I'm using Windows 2000
Incident Status Location Spyware:Spyware/Virtumonde No disinfected C:\Documents and Settings\Administrator\Lokale innstillinger\Temp\backups\backup-20050920-000421-138.dll
Spyware:Spyware/Virtumonde No disinfected C:\Documents and Settings\Administrator\Lokale innstillinger\Temp\backups\backup-20050920-000511-783.dll
Dialer:Dialer.RV No disinfected C:\Documents and Settings\Administrator\Skrivebord\beats\backup-20040602-172450-394.inf
Adware:Adware/CssWeb No disinfected C:\Documents and Settings\Administrator\Skrivebord\beats\backup-20040602-172450-650.dll
Adware:Adware/CssWeb No disinfected C:\Documents and Settings\Administrator\Skrivebord\beats\backup-20040911-223430-738.dll
Adware:Adware/CssWeb No disinfected C:\WINNT\Downloaded Program Files\cssweb.dll
Spyware:Spyware/BetterInet No disinfected C:\WINNT\inf\banner.inf
Adware:adware/sbsoft No disinfected C:\WINNT\rdt.ini
Spyware:Spyware/Virtumonde No disinfected C:\WINNT\system32\qopqo.dll
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
O2 - BHO: MSEvents Object - {52B1DFC7-AAFC-4362-B103-868B0683C697} - C:\WINNT\System32\qopqo.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O8 - Extra context menu item: Last ned alle med FlashGet - C:\Programfiler\FlashGet\jc_all.htm
O8 - Extra context menu item: Last ned med FlashGet - C:\Programfiler\FlashGet\jc_link.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programfiler\AIM95\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O15 - Trusted Zone: http://www.danceclassics.net
O20 - Winlogon Notify: qopqo - C:\WINNT\System32\qopqo.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINNT\System32\MsiExec.exe (file missing)
Edited by Uncut, 20 September 2005 - 09:05 AM.