Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please help...browser is corrupted, etc.

Started by nicollej30 , Jul 04 2005 08:06 PM

  • Please log in to reply

#16
nicollej30
Posted 06 July 2005 - 10:36 PM

nicollej30

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hi there -

Here are the reports you requested that I do and then send to you...(again, thanks for all of your help on this...you are really great!) :tazz: . Nicolle

Ewido:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 9:51:26 PM, 7/6/2005
+ Report-Checksum: 6074F97B

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} -> Spyware.NetNucleus : Cleaned with backup
HKLM\SOFTWARE\Mvu -> Spyware.Delfin : Cleaned with backup
C:\!Submit\MediaTicketsInstaller.ocx -> Spyware.MediaTickets : Cleaned with backup
C:\!Submit\optimize7.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
C:\!Submit\site.ocx -> TrojanDownloader.Agent.ex : Cleaned with backup
C:\!Submit\SSK3_B5.exe -> TrojanDropper.Small.qn : Cleaned with backup
C:\!Submit\ven_d1.exe -> TrojanDownloader.IstBar : Cleaned with backup
C:\Program Files\Common Files\AOL\ACS\acsd.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\Program Files\Common Files\aolback\Comps\coach\aolcinst.exe/.\Data\player\aolnysev.exe -> Heuristic.Win32.Hijacker1 : Error during cleaning
C:\Program Files\Radmin\raddrv.dll -> Not-A-Virus.RiskWare.RemoteAdmin.RAdmin.20 : Cleaned with backup
C:\Program Files\Radmin\radmin.exe -> Not-A-Virus.RiskWare.RemoteAdmin.RAdmin.21 : Cleaned with backup
C:\Program Files\Radmin\r_server.exe -> Not-A-Virus.RiskWare.RemoteAdmin.RAdmin.21 : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033136.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033136.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033136.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033136.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033136.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033166.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033166.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033166.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033166.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033166.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0033177.INI:gaujdz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0034166.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0034166.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0034166.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0034166.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0035171.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0035171.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0035171.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0035171.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0035171.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP918\A0035175.INI:gaujdz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0035188.INI:gaujdz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0035191.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0035191.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0035191.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0035191.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0035191.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0036187.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0036187.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0036187.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0036187.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0036187.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0036206.INI:gaujdz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0037182.exe -> TrojanDropper.Small.aad : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0037187.PIF:htwutg -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0037187.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0037187.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0037187.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0037187.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0037187.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0038215.exe -> TrojanDropper.Small.aad : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP919\A0038238.exe -> Backdoor.Padodor.ax : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038248.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038249.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038250.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038256.exe -> Backdoor.Padodor.ax : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038282.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038283.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038284.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038285.PIF:htwutg -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038285.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038285.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038285.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038285.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038285.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038286.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038287.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038289.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038294.ini:jhghqz -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038297.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038298.ini:opoqaa -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038300.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038301.exe -> Trojan.Agent.bi : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038304.ini:vrvlsf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038310.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038311.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038312.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038325.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038326.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038327.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038328.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038329.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038330.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038337.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038339.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038340.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038352.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038353.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038355.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038370.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038371.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038372.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038373.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038374.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038375.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038389.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038390.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038391.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038392.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038393.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038394.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038397.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038398.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038399.exe -> Trojan.Crypt.c : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038403.exe -> TrojanDownloader.Small.awa : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038429.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038429.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038429.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038429.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038429.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038441.PIF:iccfwm -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038441.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038441.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038441.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038441.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038441.PIF:saemiu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038441.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038444.ini:kgwid -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038453.ini:kgwid -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038458.PIF:iccfwm -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038458.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038458.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038458.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038458.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038458.PIF:saemiu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP920\A0038458.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038467.ini:kgwid -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038468.PIF:iccfwm -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038468.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038468.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038468.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038468.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038468.PIF:saemiu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038468.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038496.exe -> TrojanDownloader.VB.kq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038514.INI:gaujdz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038515.INI:gaujdz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038516.INI:gaujdz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038517.INI:gaujdz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038519.INI:gaujdz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038520.ini:jeafpn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038532.ini:kgwid -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038534.PIF:htwutg -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038534.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038534.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038534.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038534.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038534.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038535.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038535.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038535.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038535.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038535.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038536.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038536.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038536.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038536.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038536.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038537.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038537.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038537.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038537.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038537.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038538.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038538.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038538.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038538.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038539.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038539.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038539.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038539.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038539.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038540.PIF:iccfwm -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038540.PIF:jwiwmh -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038540.PIF:lvwqry -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038540.PIF:nzeuc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038540.PIF:rebigf -> Spyware.SearchPage : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038540.PIF:saemiu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038540.PIF:tuddxo -> Trojan.Agent.em : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038549.exe -> TrojanDropper.Small.wc : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038550.exe -> TrojanDownloader.Delf.go : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038558.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP921\A0038566.exe -> TrojanDownloader.Qoologic.n : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038623.cpl -> TrojanDownloader.Qoologic.p : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038634.exe -> Adware.SAHA : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038635.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038636.sys -> Trojan.Kolweb.b : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038637.exe -> Trojan.Kolweb.b : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038638.dll -> TrojanDownloader.Qoologic.q : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038639.exe -> TrojanDownloader.Qoologic.n : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038640.dll -> TrojanDownloader.Qoologic.p : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038642.dll -> TrojanDownloader.Qoologic.q : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038643.exe -> TrojanDownloader.Qoologic.q : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038647.cpl -> TrojanDownloader.Qoologic.p : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038648.exe -> TrojanDownloader.Qoologic.n : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038666.exe -> TrojanDropper.Small.qn : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038669.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038671.exe -> TrojanDownloader.IstBar : Cleaned with backup
C:\WINDOWS\mefgenyag.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\SYSTEM32\960ea.sys -> Trojan.Kolweb.b : Cleaned with backup
C:\WINDOWS\SYSTEM32\appsv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\Cache\dist006.exe -> TrojanDownloader.VB.eu : Cleaned with backup
C:\WINDOWS\SYSTEM32\q37.exe -> Trojan.Delf.cf : Cleaned with backup
C:\WINDOWS\SYSTEM32\raddrv.dll -> Not-A-Virus.RiskWare.RemoteAdmin.RAdmin.20 : Cleaned with backup
C:\WINDOWS\SYSTEM32\r_server.exe -> Not-A-Virus.RiskWare.RemoteAdmin.RAdmin.21 : Cleaned with backup


::Report End


F-Secure:

C:\!Submit\876004.exe Trojan-Dropper.Win32.VB.gg

C:\!Submit\SSK3_B5 Advagency.exe Trojan-Dropper.Win32.Small.qn

C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038641.dll Trojan.Win32.Kolweb.b

C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038644.dll Trojan.Win32.Kolweb.a

C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038668.exe Trojan-Dropper.Win32.VB.gg

C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038670.exe Trojan-Dropper.Win32.Small.qn

C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038874.exe Trojan-Downloader.Win32.Dyfuca.ei

C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038875.ocx Trojan-Downloader.Win32.Agent.ex

C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038876.exe Trojan-Dropper.Win32.Small.qn

C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038877.exe Trojan-Downloader.Win32.IstBar.gen

C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038883.sys Trojan.Win32.Kolweb.b

C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP922\A0038886.exe Trojan.Win32.Kolweb.b

C:\WINDOWS\SYSTEM32\Cache\e121307.Stub.exe Trojan-Downloader.Win32.Delmed.a

Hijack This:

Logfile of HijackThis v1.99.1
Scan saved at 10:33:25 PM, on 7/6/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\Program Files\LEAD Technologies, Inc\LEADTOOLS ePrint 3.0\Bin\LPSVS03N.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\Program Files\Network Associates\VirusScan\Webscanx.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\LEADTE~1\LEADTO~1.0\bin\EPRINT3.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\QUICKENW\bagent.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Kevin Sloane\My Documents\Unzipped\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ePrint 3.0 Service] C:\PROGRA~1\LEADTE~1\LEADTO~1.0\bin\EPRINT3.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: Quicken Scheduled Updates.lnk = C:\Program Files\QUICKENW\bagent.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Shortcut to user.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: TREND MICRO HouseCall - {2B5EA4F8-620A-4A8B-B003-4C8C5EBEA826} - http://uk.trendmicro...usecall_pre.php (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1FB464C8-09BB-4017-A2F5-EB742F04392F} (Microsoft Terminal Services Control (redist)) - http://204.144.208.1...web/mstscax.cab
O16 - DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} (Interealty MultiSelect) - http://vail.mlxchang...ectComboBox.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay10...es/MsnPUpld.cab
O16 - DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} (MLXchange Client Utils) - http://vail.mlxchang...ClientUtils.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {7ED7005B-4AF6-4CFF-9AE0-F243C4B8260F} (HouseCallButton.setup) - http://de.trendmicro...eCallButton.CAB
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} (GeacRevw Control) - http://vail.mlxchang...ol/IRCSharc.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {C7E73900-EF7C-4E63-B36E-E8EEE1CD7DA5} (MPGridControl Class) - http://vail.mlxchang...GridControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kleimer.com
O17 - HKLM\Software\..\Telephony: DomainName = kleimer.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = kleimer.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = kleimer.com
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe (file missing)
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: EPrint III Service - Unknown owner - C:\Program Files\LEAD Technologies, Inc\LEADTOOLS ePrint 3.0\Bin\LPSVS03N.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe" /service (file missing)
  • 0

Advertisements

#17
Wizard
Posted 07 July 2005 - 03:12 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Locate and Delete

C:\WINDOWS\SYSTEM32\Cache\e121307.Stub.exe

Have HijackThis fix this entry

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

Go ahead and Disable System Restore
http://service1.syma...src=sec_doc_nam

Install these 2

SpywareBlaster:
http://www.javacools...areblaster.html
Update Immediatly!

Winhelp2002 Hosts File
http://www.mvps.org/...2002/hosts2.htm
Just follow all the directions in the link!

Restart>> Renable System Restore!

Post back and let me know how things are running!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP