Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Worm.Win32.NetBooster Removal


  • Please log in to reply

#1
MotherHen

MotherHen

    New Member

  • Member
  • Pip
  • 1 posts
Hi I am a little frustrated have been doing this for more than 3 days.

First computer downloaded XPAntivirus so I downloaded smitRem and FixXPAV to get rid of it and then the popups said that I had Worm.Win32.NetBooster so I downloaded SmitfraudFix and did a Panda Active Scan then that did not help so I found you, thank god!!!!!!!!. I downloaded all the following like you suggested;

ATF - Cleaner, AGV ANti-Spyware (No Reports were Available), Super AntiSpyware, AVG Antivirus and I deleted my Norton Antivirus is was not updated!

I still have a notice on my wallpaper saying that I have Spyware Threat and it has been detected on my PC and my computer has several fatal errors due to spyware activity and click here to download.(I did not click there) So far I am not getting anymore automatic connections to internet sites or popups.

Here are the results from my scans and I hope I did everything correct. I took my time and could you please analyse and get back to me.

;*******************************************************************************
********************************************************************************
*
*******************
ANALYSIS: 2008-04-01 18:25:06
PROTECTIONS: 1
MALWARE: 35
SUSPECTS: 3
;*******************************************************************************
********************************************************************************
*
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
================================================================================
=
===================
Norton AntiVirus 2005 2005 Yes No
;===============================================================================
================================================================================
=
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
================================================================================
=
===================
00040467 adware/elitebar Adware No 1 Yes No hkey_classes_root\clsid\{0b682cc1-fb40-4006-a5dd-99edd3c9095d}
00040467 adware/elitebar Adware No 1 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{0B682CC1-FB40-4006-A5DD-99EDD3C9095D}
00046190 adware/slagent Adware No 0 Yes No c:\windows\mslagent
00101314 adware/intdel Adware No 0 Yes No c:\program files\inet delivery
00132710 dialer.xd Dialers No 0 Yes No hkey_classes_root\clsid\{54645654-2225-4455-44a1-9f4543d34545}
00132710 dialer.xd Dialers No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{54645654-2225-4455-44A1-9F4543D34545}
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.casalemedia.com/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.atdmt.com/]
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{D23EFF2A-BFEF-46A5-8364-D064E372DF2B}\RP1\A0001031.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Owner\Desktop\smitRem\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Owner\Desktop\SmitfraudFix\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Owner\Desktop\smitRem.exe[smitRem/Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{D23EFF2A-BFEF-46A5-8364-D064E372DF2B}\RP1\A0007136.exe
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.mediaplex.com/]
00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.findwhat.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ad.yieldmanager.com/]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.server.iad.liveperson.net/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.advertising.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.statse.webtrendslive.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ads.pointroll.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.questionmarket.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.zedo.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.adrevolver.com/]
00375171 Application/SweetBar HackTools Yes 0 Yes No C:\PROGRAM FILES\MACROGAMING\SWEETIMBARFORIE\TOOLBAR.DLL
00517584 Application/SuperFast HackTools No 0 Yes No C:\Documents and Settings\Owner\Desktop\SmitfraudFix\restart.exe
00522961 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms03011.jar-fc9eb36-4d7e1bcd.zip[MagicApplet.class]
00522968 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms03011.jar-fc9eb36-4d7e1bcd.zip[OwnClassLoader.class]
00527204 Application/PRScheduler HackTools No 0 Yes No C:\DOCUMENTS AND SETTINGS\OWNER\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER V3.EXE
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Documents and Settings\Owner\Desktop\SmitfraudFix\Reboot.exe
02649861 Application/007Spy HackTools No 0 Yes No C:\Documents and Settings\Owner\My Documents\My Received Files\JOHNY.zip[picture_003.jpeg-www.myspace.com]
02887531 Cookie/UltimateCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ucleaner.com/]
02887531 Cookie/UltimateCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.ucleaner.com/]
02887531 Cookie/UltimateCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
02907934 Trj/Downloader.TAV Virus/Trojan Yes 1 Yes No C:\WINDOWS\INSTALLER\{E69BCDD2-E744-4525-9F3A-77ECF3CE7EF9}\KERNELRAM.DLL
02908396 Trj/Downloader.TCA Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{D23EFF2A-BFEF-46A5-8364-D064E372DF2B}\RP1\A0007127.exe
02908461 Trj/Downloader.TCC Virus/Trojan Yes 1 Yes No C:\WINDOWS\INSTALLER\{7EF5960B-157F-4853-BDE7-2191D8D3C757}\ZIP.DLL
02909579 Adware/MalWarrior Adware No 0 Yes No C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\[email protected]\Sharing Folders\setup504.exe
02909975 Cookie/CookingLuck TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.cookingluck.com/]
02909975 Cookie/CookingLuck TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
02909975 Cookie/CookingLuck TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ccsi7ilj.default\cookies.txt[.cookingluck.com/]
02910394 Trj/Downloader.TEE Virus/Trojan No 0 Yes No C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\[email protected]\Sharing Folders\MediaTubeCodec.exe
;===============================================================================
================================================================================
=
===================
SUSPECTS
Sent Location 
;===============================================================================
================================================================================
=
===================
No C:\WINDOWS\DWNRPOFK.DLL 
No C:\WINDOWS\QVDNTLMW.DLL 
No C:\WINDOWS\VBGTORFD.DLL 
;===============================================================================
================================================================================
=
===================
VULNERABILITIES
Id Severity Description 
;===============================================================================
================================================================================
=
===================
;===============================================================================
================================================================================
=
===================

SUPERAntiSpyware Scan Log
Generated 04/02/2008 at 02:05 PM

Application Version : 3.6.1000

Core Rules Database Version : 3429
Trace Rules Database Version: 1421

Scan type : Complete Scan
Total Scan Time : 01:50:31

Memory items scanned : 453
Memory threats detected : 3
Registry items scanned : 7130
Registry threats detected : 43
File items scanned : 70433
File threats detected : 38

Trojan.Net-VBG/NMC
C:\WINDOWS\VBGTORFD.DLL
C:\WINDOWS\VBGTORFD.DLL
C:\WINDOWS\DWNRPOFK.DLL
C:\WINDOWS\DWNRPOFK.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#vbgtorfd [ {9976CBAE-2CFE-4B1C-B166-96BB6C96E555} ]
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#dwnrpofk [ {E82DC4C1-9610-4E5D-933D-E4597362E873} ]

Adware.MyWebSearch
C:\PROGRA~1\MYWEBS~1\BAR\1.BIN\MWSOEMON.EXE
C:\PROGRA~1\MYWEBS~1\BAR\1.BIN\MWSOEMON.EXE
[MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\BAR\1.BIN\MWSOEMON.EXE
[MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\BAR\1.BIN\MWSOEMON.EXE
HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\Programmable
C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL
HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\Programmable
HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL
HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKU\S-1-5-21-2718465504-1255917797-3323029599-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKU\S-1-5-21-2718465504-1255917797-3323029599-1003\Software\Microsoft\Internet Explorer\URLSearchHooks#{00A6FAF6-072E-44cf-8957-5838F569A31D}
C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSOEMON.EXE
C:\WINDOWS\Prefetch\MWSOEMON.EXE-22AAA5A1.pf

Unclassified.Unknown Origin
HKLM\Software\Classes\CLSID\{0656A137-B161-CADD-9777-E37A75727E78}
HKU\S-1-5-21-2718465504-1255917797-3323029599-1003\Software\Classes\CLSID\{0656A137-B161-CADD-9777-E37A75727E78}
HKCR\CLSID\{0656A137-B161-CADD-9777-E37A75727E78}
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#zip [ {7ef5960b-157f-4853-bde7-2191d8d3c757} ]

Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner\Cookies\[email protected][3].txt
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner\Cookies\[email protected][3].txt
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner\Cookies\[email protected][3].txt
C:\Documents and Settings\Owner\Cookies\[email protected][3].txt
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner\Cookies\[email protected][4].txt
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner\Cookies\[email protected][5].txt
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Adware.Casino Games (Golden Palace Casino)
HKU\S-1-5-21-2718465504-1255917797-3323029599-1003\Software\Golden Palace Casino PT

Browser Hijacker.Internet Explorer Settings Hijack
HKU\S-1-5-21-2718465504-1255917797-3323029599-1003\Software\Microsoft\Internet Explorer\Main#Start Page [ http://softwarerefer...=...6Ojg5&lid=2 ]

Desktop Hijacker.AboutYourPrivacy
C:\Documents and Settings\Owner\Desktop\Error Cleaner.url
C:\Documents and Settings\Owner\Desktop\Privacy Protector.url
C:\Documents and Settings\Owner\Desktop\Spyware&Malware Protection.url
C:\Documents and Settings\Owner\Favorites\Error Cleaner.url
C:\Documents and Settings\Owner\Favorites\Privacy Protector.url
C:\Documents and Settings\Owner\Favorites\Spyware&Malware Protection.url

Rogue.XP AntiVirus
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\XP Antivirus 2008.lnk

Rogue.SpywareIsolator
HKU\S-1-5-21-2718465504-1255917797-3323029599-1003\Software\spinstall

Rogue.MalWarrior
HKLM\Software\Adsl Software Limited
HKLM\Software\Adsl Software Limited\Installer
HKLM\Software\Adsl Software Limited\Installer#InstallDate
HKLM\Software\Adsl Software Limited\Installer#RegDate
HKLM\Software\Adsl Software Limited\Installer#Flag
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#InstallMalwarrior [ C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\HO7H5GVM\setup504[1].exe ]

Rogue.MalWarrior-Installer
C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\MESSENGER\[email protected]\SHARING FOLDERS\SETUP504.EXE

InternetDelivery
C:\PROGRAM FILES\INET DELIVERY\INTDEL.EXE

Trojan.Unclassified/GTS
C:\WINDOWS\QVDNTLMW.DLL

Sorry I had to add this;



Please can you advise me what to do, greatly appreciated!!!!!!!!!

Thank you and I like your site.

Edited by MotherHen, 03 April 2008 - 03:43 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP