Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problem with win32.p2p [RESOLVED]

Started by hamik , Oct 08 2005 07:59 PM

  • This topic is locked This topic is locked

#1
hamik
Posted 08 October 2005 - 07:59 PM

hamik

    Member

  • Member
  • PipPip
  • 61 posts
Hi guys I know you guys have helping me in the past and I'am thankful.I have an essay dude on tuesday and i need to fix this problem as soon as possible so any help will be appreicatied.Well here is the problem I feel like my computer is using too much cpu and I cant open windows manager.Here is my log


Logfile of HijackThis v1.99.1
Scan saved at 1:40:34 PM, on 10/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\winupdates\winupdates.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\hamik\Desktop\New Folder (4)\HijackThis1991.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://copart.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [Win32] C:\Win32\dll\Win32k.exe -starthide C:\Win32\dll\Win32.exe -local
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\RunServices: [Registry Value Name] service.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [areslite] "C:\Program Files\Ares Lite Edition\AresLite.exe" -h
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_09\bin\npjpi142_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_09\bin\npjpi142_09.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) - http://download.akam...loadManager.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Lol I only posted one of these....

Edited by hamik, 09 October 2005 - 02:41 PM.

  • 0

Advertisements

#2
greyknight17
Posted 09 October 2005 - 11:21 AM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Please don't post duplicate topics. I closed them.

Where is the header information for the HijackThis log? Please post that information too.
  • 0

#3
greyknight17
Posted 10 October 2005 - 12:03 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Please download Ewido Security Suite at http://www.ewido.net/en/download/.

1. Install Ewido Security Suite.
2. When installing, under 'Additional Options' uncheck:
* Install background guard
* Install scan via context menu
3. Launch Ewido, there should be an icon on your desktop, double click it.
4. The program will now open to the main screen.
5. When you run Ewido for the first time, you will get a warning 'Database could not be found!'. Click OK. We will fix this in a moment.
6. You will need to update Ewido to the latest definition files.
* On the left hand side of the main screen click update.
* Then click on Start Update.
7. The update will start and a progress bar will show the updates being installed. The status bar at the bottom will display 'Update successful'.
8. Exit Ewido. DO NOT scan yet.

If you are having problems with the updater, you can go to http://www.ewido.net...wnload/updates/ to update manually.

Download CleanUp! http://cleanup.stevengould.org/ (Alternate Link if main link don't work - http://www.greyknigh...spy/CleanUp.exe ) and install it. Don't run it yet.

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.

CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp!. Run CleanUp! and click on the Options button. Uncheck 'Scan local drives for temporary files'. Also uncheck those two Newsgroup entries if you don't want to delete them. Click OK and then click on the CleanUp! button. Let it run. After it's done, choose Yes to logoff.

Now open Ewido and do a scan on your system.

* Click on scanner
* Click on Complete System Scan and the scan will begin.
* NOTE: During some scans with Ewido it is finding cases of false positives.
o You will need to step through the process of cleaning files one-by-one.
o If Ewido detects a file you KNOW to be legitimate, select none as the action.
o Do NOT select 'Perform action on all infections'
o If you are unsure of any entry found, select none for now as the action.
* Once the scan has completed, there will be a button located on the bottom of the screen named Save report
* Click Save report.
* Save the report .txt file to your desktop or a location where you can find it easily.

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

O4 - HKLM\..\Run: [Win32] C:\Win32\dll\Win32k.exe -starthide C:\Win32\dll\Win32.exe -local
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\RunServices: [Registry Value Name] service.exe
O4 - Startup: PowerReg Scheduler V3.exe

Locate and delete the following:

C:\Win32\dll\Win32k.exe
C:\Win32\dll\Win32.exe
C:\Program Files\winupdates\
service.exe - this should be in the c:\windows\ or c:\windows\system32\ folder (make sure it's service.exe without the s that you are deleting)

Restart your computer. Post the logs for HijackThis and Ewido. Can you tell me what else is in the C:\Win32\ folder? It looks very suspicious.
  • 0

#4
hamik
Posted 10 October 2005 - 04:47 PM

hamik

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts
Here is my Hijack this log
Logfile of HijackThis v1.99.1
Scan saved at 3:34:19 PM, on 10/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\hamik\Desktop\New Folder (4)\HijackThis1991.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7A1693A1-AFAF-4F1E-9B05-EEC38A85FBF3} - C:\WINDOWS\system32\qgcq0v.dll (file missing)
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [pz53axe.exe] C:\WINDOWS\System32\pz53axe.exe /k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [pz53axe.exe] C:\WINDOWS\System32\pz53axe.exe /k
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_09\bin\npjpi142_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_09\bin\npjpi142_09.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
This is my eidos log
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 3:29:38 PM, 10/10/2005
+ Report-Checksum: 75A07804

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{9F95F736-0F62-4214-A4B4-CAA6738D4C07} -> Spyware.SaveNow : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C285D18D-43A2-4AEF-83FB-BF280E660A97} -> Spyware.SaveNow : Cleaned with backup
HKLM\SOFTWARE\Classes\RunMSC.Loader\CLSID\\ -> Spyware.SaveNow : Cleaned with backup
HKLM\SOFTWARE\Classes\RunMSC.Loader.1\CLSID\\ -> Spyware.SaveNow : Cleaned with backup
C:\Documents and Settings\hamik\Complete\2 Flash Games.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\2Pac - Loyal to the.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\3D MP3 Sound Recorder 3.8.12.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\3D SexVilla 11.00.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\500 Albums In MP3 Format.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\65 Games.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\A History of Violence.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\A Static Lullaby - Faso Latido.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Absolute Video Converter 2.5.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\ACDSee 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\ACDSee PowerPack 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Acronis Privacy Expert Suite 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Acronis True Image 9.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ad Killer 5.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Adobe Acrobat Reader 7.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Adobe Audition 1.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Adobe Encore DVD 1.5 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Adobe Photoshop CS Classroom In A Book.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Adobe Photoshop CS2 9.0.zip/Setup.exe -> Worm.VB.an : Error during cleaning
C:\Documents and Settings\hamik\Complete\Advanced Uninstaller Pro 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ahead DVD Ripper 1.3.5 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ahead Nero 7.0 Premium.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Alawar Foxy Jumper.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Album Rammstein - Mein Teil.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Almeza MultiSet 1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Alternative to Real Player.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Amadis DVD Ripper Pro 1.0.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Amazon DVD Shrinker 2.4.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\American History X.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Amy Grant - Hearts in Motion.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Animals 1600 High Resolution Photogra.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Anime-exclusive.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\AnyDVD 4.1.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Apollo Audio DVD Creator 1.1.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Armin van Buuren - A State of Trance 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ashampoo PowerUp XP Platinum 2 2.20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ashampoo UnInstaller Suite Plus 1.32.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Atrise Everyfind 6.0.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\AutoPatcher XP September 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\avast! Professional Edition 4.6.691.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Axialis IconWorkshop 5.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Azureus 2.3.0.5 Beta 36.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Bandwith Monitor 2.8b605.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Benassi Bros - Phobia (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Best MIDI to MP3 1.3.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\BitTornado 0.3.9a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Black & White 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Black and Gray Icons.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Black And White 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Blank and Jones with Steve Kilbey - Re.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\BlazeDVD 3.5 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\BMP ICO Converter 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Bob Marley and the Wailers - Legend.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Boilsoft RM converter 3.21.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\BPS Spyware & Adware Remover 9.2.0.9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\BubbleDiff 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Burn and Go X.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\CAD2Shape 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Caligula.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\CDMenuPro 4.00.09.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Cerberus FTP Server 2.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Chameleon Clock 3.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Cheetah CD Burner 3.29.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\CherryOS 1.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Christina Aguilera- Christina Aguilera.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Cindy Lauper - A Night To Remember.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Classyvelvet (18).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Clock Tray Skins.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\CloneDVD 2.4.5.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Clothesfree - round the world.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Cool MP3 Converter 1.86.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Corel Designer 10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Cyber Trance pres. AYU Trance 2 (2002).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\CyberLink PowerDVD 6.0.0.2022.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Daft Punk - Technologic.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Dark Blue World.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\De-Phazz - Death By Chocolate.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\DivX Pro 6.09 Bundle.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\DJ HipHop.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\DJ Ti¸sto - PartyNight (538) Cable.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Dream Match Tennis 1.02.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\DVD X Studios CloneDVD 3.6.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\DVDIdle Pro 5.81.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\DVDInfoPro 4.32.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Dynamic Submission Enterprise 7.2.23.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\E-books 50 Fast Digital Camera Techn.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Easy Autorun Creator 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Easy DVD Clone 3.0.7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Easy FlashMaker 1.2.384.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Easy Resume Creator Pro 4.11.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Easy Video Capture 1.30.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Easy WaterMark 3.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\EasyFile Sharing Web Server 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Elecard MPEG Player 4.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\ELECTRONIC YOUTH 5 (BietaMegom.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Eminem 14 Videoclips.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Equilibrium.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Eric Prydz Live on Kiss100 FM - 04 Sep.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Error Doctor 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Essential Fonts for Designers.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\EssentialPIM pro 1.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Fahrenheit - Indigo Prophecy (Game).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\FairStars Audio Converter 1.52.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\FantasyDVD Player Professional 8.30.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Fate 1.21.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\FIFA 2005 DC-Patch 1.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\FIFA 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\FileMerlin 5.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Flanks 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Flash Decompiler 2.0.0.231.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Flash Web Design The Art Of Motion Gr.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\FlashFXP 3.4 Beta 3 (3.3.3 build 1100).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\FlashFXP 3.4 Beta 3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\FolderSizes 3.2.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\FTPRush 1.0.571.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\FXPansion Guru VSTi DXi RTAS 1.025.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Game Development with ActionScript.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\GetRight 5.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\GMail2 2.32.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Green Day - International Superhits.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\HDDLife Pro 2.5.74.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Hello Engines Pro 5.1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Hide IP Platinum 1.73.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\High Impact Email Pro 3.2.212.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\HippiePro 4.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Hot n Fresh.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Hot reality girl (18).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Internet ScreenSaver Builder 5.10.040901.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\InterVideo DVDCopy Platinum 3.0 B016.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Into the Blue.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\IpInterceptor 2.1.9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ipod agent 1.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ipodsoft podplus 1.0.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\ISO Commander 1.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Jaes pantyhose (18).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\K-Lite Mega Codec Pack 1.38.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Kanye West - The College Dropout.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Kaspersky Anti-Virus Personal 2006 6.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Kaspersky Anti-Virus Personal 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Kaspersky AntiVirus Personal 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Kenny G - Greatest Hits.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Kingdia DVD Ripper Professional 2.4.7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\KL Codec Pack 2.47.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Lavasoft Ad-Aware Pro 1.06.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Learn Microsoft Visual C++ 6.0 Now.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ligno3D Designer 3.40.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Linkin Park Reanimation.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\LinkLines 1.18.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\LinkLines 1.19.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\LiteMail 2.41.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Lord of War.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\M.I.K.E - LIVE @ Rotationz (TopRadio).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Macromedia Dreamweaver 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Macromedia Fireworks 8.0.0.777.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Maillist Duplicates Remover 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Make Easy Money with Google Using the.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Markus Schulz - LIVE @ Zerodb (m2o).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\McAfee Anti-Spyware Enterprise 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\MedianSoft Joiner-Converter 2.7.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\MegaLeecher 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Messenger Detect 1.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Mht Quick Saver 3.23.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Microsoft Office 2003 SP 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Microsoft Office Pro 2003 (5in1).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Microsoft Virtual Server 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Microsoft Windows Vista Beta 1 - 22082.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Microsoft Windows XP Tools 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Midi for Mobiles.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\MindSoft Utilities XP 9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\MOBILedit! 1.98.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Modest Mouse - Live, 2000.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\MonitorIT 7.0.21.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Moscow Speed Project - Home party edit.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Motorhead - Hammered.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Movie DVD Maker 1.3.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\MrBills 2.1.02.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\MT Gamez.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\MT Programms.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\NBA Live 06.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\NBA LIVE 2006 ONLY 4 PARTS TO.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Nero 7 Premium.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Nero 7 Ultra Edition (Origional one).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Nero 7 Ultra.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Nero 7.0 Ultra.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Net Monitor for Employees Pro 2.21.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Netobjects Fusion 8.00.5030.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Network LookOut Administrator 1.6.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\News Rover 11.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Newsbin 5.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Newsleecher 2.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\No1 DVD Audio Ripper 1.0.47.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Nokia 6230 - 72 Games.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Norton AntiVirus 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Norton Ghost 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Norton internet security 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Norton PartitionMagic 8.05.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\nVidia ForceWare 81.84 Graphics Driver.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\One Cat File Manager 2.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\One Click CD DVD Writer 1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Online TV Player 2.8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Open Dir - 9 Albums.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Outlook Express Attachment Ex.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Panda Platinum Internet Security 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\PC Repair v 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Perfect Ace 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Perfect Keylogger 1.6.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Photodex ProShow Producer Version 2.51.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\PhotoDVD 2.013.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Photoshop Restoration & Retouching.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Pinnacle Studio Plus 9.4.3.56.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Planet Funk - Non Zero Sumness.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\PlotVision 6.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Pocket Controller Professiona.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Popup Ad Stopper 9.80.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Powerful Audio Tool 1.03.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Premium Clock 2.30.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Privacy Eraser Pro 4.02.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\R-Wipe and Clean 5.5.1181.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\RAM Saver Pro 4.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Real Spy Monitor 2.39.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\RealPlayer 10.5 Gold.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Reasonable Software House NoC.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Recover My Files 3.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\RegDoctor 1.41.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\ReGet Junior 2.2.190.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Reggae - Alpha Blondy 17 Songs.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Registry Mechanic 5.0.0.136.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Registry Rescue 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Reohix Customer Backup 1.10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\River Past Cam Do Webmaster Edition 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Roger Waters - Flickering Flame.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Rome Total War - Barbarian Invasion.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Saeta Del Ruiseñor (Joselito).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\ScreenSwift 3.00 for Flash.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Sean Paul - Dutty Rock.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\SearchMaestro 1.1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Selteco Flash Designer 5.0.21.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Serenity.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Serious Sam II Demo.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Serv-U 5.2.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\ShadowUser Professional 2.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Shall We Dance.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Shiloh & Chable - October 2005 Mix (20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\ShopFactory Devloper 5.8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Shrek 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Sigur Ros - Von.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Simple Red - Greatest Hits.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Smart HTTP Debugger 1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\SmartFTP 1.5.990.13.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Snappy Invoice System 4.12.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\SolSuite 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Sorenson Squeeze Compression Suite 4.2.301.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\SpeedUpMyPC 2.04.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Spinto Band - Nice and Nicely Done.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\SpyRemover 2.43.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Spyware Doctor 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Spyware Doctor 3.2.1.359.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Steganos Internet Anonym Pro 7.1.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Stephen King - It.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Steve Vai - Fire Garden.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Style XP 2.16.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Super DVD Creator 8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Surprise Maker 3.3.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Symantec Norton AntiVirus 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Symantec Norton Ghost 9.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Symantec Norton GoBack 4.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\SysImage HTML2Image 1.5.1.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\system of a dawn- system of a down.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\System of a Down - Mesmerize.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\The 40 Year Old Virgin (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\The Blade Runner.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\The DarknesS.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\The Exorcism of Emily Rose.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\The Offspring - Greatest Hits (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\The Sims 2 Nightlife.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\The Sims 8-In-1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\The Used - In Love and Death.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\The White Stripes - Get Behind Me Sata.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\TMPGEnc 2.512.52.161 Plus.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Today You Die.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\TRACE POINT 2005 Vol. 1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Trial-Reset 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Trillian Pro 3.1.0.121.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Trillian Pro 3.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\TurboCAD Pro 11.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\TweakNow PowerPack 2005 Pro 1.6.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\UHARCGUI 3.06 Beta-3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ulead MediaStudio Pro 8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ulead Video Studio 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Ultra MPEG To DVD Burner 1.3.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Unlocker 1.7.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\VA - Anjunabeats Vol. 2 (Mixed by Abov.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\VA - Ibiza Closing Party (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\VA - Madhouse 12 (2CD - 2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\VA - Sonic Vol. 6 (Mixed by DJ Koris).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Visual Zip Password Recovery 6.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\VMware Workstation 4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\VueScan Professional Edition 8.3.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Wake of Death.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Way Out West - Intensify.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Web Builder Deluxe 2.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Web Cache Illuminator 4.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WebSeeker 5.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WhosOn Pro 3.4.142.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WinAmp 5.094 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Winamp 5.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Winamp Pro 5.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WinCHM 2.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Windows Update Fix.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Windows XP 64-bit pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WinDVD Platinum 7.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WinHex 12.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WinShadow 2.0.2.202.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WinTools.net Pro 6.3.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WinZip 10.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WinZip Pro 10.0 Beta 6604.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WordOMatic 1.1.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\WWW2Image 1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\XAMPP 1.4.16.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Xerox & Illumination - XI.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\XoftSpy 3.44.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\XPCSpy Pro 2.54.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Zealot All Video to VCD DVD Creator and Burner 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Zealot AVI to VCD DVD Converter 2.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Zealot AVI to VCD DVD Converter.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Zealot Photo to VCD DVD Converter.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Zealot RM to VCD DVD Converter2.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Zealot WMV to VCD DVD Converter17.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\ZoneAlarm Wireless Security 5.5.080.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Complete\Äåíü ́åđ̣âåöîâ 2 Day of the Dead 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][1].txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][2].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][2].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][2].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\[email protected][2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\hamik\Desktop\New Folder (4)\backups\backup-20051009-204626-290.dll -> Trojan.Kolweb.d : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temp\atiupdate.exe -> TrojanDownloader.Delf.go : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temp\ptf_0006.exe -> Spyware.Pacer : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temp\ptf_0016.exe -> Spyware.Pacer : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\06Q2K5FP\joysaver[1].cab/mm81.ocx -> TrojanDownloader.VB.ov : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[10].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[11].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[12].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[13].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[14].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[15].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[16].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[17].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[18].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[19].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[1].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[20].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[21].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[22].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[23].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[24].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[25].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[26].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[27].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[28].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[29].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[2].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[30].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[31].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[32].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[33].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[34].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[35].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[36].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[37].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[38].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[39].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[3].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[40].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[41].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\hamik\Local Settings\Temporary Internet Files\Content.IE5\4TI123ML\mm[42].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings&
  • 0

#5
greyknight17
Posted 10 October 2005 - 06:08 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Go to My Computer->Tools (or View)->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders (it's Show all files for Windows 98).
* Uncheck the Hide protected operating system files (recommended) option.
* Click Yes to confirm and then click OK.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Make sure you downloaded, installed, updated and ran these programs (run in Safe Mode) already - Ad-aware, Spybot and Ewido (only if you have Windows 2000 or XP). If you didn't, do them now. For more information, go to http://www.greyknigh...com/spyware.htm

Unless you have important files in this folder, get rid of it NOW:

C:\Documents and Settings\hamik\Complete\

It's fully infected with files and I see some that are still there.

Make sure to close any open browsers. Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
O2 - BHO: (no name) - {7A1693A1-AFAF-4F1E-9B05-EEC38A85FBF3} - C:\WINDOWS\system32\qgcq0v.dll (file missing)
O4 - HKLM\..\RunOnce: [pz53axe.exe] C:\WINDOWS\System32\pz53axe.exe /k
O4 - HKCU\..\RunOnce: [pz53axe.exe] C:\WINDOWS\System32\pz53axe.exe /k

Run a new Ewido scan and save the report.

Download KillBox http://www.greyknigh...spy/KillBox.exe. Run KillBox and check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'. Copy the below files and go back to KillBox. Go to File->Paste from Clipboard and then hit the button with a red circle and white X. Confirm to delete and when asked if you want to reboot, say Yes:

C:\WINDOWS\system32\qgcq0v.dll
C:\WINDOWS\System32\pz53axe.exe

If you get a PendingOperations message, just close it and restart your computer manually.

Restart and run a new HijackThis scan. Save the log file and post it here along with the Ewido report.
  • 0

#6
hamik
Posted 11 October 2005 - 05:06 PM

hamik

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts
Logfile of HijackThis v1.99.1
Scan saved at 4:05:11 PM, on 10/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\hamik\Desktop\New Folder (4)\HijackThis1991.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_09\bin\npjpi142_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_09\bin\npjpi142_09.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe


---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 7:15:58 PM, 10/10/2005
+ Report-Checksum: 3BA5ECA0

+ Scan result:

C:\Documents and Settings\hamik\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\hamik\Cookies\hamik@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\hamik\Desktop\New Folder (4)\backups\backup-20051010-180322-222.dll -> Trojan.Kolweb.d : Cleaned with backup
C:\WINDOWS\system32\qgcq0v.dll -> Trojan.Kolweb.d : Cleaned with backup


::Report End
  • 0

#7
greyknight17
Posted 12 October 2005 - 08:44 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Good job :tazz:

Your log is clean.

To help prevent future spyware installations/infections, please read the Anti-Spyware Tutorial and use the tools provided.

Are there any problems now? If not, you should be set to go.
  • 0

#8
greyknight17
Posted 26 October 2005 - 04:13 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP