQ Pro 2003b.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\iMesh patch.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Jedi Academy NO CD Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Joint Operations - Typhoon Rising NovaLogic crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Juiced Acclaim crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Kingdom Hearts II Role-Playing Square Enix crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Knights Apprentice Memoricks Adventures Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\LimeWire server scanner.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia ColdFusion MX crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia Contribute v2.0 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia Director 8 Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia Dreamweaver 4.0 Patch.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia Dreamweaver MX v6.0 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia Dreamweaver UltraDev 4.0 Patch.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia Fireworks 4.0 Patch.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia Flash All Versions keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia Flash MX v6.0 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia Flash SWF-Unprotect v2.0.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Macromedia FreeHand v10 Loader.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Madden NFL 2003 no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Madden NFL 2005 EA crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Mafia no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Malice Mud Duck Productions crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Mario Pinball Land GBA Puzzle Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Mario Tennis GC Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Matrix Screensaver.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Max Payne 2 Fall Of Max Payne no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Max Payne 2 NO CD Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Max Payne 2 The Fall of Max Payne NO CD crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\MaxPayne 2 The Fall Of Max Payne Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\McFarlanes Evil Prophecy Konami crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Medal Of Honor - Allied Assault no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Medal Of Honor - Allied Assault BreakThrough no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Medal Of Honor - Allied Assault no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Medal of Honor Pacific Assault EA Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Medal of Honor- Allied Assault no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Medieval - Total War no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Mega Man Anniversary Collection GC Capcom crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Metal Gear Acid PSP Strategy Konami crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Metal Gear Solid 3 - Snake Eater Konami crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Microsoft Flight Simulator 2004 - A Century Of Flight no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Microsoft Office 2000 Regmaker.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Microsoft Office XP Activation Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Microsoft Office XP Activation Killer.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Microsoft Office XP Professional Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Microsoft Office XP Professional Serial.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Microsoft Office XP Universal Activator v1.0.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Midnight Club 3 - DUB Edition Rockstar Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\mirc 6.1x reg entries.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\mIRC 6.X crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Morpheus patch.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\MS Office XP Activation Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\MS Zoo Tycoon no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\MSN advert remover.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\MSN Toolbar advert remover.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\MVP Baseball 2004 EA crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\NBA Live 2003 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\NBA Live 2004 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\NCAA Football 2005 EA crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Need For Speed 5 - no cd.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Need for Speed Hot Pursuit 2 CD KeyGenerator.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Need for speed underground - nocd.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Need for Speed Underground 2 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Need for Speed Underground 2 Electronic Arts crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Need for Speed Underground 2 NO CD crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Need for Speed Underground NO CD crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Need for Speed4 - NOCD.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\NeedforspeedUnderground-nocd.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Nero Burning ROM v6.x crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Ninja Gaiden Tecmo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Norton AntiVirus 2004 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Onimusha 3 - Demon Siege Adventure Capcom crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Psi-Ops - The Mindgate Conspiracy Midway crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Purge Jihad Freeform Interactive LLC crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\RealPlayer crack (keygen).exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Red Dead Revolver Rockstar Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Resident Evil 4 GC Adventure Capcom crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Rise of Nations - Thrones & Patriots Strategy Microsoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\RoboForm crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Roller Coaster Tycoon no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\RYL crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Second Life Role-Playing Linden Lab crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Shadow Ops - Red Mercury Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\ShellShock - Nam 67 Eidos Interactive crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Silent Storm - Sentinels Strategy _No Company crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Sim City 4 - Rush Hour no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Sim City 4 Deluxe no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Sim Theme Park World no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Singles - Flirt Up Your Life Strategy Eidos Interactive crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Snood crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Snowblind Eidos Interactive crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Soldier of Fortune II- Double Helix no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\SolSuite 2004 - Solitaire Card Games Suite crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Sonic the Hedgehog 3 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Spider-Man 2 Activision crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Spider-Man 2 GC Activision crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Sponge Bob Square Pants - Operation Krabby Patty no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Spybot Search and Destroy.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Star Wars - Jedi Knight - Jedi Academy no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Star Wars - Knights of the Old Republic Role-Playing LucasArts crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Star Wars Galactic Battlegrounds- Clone Campaigns no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Star Wars Jedi Knight II - Jedi Outcast no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Star Wars Jedi Knight II- Jedi Outcast no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Star Wars Knights of the Old Republic II - The Sith Lords Role-Playing LucasArts crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Starcraft - Battlechest no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Chronicles of Riddick - Escape From Butcher Bay VU Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Elder Scrolls III - Morrowind Game of the Year Edition Role-Playing Bethesda Softworks crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Legend of Zelda (working title) GC Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Legend of Zelda - Four Swords Adventures GC Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Legend of Zelda - The Minish Cap GBA Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Lord of the Rings The Battle for Middle-earth Strategy EA Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Lord of the Rings The Return of The King crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims - Hot Date Expansion Pack no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims - Makin Magic Expansion Pack no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims - Superstar Expansion Pack no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims - Unleashed Expansion Pack no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims - Vacation Expansion Pack no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims - Hot Date Expansion Pack no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims - Vacation Expansion Pack no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims 2 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims Deluxe no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims Deluxe no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims Double Deluxe no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Sims- Vacation no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Suffering Encore Software Inc. crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\The Suffering Midway crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Thief - Deadly Shadows Eidos Interactive crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Tiger Woods PGA Tour 2004 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Tom Clancy's Splinter Cell Pandora Tomorrow crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Tom Clancys Ghost Recon - Desert Siege no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Tom Clancys Splinter Cell Pandora Tomorrow Ubisoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Tom Clancys Splinter Cell Ubisoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Tony Hawks Underground crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Trillian crasher.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Unreal Tournament 2003 no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Unreal Tournament 2004 Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Unreal Tournament 2004 crack (keygen).exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Unreal Tournament 2004 NO CD crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Vampire - The Masquerade - Bloodlines Role-Playing Activision crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\VirtualLab Data Recovery crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Warcraft III - Reign Of Chaos no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Warez P2P.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Webroot Spy Sweeper.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\windows server 2003 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Windows XP Activation Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Windows XP home edition Activation.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Windows XP Professional crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\WinRAR crack (keygen).exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\WinZip All Versions keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Winzip keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\WinZip Self-Extractor v2.2 keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\WinZip Self-Extractor v2.2 Patch.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\WinZip v8.0 Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\WinZip v8.x - v9.x patch.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\WinZIP v9.0 Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\WinZip v9.0 Registration.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\World of Warcraft Role-Playing Blizzard Entertainment crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Worms Armageddon NO CD crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\WWE Day of Reckoning GC THQ crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\WWE SmackDown! vs. Raw THQ crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\XBOX X-Fer Ripper and Transfer.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Yoshinoya Success crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\ZoneAlarm crack (keygen).exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Zoo Tycoon - Complete Collection no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Zoo Tycoon no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Owner\Shared\Zoo Tycoon- Dinosaur Digs no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Ad-aware Pro Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Adobe Acrobat Reader crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Adobe Golive v6.0 Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Adobe Illustrator v10.0 Time Limit Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Adobe ImageReady v1.0 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Adobe PageMaker v7.0 Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Adobe Photoshop 7 keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Adobe Photoshop all.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Adobe Serial Generator v2.0.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Age of Empires II The Age of Kings NO CD crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Age Of Mythology - The Titans no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Age Of Mythology no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Alias Acclaim crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\All Macromedia Products Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Anti-Trojan 4.0.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Avant Browser.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Backyard Baseball 2003 no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Backyard Wrestling 2 - There Goes the Neighborhood Eidos Interactive crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Battlefield 1942 no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Battlefield Vietnam EA Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Battlefield Vietnam Multiplayer Online Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Besieger Strategy DreamCatcher Interactive crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Blinx 2 - Masters of Time & Space Microsoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Blitzkrieg - Burning Horizon Strategy CDV Software GmbH crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Call of Duty Activision crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Call Of Duty no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\City of Heroes Role-Playing NCsoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Civilization III crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Classic NES Series - The Legend of Zelda GBA Role-Playing Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\CloneDVD v1.x crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Command & Conquer - Generals no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Command & Conquer - Generals Zero Hour no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Command & Conquer - Generals Zero Hour Strategy EA Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Counter-Strike Condition Zero Keygen.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Credit card generator.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Crusader Kings Strategy Paradox Entertainment crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Cubase Audio XT 3.X crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Dark Age Of Camelot - Trials Of Atlantis no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Dark Matter - The Baryon Proj crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Deus Ex Invisible War NO CD Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Diablo 2 no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\DivX Player and Codec.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Doom 3 Activision crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Doom 3 NO CD Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Download Accelerator Plus (spyware free).exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Dragon Ball Z - Budokai 3 Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Dragon Ball Z - Supersonic Warriors GBA Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Dragon Warrior VIII Role-Playing Square Enix crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\DRIV3R Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Dungeon Lords Role-Playing DreamCatcher Interactive crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Dungeon Siege no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Enter the Matrix Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\ESPN NFL 2K5 Sega crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\F.E.A.R. VU Games crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Fable Role-Playing Microsoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Far Cry Ubisoft crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Final Fantasy VII - Advent Children PSP Role-Playing Square Enix crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Final Fantasy XI - Square Enix USA no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Final Fantasy XII Role-Playing Square Enix crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Fire Emblem - Seima no Kouseki GBA Role-Playing Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\FlashFXP 2 RC2 Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\FlashFXP v1.4.1 Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\FlashFXP v1.4.3 Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\FlashFXP v2.0 Crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\FlashFXP v2.1 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\FlashFXP v2.2 crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\FlashGet.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Forgotten Realms - Demon Stone Atari crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Forgotten Realms - Demon Stone crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Freedom Force no cd crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Front Mission 4 Strategy Square Enix crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Full Spectrum Warrior Strategy THQ crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Geist GC Nintendo crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Goblin Commander - Unleash the Horde Strategy Jaleco Entertainment crack.exe -> Worm.Krepper.c : Cleaned with backup
C:\Downloads\Gran Turismo 4 SCEA crack.exe -> Worm.

I don't see your hijackthis log in that post. But that's a monster Ewido log.

In light of how badly you were infected please run this online virus scan.

Panda Virus Scan

There may be files that this scan will not remove. Please include that information in your next post.


Reboot and post a new hijackthis log and the info from your virus scan.

Sorry, I pasted it but I didn't notice that it got cut off at the end.
Here are BOTH now:


Incident Status Location

Adware:adware/wupd No disinfected C:\WINDOWS\SYSTEM32\ide21201.vxd
Adware:adware/ncase No disinfected C:\TEMP\salmau.dat
Adware:adware/keenvalue No disinfected C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts.bho
Adware:adware/apropos No disinfected C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\cfout.txt
Adware:adware/ipinsight No disinfected C:\WINDOWS\INF\conscorr.inf
Adware:adware/quicksearch No disinfected C:\PROGRAM FILES\QuickSearch
Adware:adware/searchrelevancy No disinfected C:\PROGRAM FILES\SearchRelevant
Adware:adware/sahagent No disinfected C:\WINDOWS\SYSTEM32\SahImages
Adware:adware/ilookup No disinfected C:\WINDOWS\iLookup
Adware:adware/savenow No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\MAGNET
Adware:adware/exactsearch No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ACTIVEX COMPATIBILITY\{53F066F0-A4C0-4F46-83EB-2DFD03F938CF}
Spyware:spyware/cws.olehelp No disinfected HKEY_CLASSES_ROOT\APPID\BHO.DLL
Spyware:spyware/bargainbuddy No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP MANAGEMENT\ARPCACHE\BARGAINBUDDY
Spyware:spyware/dyfuca No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP MANAGEMENT\ARPCACHE\INTERNET OPTIMIZER
Adware:adware/mediatickets No disinfected HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9}
Adware:adware/topmoxie No disinfected HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\extensions\CmdMapping\{6685509E-B47B-4f47-8E16-9A5F3A62F683}
Adware:Adware/Apropos No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\AutoUpdate0\setup.inf
Adware:Adware/nCase No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\res41A0.tmp
Spyware:Spyware/YourSiteBar No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2DOZQ961\CA67W5QV.HTM
Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\8TMRKLE7\marketing14[1].htm
Spyware:Spyware/XXXToolbar No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GLENOLAB\CA4D6ZGL.HTM
Adware:Adware/nCase No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GLENOLAB\init[1].js
Adware:Adware/nCase No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GLENOLAB\init[2].js
Adware:Adware/nCase No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GLENOLAB\init[3].js
Spyware:Spyware/XXXToolbar No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GLENOLAB\prompt[1].htm
Virus:W32/Oscarbot.C.worm Disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\LVZHRXZO\pictures@gallery[1].com
Adware:Adware/Apropos No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\VBDFJ9K4\AproposClientInstaller[1].exe
Adware:Adware/Apropos No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WTIF0PIZ\AproposClientInstaller[1].exe
Adware:Adware/Apropos No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\X379NHZK\status[1]
Spyware:Spyware/XXXToolbar No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\Y7EBE98X\CAN64V3T.HTM
Spyware:Spyware/XXXToolbar No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\Y7EBE98X\CAODUJSP.HTM
Spyware:Spyware/XXXToolbar No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\Y7EBE98X\CATCMH9B.HTM
Spyware:Spyware/XXXToolbar No disinfected C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\Y7EBE98X\prompt[1].htm
Adware:Adware/Apropos No disinfected C:\Program Files\Aprps\ProxyStub.dll
Adware:Adware/Apropos No disinfected C:\Program Files\Aprps\pstub0\proxystub.dll
Spyware:Spyware/ClearSearch No disinfected C:\Program Files\czle7993\66908350.exe
Spyware:Spyware/ClearSearch No disinfected C:\Program Files\czle7993\cjra7v2v.DLL
Spyware:Spyware/ClearSearch No disinfected C:\Program Files\czle7993\czle79931\czle79931.dll
Spyware:Spyware/ClearSearch No disinfected C:\Program Files\czle7993\czle79931\czle79931.exe
Spyware:Spyware/ClearSearch No disinfected C:\Program Files\czle7993\fwrhiyjk.DLL
Spyware:Spyware/ClearSearch No disinfected C:\Program Files\czle7993\p01f1k3u.DLL
Spyware:Spyware/ClearSearch No disinfected C:\Program Files\czle7993\vxa1uh0f.DLL

Hijack This:
Logfile of HijackThis v1.99.1
Scan saved at 10:49:30 PM, on 8/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\system32\nlhrtmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\WINDOWS\system32\nbtsync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\interMute\SpamSubtract\SpamSub.exe
c:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\My Documents\hijack this\HijackThis.exe
C:\Documents and Settings\Owner\My Documents\hijack this\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.optonline.net/home
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {00000000-0000-4D8A-91F5-3DA5F324B3EA} - C:\Program Files\czle7993\czle7993.dll (file missing)
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [WinProfile] sndcfg16.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [363c17ob] C:\WINDOWS\system32\363c17ob.exe
O4 - HKLM\..\Run: [czle7993] C:\Program Files\czle7993\czle7993.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [oFrW3EW] nlhrtmgr.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [Zo06ROa7g] nbtsync.exe
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip....pGameLoader.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1121297632062
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/.../GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.web...otoUploader.CAB
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\NISUM.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Thanks

Go to Control Panel -> Add/Remove Programs and uninstall this program.

Media Gateway


Please download and install Cleanup 4.0, but don't run it yet.



Please make sure that you can VIEW ALL HIDDEN FILES.

Run Hijackthis again, click scan, and Put a checkmark next to each of these. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {00000000-0000-4D8A-91F5-3DA5F324B3EA} - C:\Program Files\czle7993\czle7993.dll (file missing)
O4 - HKLM\..\Run: [WinProfile] sndcfg16.exe
O4 - HKLM\..\Run: [363c17ob] C:\WINDOWS\system32\363c17ob.exe
O4 - HKLM\..\Run: [czle7993] C:\Program Files\czle7993\czle7993.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [oFrW3EW] nlhrtmgr.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O4 - HKCU\..\Run: [Zo06ROa7g] nbtsync.exe



Please reboot your computer in SafeMode by doing the following:

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
• Instead of Windows loading as normal, a menu should appear
• Select the first option, to run Windows in Safe Mode.

* if you have trouble getting into Safe mode go here for more info.

Once in Safe mode, delete these files or directories (Do not be concerned if they do not exist):

sndcfg16.exe
nlhrtmgr.exe
C:\WINDOWS\system32\nbtsync.exe
C:\WINDOWS\system32\363c17ob.exe
C:\WINDOWS\SYSTEM32\ide21201.vxd
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts.bho
C:\WINDOWS\INF\conscorr.inf
C:\WINDOWS\SYSTEM32\SahImages
C:\WINDOWS\iLookup
C:\Program Files\czle7993
C:\Program Files\Media Gateway
C:\Program Files\AutoUpdate
C:\Program Files\QuickSearch
C:\Program Files\SearchRelevant
C:\Program Files\Aprps



Run CleanUp. This will remove all of your temp files.


Reboot your computer to go back to normal mode and post a new log.

Logfile of HijackThis v1.99.1
Scan saved at 7:19:12 PM, on 8/2/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
c:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\wscntfy.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\interMute\SpamSubtract\SpamSub.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Documents and Settings\Owner\My Documents\hijack this\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.optonline.net/home
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\Aprps\cxtpls.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip....pGameLoader.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1121297632062
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/.../GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.web...otoUploader.CAB
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\NISUM.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Your log looks pretty good!

Fix this line with Hijackthis:

O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\Aprps\cxtpls.dll (file missing)


I recommend uninstalling SpyKiller. It is a rogue/suspect program and should not be used. More info can be found here.

http://www.spywarewa...nti-spyware.htm



Reboot and post a new hijackthis log.
Let me know how things are running on your end. Any problems?

Everything seems to be running smoothly, no more popups, Internet Explorer is working well!

Logfile of HijackThis v1.99.1
Scan saved at 11:14:52 PM, on 8/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\interMute\SpamSubtract\SpamSub.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Owner\My Documents\hijack this\HijackThis.exe
C:\Program Files\LimeWire\LimeWire.exe
c:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.optonline.net/home
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip....pGameLoader.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1121297632062
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/.../GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.web...otoUploader.CAB
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\NISUM.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Thanks

Your log is clean!

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

• Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point left over from what we have just cleaned.
  
  You can find instructions on how to enable and reenable system restore here:
  
  Managing Windows Millenium System Restore
  
  or
  
  Windows XP System Restore Guide
  
  Renable system restore with instructions from tutorial above
  
  
• Make your Internet Explorer more secure - This can be done by following these simple instructions:
  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
    
    • Change the Download signed ActiveX controls to Prompt
    • Change the Download unsigned ActiveX controls to Disable
    • Change the Initialize and script ActiveX controls not marked as safe to Disable
    • Change the Installation of desktop items to Prompt
    • Change the Launching programs and files in an IFRAME to Prompt
    • Change the Navigate sub-frames across different domains to Prompt
    • When all these settings have been made, click on the OK button.
    • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.
• Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.
  
  See this link for a listing of some online & their stand-alone antivirus programs:
  
  Virus, Spyware, and Malware Protection and Removal Resources
  
  
• Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  
  
• Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.
  
  For a tutorial on Firewalls and a listing of some available ones see the link below:
  
  Understanding and Using Firewalls
  
  
• Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  
  
• Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.
  
  A tutorial on installing & using this product can be found here:
  
  Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers
  
  
• Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.
  
  A tutorial on installing & using this product can be found here:
  
  Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer
  
  
• Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
  
  A tutorial on installing & using this product can be found here:
  
  Using SpywareBlaster to protect your computer from Spyware and Malware
  
  
• Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

Got it! Thank you so much!

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.