Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cannot open regedit

Started by silky71 , Jan 08 2007 10:27 PM

  • This topic is locked This topic is locked

#1
silky71
Posted 08 January 2007 - 10:27 PM

silky71

    New Member

  • Member
  • Pip
  • 5 posts
Attached File  hijackthis_log.txt   9.69KB   185 downloadsHi, I have just registered and need help badly.
I cannot open regedit or regedit.exe or cmd or taskmanager.

My Bearshare keeps opening every minute when i have closed it.

At the computer startup i have a b.exe error.

And a upate.exe error

Sorry i cannot remember what all the messages say exactly.

I have xp pro and norton 2006 internet security.

I have done the Hijack this log but am not sure how to post it.I will use as an attachment)

Thankyou in advance
  • 0

Advertisements

#2
miekiemoes
Posted 09 January 2007 - 10:07 AM

miekiemoes

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 5,503 posts
  • MVP
Hi,

Please don't attach the Hijackthislog, but copy and paste it in the thread instead.

Perform next steps in the right order..

* Download Brute Force Uninstaller.
Unzip it to a folder of it’s own (c:\BFU).
Read here how to unzip/extract properly:
http://metallica.gee...xplanation.html
Start the Brute Force Uninstaller by doubleclicking BFU.exe

Next to the 'scriptfile to execute'-window you'll see a little icon as shown in next picture: Posted Image
When you click that icon, a little window will open that says: 'Please enter the full URL to the sript you want to execute'
In the field, copy and paste next URL:

http://metallica.geekstogo.com/alcanshorty.bfu

Click Ok.
Then click execute in Brute Force Uninstaller.

Extra note:
If nothing happens after pressing the Execute button, this means that the script didn't download. In that case, download the script
( alcanshorty.bfu ) manually from above url ( rightclick on it and choose 'save as' and save it in your BFU-folder). Then start BFU.exe again and click the browse button next to the 'scriptfile to execute'-window
Browse to the script you downloaded and Click Ok and Execute in Brute Force Uninstaller.

Wait for the complete script execution box to popup and press OK.
Press exit to terminate the BFU program.

----------------------------

Please download, install, and update AVG Anti-Spyware
  • Load AVG Anti-Spyware and then click the Update tab at the top. Under Manual Update click Start update.
  • After the update finishes (the status bar at the bottom will display "Update successful")
  • Then click on the Scanner tab at the top. Click the "Settings" tab and then change the recommended action to Quarantine and click Automatically generate report after every scan. Click back to the "Scan" tab and then click on Complete System Scan. This scan can take quite a while to run, so be prepared.
  • AVG Anti-Spyware will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. AVG Anti-Spyware will display "All actions have been applied" on the right hand side.
  • Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).
  • Close AVG Anti-Spyware and reboot!!
    I need the log later.
-------------------------

Post next logs in your following reply:
  • Log from AVG Antispyware (in case when it's too long, attach it)
  • New HijackThislog
You may need several replies to post the logs in case they won't fit in one reply.
  • 0

#3
silky71
Posted 10 January 2007 - 05:45 AM

silky71

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Thankyou so much. All my programs are working fine at the moment i shall scan and then reboot and send a Log file.
  • 0

#4
miekiemoes
Posted 10 January 2007 - 05:56 AM

miekiemoes

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 5,503 posts
  • MVP
Ok, I'll read your reply later.
  • 0

#5
silky71
Posted 10 January 2007 - 06:46 AM

silky71

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Logfile of HijackThis v1.99.1
Scan saved at 11:32:29 PM, on 10/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 7300 Series\lxcimon.exe
C:\Program Files\Lexmark 7300 Series\ezprint.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3F2.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\lxcicoms.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Documents and Settings\Jr and Lr\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yoby.net/sb/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.news.com.au/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [EPSON Stylus Photo R310 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3F2.EXE /P30 "EPSON Stylus Photo R310 Series" /O6 "USB002" /M "Stylus Photo R310"
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7300 Series\ezprint.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [LXCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus Photo R310 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3F2.EXE /P30 "EPSON Stylus Photo R310 Series" /M "Stylus Photo R310" /EF "HKCU"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Movies Extractor Scout - {C036A1A2-41F7-41ED-BA76-CD354F160592} - C:\Program Files\Movies Extractor Scout\flashextract.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall....ivex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1165218766421
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxci_device - - C:\WINDOWS\system32\lxcicoms.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:28:33 PM 10/01/2007

+ Scan result:



C:\Program Files\Video ActiveX Object -> Adware.Generic : Cleaned with backup (quarantined).
C:\Program Files\Common Files\{0893905D-0BB8-1033-0502-06043002003d}\Update.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Jessica Shared\pony luv\install.exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\0day mp3s, full quality albums.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\0day mp3s, quality albums.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\18 Wheels Of Steel Pedal To The Metal Download.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\18 Wheels of Steel Convoy Unlocker.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\ACDSee v8.0.39.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\AV Voice Changer Software Diamond v4.0.50.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\AVG v7.0.280.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Active UNDELETE v5.1.010.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Adobe Acrobat v8.0 Professional.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Adobe Photoshop CS2 Tryout to Full Activation.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Adobe Photoshop CS2 v9.0.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Advanced Office Password Recovery v3.03 PRO.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Ahead Nero v7.5.9.0A.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Aone AVI DivX to DVD SVCD VCD Converter v2.1.6-PirateK.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Apex Movie Converter v3.23.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Araxis Merge v6.5.2318 Professional.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\ArtCursors v5.10-BRD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Battlefield 2 Mini Image.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Battlefield 2 NOCD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Battlefield Vietnam NOCD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Bookworm Adventures Deluxe v1.0-DELiGHT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Brothers In Arms Earned In Blood UNLOCKER-UNBAiSEDGOATS.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Brothers in Arms Road to Hill 30 FiXED CHEATS.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Call of Duty 2.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Call of Duty United Offensive Minimizer.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Call of Juarez NODVD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Chili FTP v1.1.0.18.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Colin McRae Rally 2005 Crash Fix-IND.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Colin McRae Rally 2005 Crash Fix.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Commandos 3 Destination Berlin ALL ACCESS CHEATDOX.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Digital Media Converter 2.72 CRKEXE-FFF.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Diner Dash Flo On The Go v1.0.0.119 GAME.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Doom 3 and Doom 3 Resurrection of Evil v1.3 KeyCheck.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Dungeons And Dragons Dragonshard.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\ESET NOD32 v2.70.232K3XP-FYN.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Easy File Sharing Web Server v3.0.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\ElcomSoft Advanced Archive Password Recovery ARCHPR v3.01.7-POPUP.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\ErrorSafe v1.1.44.0.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\F E A R NODVD CRACK.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\FIFA 07 UNLOCKER-Unleashed.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Fifa 2005 Unlocker.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Frankie Dettori Racing Melbourne Cup Challenge Unlocker-TNT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Futuremark 3DMark06 Professional v1.1.0.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\GData AntiVirusKit 2006-YYePG.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\GetRight Professional 6.1-FYN.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Gold Miner Vegas v1.12 Unlocker-TNT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Google Earth Pro 3.0beta-VOORHEES.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Grand Theft Auto San Andreas NOCD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\HDDlife Pro v2.9.109.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\HP Infotech CodeVisionAVR v1.24.6 Pro.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Half Life 2 OFFLINE ACTIVATION PATCH-oWNAGE.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Half Life 2 OFFLINE ACTIVATION PATCH.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Hard Truck 18 Wheels of Steel Cheats-ECU.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Harry Potter And The Goblet Of Fire v1.0 [MULTI] No-DVD Fixed EXE.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Ilium Software eWallet v5.0.0.20558UCT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Kaspersky Anti Virus Personal 5.0.388-TWK.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Kaspersky Anti Virus Personal 5.0.388.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Kaspersky Anti-Virus 6.0.1.411 not blacklisted key.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Kaspersky Anti-Virus v6.0.0.303.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Kaspersky Anti-Virus v6.0.1.411.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Kaspersky Internet Security v6.0.0.300 WIN German-RHI.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Kaspersky Internet Security v6.0.0.300.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Luxor 2 v2.0.6.15 PLUS 10 TRAINER-Unleashed.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\MOTO GP Ultimate Racing Technology Unlocker.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\MOVAVI ConvertMovie v4.4 Bilingual.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Microsoft Office 2007 Enterprise-MiCROSOFT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Microsoft Windows Vista Activation Timer Stop-offlinevista.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Microsoft Windows Vista FINAL.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Mobile Ringtone Converter v2.3.11-TE.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Mst defrag home edition 1.8.30.58.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\NEED FOR SPEED MOST WANTED CDKEY-2RENTZWH0REZ.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\NEED FOR SPEED MOST WANTED.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\NEED FOR SPEED Most Wanted [MULTI] No-DVD Fixed Image.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Need For Speed Carbon ALL ACCESS CHEAT-ReVOLVeR.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Need For Speed Carbon ALL ACCESS CHEAT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Need for Speed Carbon Collectors Edition PLUS 16 TRAINERDOX.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Need for Speed Underground 2 NOCD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\NewsLeecher v3.0 Final..Incl CRACK-RESURRECTiON.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\NewsLeecher v3.7 FINAL.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Nikon Capture v4.0.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Norton Ghost v10.0.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\PPT2DVD v2.5.2.128.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\PaperCut Quota v5.2.570.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Passware Access Password Recovery Key v6.5.918.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\PolderbitS Sound Recorder And Editor v4.0.90.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Prince Of Persia 2 Warrior Within NoDISC-MiNT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Prince Of Persia 2 Warrior Within NoDISC.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Pro Evolution Soccer 5.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\QUAKE 4 DVD CRACK.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\QUAKE 4 NOCDKEY.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Quake 4 KEYCHECK FiXED-SKULL.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\RA Tiks Texas Hold Em v1.0.0.1.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Rarlab WinRAR v3.62 DOSRAR.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\RegCure v1.0.0.43.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Registry Mechanic 6.0.0.750 CRKEXE-FFF.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Ricochet Lost Worlds Recharged v1.1.29 ALL ACCESS CHEAT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Sd4hide SafeDisc 4 Hider 1.0-SKULL.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Second Sight Unlocker Complete.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Security Task Manager 1.6c.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Security Task Manager v1.6f.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Sid Meiers Pirates.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Skyshape MP3 Resizer v1.0.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\SlySoft AnyDVD v6.0.9.5-FYN.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\SlySoft CloneDVD v2.7.5.1.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\SlySoft CloneDVD v2.9.0.3 KeyMaker.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\SolSuite 2007 v7.0-BRD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Splinter Cell Pandora Tomorrow NOCD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Spyware Doctor v3.1.0.312.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Star Wars Battlefront 2.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Star Wars Empire at War Launcher NoCD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Super Video Cap v4.0.300.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\System Mechanic Professional v7.0.3-FYN.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\TOCA RACE DRIVER 3 NODVD CRACK-MORESMELLYTNTANUSFARTS.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\TROPICO 2 V1.2 PLUS 6 TRAINER.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\The Lord of the Rings The Battle for Middle-Earth Plus 8 Trainer-HOODLUM.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\The Lord of the Rings The Battle for Middle-earth-VENGEANCE.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\The Sims 2.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Trackmania Sunrise Extreme.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Tricked n Tuned West Coast Streets Unlocker RIP-TNT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\TrojanHunter v4.1 Build 903.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Ulead VideoStudio v9.0.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\VMware Workstation v5.0.0.13124-ZWT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Vampire The Masquerade Bloodlines v1.2 NoCD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\WinRAR v3.51.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\WinRAR v3.62.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\XP Repair Pro v2.4.1.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Xilisoft 3GP Video Converter v2.1.55.1025b.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\XoftSpy v4.21.134-CRD.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\Zuma Deluxe ALL ACCESS CHEAT.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Desktop\Bearshare Downloads\_\n999tn999tn999tn999t.rar/Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\RECYCLER\NPROTECT\00001238.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\RECYCLER\S-1-5-21-2052111302-152049171-682003330-500\Dc8.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{42C8FC2A-E241-4398-8CCE-368D4D6696FC}\RP1\A0000007.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{42C8FC2A-E241-4398-8CCE-368D4D6696FC}\RP1\A0002973.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{42C8FC2A-E241-4398-8CCE-368D4D6696FC}\RP2\A0003078.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{42C8FC2A-E241-4398-8CCE-368D4D6696FC}\RP2\A0003583.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{42C8FC2A-E241-4398-8CCE-368D4D6696FC}\RP2\A0003815.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\WINDOWS\Setup.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\WINDOWS\pss\msconfig.exeCommon Startup -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\b.exe -> Backdoor.IRCBot.qc : Cleaned with backup (quarantined).
C:\Documents and Settings\Jr and Lr\Cookies\jr and [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Jr and Lr\Cookies\jr and lr@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Jr and Lr\Cookies\jr and lr@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Jr and Lr\Cookies\jr and [email protected][1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Jr and Lr\Cookies\jr and lr@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Jr and Lr\Cookies\jr and lr@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Jr and Lr\Cookies\jr and lr@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Jr and Lr\Cookies\jr and lr@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Jr and Lr\Cookies\jr and lr@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Jr and Lr\Cookies\jr and lr@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.


::Report end
  • 0

#6
miekiemoes
Posted 10 January 2007 - 07:15 AM

miekiemoes

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 5,503 posts
  • MVP
Clean logs again. How are things running now?
  • 0

#7
silky71
Posted 10 January 2007 - 10:17 PM

silky71

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
I am soooooo grateful.

My computer is just fine and fast.

One more slight problem though.

I updated from IE6 to IE7 from Microsoft.
I had some problems later (cannot remember what they were)

I uninstalled IE7 from Add remove programs.

I also did a repair on Windows using CD

Now when I click the desktop icon from IE6 it creates a shortcut instead.

I can only get to the web page by using the quicklaunch or startmenu icon.

Scare to put IE7 back in. Incase it causes more problems ( I do prefer the IE7 )

Sorry if too long.
  • 0

#8
miekiemoes
Posted 11 January 2007 - 12:10 AM

miekiemoes

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 5,503 posts
  • MVP
Hi,

Drag the icon from the start menu to your desktop and see if that solved it.

As a sidenote, when you install IE7 and you are having problems with it.. NEVER use the Windows cd to repair it. You have to uninstall IE7 and then use the Windows cd.
Because that will make your IE corrupt. Also read here:
http://support.microsoft.com/kb/917964 (it is talking about a Windows repair install there, but it's the same for the repair of IE using the cd)

Another note... when installing IE7, it's a good idea to turn off your Norton and other realtime scanners, because some realtime may block some changes during install.
Read here how to properly install IE7:
http://www.ie-vista....tml#pre-install

Or it may be a good idea to use the Firefox browser instead.

Please read my Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.

Happy Surfing again!
  • 0

#9
silky71
Posted 11 January 2007 - 12:54 AM

silky71

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Thankyou
  • 0

#10
miekiemoes
Posted 11 January 2007 - 06:31 AM

miekiemoes

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 5,503 posts
  • MVP
You're welcome :whistling:
  • 0

#11
miekiemoes
Posted 19 January 2007 - 08:00 AM

miekiemoes

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 5,503 posts
  • MVP
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :whistling:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP