[greyknight17]

I knew that looked familiar. You have Kazaa installed? Is this the paid version or not? If not, we must remove it. It looks like it's not the paid version according to what I see being installed here.

I'll hold off on the fixing for that Panda log until I get a reply to this. Kazaa is notorious (the free download) for installing Gator and a bunch of other junk in your machine. So if it is the free one, please tell us so we can help you remove it. It's spyware and definitely bad.

[Advertisements]

It is the freeware. However, I know it was not the source of Smitfraud since I haven't used it since my last clean spybot scan several weeks ago. I would like to keep Kazaa in place since I have some components in place that would be very difficult to setup again. I definitely won't run it until we are through with the fixes you have identified. Thanks.

[Sick_of_smitty]

It is the freeware. However, I know it was not the source of Smitfraud since I haven't used it since my last clean spybot scan several weeks ago. I would like to keep Kazaa in place since I have some components in place that would be very difficult to setup again. I definitely won't run it until we are through with the fixes you have identified. Thanks.

[greyknight17]

I'm not sure how I should proceed with this fix then. Kazaa is one of the most nortorious of all spyware out there. It's bundled with so much junk and trust me, a handful of what I'm asking you to remove there are not smitfraud related. I'm sure they originated from Kazaa. As with all other spyware infected programs, removing their so-called sponsor programs might make the program malfunction. You have already removed some of it there, so I'm not sure if it did hinder Kazaa.

OK, I will see how we should approach this....

Fix the below:

Delete these if found:

C:\DOCUMENTS AND SETTINGS\HEATHER\APPLICATION DATA\tvmknwrd.dll
C:\WINDOWS\SYSTEM32\INNERVBINSTALL.LOG
C:\WINDOWS\alchem.ini
C:\WINDOWS\GatorPatch.log
C:\DOCUMENTS AND SETTINGS\HEATHER\APPLICATION DATA\Lycos

Download CleanUp! http://cleanup.stevengould.org/ (Alternate Link if main link don't work - http://www.greyknigh...spy/CleanUp.exe ) and install it. Run CleanUp! and click on the Options button. Uncheck 'Scan local drives for temporary files'. Also uncheck those two Newsgroup entries if you don't want to delete them. Click OK and then click on the CleanUp! button. Let it run. After it's done, choose Yes to logoff.

You should be better after doing that. But again with Kazaa, I'm not sure if it reinstalls anything back, but I doubt it. If it doesn't work, I could see you reinstalling it right now You will get reinfected again once you do that. That's why I highly suggest that you remove this P2P program at all costs.

It's your call....

To help prevent future spyware installations/infections, please read the Anti-Spyware Tutorial and use the tools provided.

Are there any problems now? If not, you should be set to go.

[Sick_of_smitty]

First, thanks for proceeding with the assistance. I know there is nothing more frustrating than a student that won't listen. I truly appreciate all your time and efforts.

Spybot still shows it. However, I seemed to remember some mentions of false positives as I was surfing forums before I hooked up with you. While Spybot was running just now I searched on Spybot, Smitfraud, "false positive" and came up with several references discussing why spybot in particular would find a false positive after the files were cleaned. I don't have any more symptoms and I feel I have already taken up too much of your time. Unless you feel there is reason to go on, I am comfortable closing this as "close enough" and hopefully in a future update of one of the scan programs, they will be able to take care of the rest.

Thanks again for all your assistance.

[greyknight17]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.