Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Ewido and HiJackthis [RESOLVED]


  • This topic is locked This topic is locked

#1
Granz00

Granz00

    Member

  • Member
  • PipPipPip
  • 226 posts
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 3:43:27 PM, 10/7/2005
+ Report-Checksum: 77D09080

+ Scan result:

HKLM\SOFTWARE\Classes\MediaAccX.Installer -> Spyware.WinAd : Cleaned with backup
HKLM\SOFTWARE\Classes\MediaAccX.Installer\CLSID -> Spyware.WinAd : Cleaned with backup
HKLM\SOFTWARE\Classes\YSBactivex.Installer -> Spyware.YourSiteBar : Cleaned with backup
HKLM\SOFTWARE\Classes\YSBactivex.Installer\CLSID -> Spyware.YourSiteBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/istactivex.dll -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/istactivex.dll\\.Owner -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/istactivex.dll\\{7C559105-9ECF-42B8-B3F7-832E75EDD959} -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaTicketsInstaller.ocx\\.Owner -> Spyware.PurityScan : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaTicketsInstaller.ocx\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/mfc42.dll\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/msvcrt.dll\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/olepro32.dll\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup
HKU\S-1-5-21-4136544386-2646945714-2251789952-500\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{10E42047-DEB9-4535-A118-B3F6EC39B807} -> Spyware.SideFind : Cleaned with backup
HKU\S-1-5-21-4136544386-2646945714-2251789952-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000EF1-0786-4633-87C6-1AA7A44296DA} -> Spyware.FavoriteMan : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\robtrckl.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\Cache\AAE4A626d01 -> Spyware.Trymedia : Cleaned with backup
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\Cache\FC2C8F69d01 -> Spyware.Hijacker.Generic : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Gator : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Bpath : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hotlog : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sjys7h0b.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.5:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\p080b9n8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\p080b9n8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\p080b9n8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-7c728-2a5d4246.class -> TrojanDownloader.Small.wv : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\2 Flash Games.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\3D SexVilla 11.00.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Absolute Video Converter 2.5.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Adobe Acrobat Reader 7.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Adobe Audition 1.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Adobe Photoshop CS Classroom In A Book.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Adobe Photoshop CS2 9.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Advanced Uninstaller Pro 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Album Rammstein - Mein Teil.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Amy Grant - Hearts in Motion.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Animals 1600 High Resolution Photogra.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Ashampoo PowerUp XP Platinum 2 2.20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\avast! Professional Edition 4.6.691.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Axialis IconWorkshop 5.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Azureus 2.3.0.5 Beta 36.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Black and Gray Icons.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\BMP ICO Converter 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\BubbleDiff 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\CAD2Shape 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Caligula.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\CDMenuPro 4.00.09.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Cerberus FTP Server 2.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Cindy Lauper - A Night To Remember.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Cinema 4D 9.507 Production Bundle.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Clock Tray Skins.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\CloneDVD 2.4.5.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Dark Blue World.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\De-Phazz - Death By Chocolate.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\DJ HipHop.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\DVD X Studios CloneDVD 3.6.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Easy Autorun Creator 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Easy WaterMark 3.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\EasyFile Sharing Web Server 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Elecard MPEG Player 4.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Eminem 14 Videoclips.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Essential Fonts for Designers.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\FairStars Audio Converter 1.52.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Fifa 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\FileMaker Pro 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Flash Decompiler 2.0.0.231.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Flash Web Design The Art Of Motion Gr.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\FlashFXP 3.4 Beta 3 (3.3.3 build 1100).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Fresh Download 7.38.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\FTPRush 1.0.571.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Game Development with ActionScript.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\GetRight 5.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Green Day - International Superhits.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\HDDLife Pro 2.5.74.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\High Impact Email Pro 3.2.212.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Internet ScreenSaver Builder 5.10.040901.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\InterVideo DVDCopy Platinum 3.0 B016.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\IpInterceptor 2.1.9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Kaspersky Anti-Hacker 1.5.119.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Kenny G - Greatest Hits.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Learn Microsoft Visual C++ 6.0 Now.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\LimeWire Pro 4.9.30.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\LinkLines 1.19.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\LiteMail 2.41.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Maillist Duplicates Remover 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Make Easy Money with Google Using the.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Maxthon 1.5.0 Build 90 Combo.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\MedianSoft Joiner-Converter 2.7.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\MegaLeecher 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Messenger Detect 1.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Microsoft Office Pro 2003 (5in1).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Microsoft Office XP 2003.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Microsoft Windows Vista Beta 1 - 22082.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Microsoft Windows XP Tools 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Midi for Mobiles.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Motorhead - Hammered.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\MP3 Filter 4.2.1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\MsnFreezer.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Nero 7 Ultra Edition (Origional one).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Nero 7 Ultra.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Net Monitor for Employees Pro 2.21.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Norton AntiVirus 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Norton Application Removal Tool.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Norton Ghost 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Norton internet security 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\nVidia ForceWare 81.84 Graphics Driver.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Panda Platinum Internet Security 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\PC Adrenalin 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\PC Repair v 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Perfect Keylogger 1.6.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Photoshop Restoration & Retouching.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\PicDownloader 4.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Pool 3D Training Edition 1.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Popup Ad Stopper 9.80.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\PyroTrans 2.14.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\R-Wipe and Clean 5.5.1181.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\RealPlayer 10.5 Gold.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Reasonable Software House NoC.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Registry Mechanic 5.0.0.136.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Reohix Customer Backup 1.10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\RiotBall 1.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Roger Waters - Flickering Flame.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\RPN Engineering Calculator 6.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Saeta Del Ruiseñor (Joselito).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\SearchMaestro 1.1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Serv-U 5.2.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Shall We Dance.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\ShareAlarmPro 1.5.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Shrek 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Sigur Ros - Von.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Simple Red - Greatest Hits.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Smart HTTP Debugger 1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Solidworks 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\SolSuite 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Sorenson Squeeze Compression Suite 4.2.301.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\SpeedUpMyPC 2.04.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Spinto Band - Nice and Nicely Done.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\SpyRemover 2.43.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Spyware Doctor 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Steve Vai - Fire Garden.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Symantec Norton AntiVirus 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Symantec Norton GoBack 4.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\system of a dawn- system of a down.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\System of a Down - Mesmerize.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\System Safety Monitor 2.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\The Fast PC Linker.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Trillian Pro 3.1.0.121.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Trillian Pro 3.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\TurboCAD Pro 11.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\TweakNow PowerPack 2005 Pro 1.6.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Ulead Burn Now 1.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Ulead COOL 360.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Ulead MediaStudio Pro 7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Ulead MediaStudio Pro 8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Ulead Photo Explorer 8.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Ulead PhotoImpact 10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Ulead Video Studio 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Ulead VideoStudio 8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\uTorrent 1.1.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\ViceVersa Pro 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\VMware Workstation 4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\VoiceMask Pro 1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\VueScan Professional Edition 8.3.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Wake of Death.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Web Cache Illuminator 4.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Winamp Pro 5.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\WinCHM 2.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Windows Update Fix.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Windows XP 64-bit pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\WinHex 12.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\WinPatrol 9.7.3.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\WinSpeedUp 2.63.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\WinTools.net Professional 6.3.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\X Video Joiner (AVI MPEG WMV Video Joiner).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Xerox & Illumination - XI.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\XoftSpy 3.44.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Zealot All Video to VCD DVD Creator and Burner 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Zealot AVI to VCD DVD Converter 2.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Zealot AVI to VCD DVD Converter.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Zealot Photo to VCD DVD Converter.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Zealot RM to VCD DVD Converter2.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Complete\Zealot WMV to VCD DVD Converter17.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Ad-aware Pro Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Adobe Acrobat Reader crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Adobe Golive v6.0 Keygen.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Adobe Illustrator v10.0 Time Limit Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Adobe ImageReady v1.0 crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Adobe PageMaker v7.0 Keygen.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Adobe Photoshop 7 keygen.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Adobe Photoshop all.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Adobe Serial Generator v2.0.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Age of Empires II The Age of Kings NO CD crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Age Of Mythology - The Titans no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Age Of Mythology no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Alias Acclaim crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\All Macromedia Products Keygen.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Anti-Trojan 4.0.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Avant Browser.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Backyard Baseball 2003 no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Backyard Wrestling 2 - There Goes the Neighborhood Eidos Interactive crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Battlefield 1942 no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Battlefield Vietnam EA Games crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Battlefield Vietnam Multiplayer Online Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Besieger Strategy DreamCatcher Interactive crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Blinx 2 - Masters of Time & Space Microsoft crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Blitzkrieg - Burning Horizon Strategy CDV Software GmbH crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Call of Duty Activision crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Call Of Duty no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\City of Heroes Role-Playing NCsoft crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Civilization III crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Classic NES Series - The Legend of Zelda GBA Role-Playing Nintendo crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\CloneDVD v1.x crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Command & Conquer - Generals no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Command & Conquer - Generals Zero Hour no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Command & Conquer - Generals Zero Hour Strategy EA Games crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Counter-Strike Condition Zero Keygen.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Credit card generator.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Crusader Kings Strategy Paradox Entertainment crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Cubase Audio XT 3.X crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Dark Age Of Camelot - Trials Of Atlantis no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Dark Matter - The Baryon Proj crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Deus Ex Invisible War NO CD Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Diablo 2 no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\DivX Player and Codec.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Doom 3 Activision crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Doom 3 NO CD Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Download Accelerator Plus (spyware free).exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Dragon Ball Z - Budokai 3 Atari crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Dragon Ball Z - Supersonic Warriors GBA Atari crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Dragon Warrior VIII Role-Playing Square Enix crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\DRIV3R Atari crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Dungeon Lords Role-Playing DreamCatcher Interactive crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Dungeon Siege no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Enter the Matrix Atari crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\ESPN NFL 2K5 Sega crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\F.E.A.R. VU Games crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Fable Role-Playing Microsoft crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Far Cry Ubisoft crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Final Fantasy VII - Advent Children PSP Role-Playing Square Enix crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Final Fantasy XI - Square Enix USA no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Final Fantasy XII Role-Playing Square Enix crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Fire Emblem - Seima no Kouseki GBA Role-Playing Nintendo crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\FlashFXP 2 RC2 Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\FlashFXP v1.4.1 Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\FlashFXP v1.4.3 Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\FlashFXP v2.0 Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\FlashFXP v2.1 crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\FlashFXP v2.2 crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\FlashGet.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Forgotten Realms - Demon Stone Atari crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Forgotten Realms - Demon Stone crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Freedom Force no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Front Mission 4 Strategy Square Enix crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Full Spectrum Warrior Strategy THQ crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Geist GC Nintendo crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Goblin Commander - Unleash the Horde Strategy Jaleco Entertainment crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Gran Turismo 4 SCEA crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Grand Theft Auto - San Andreas Rockstar Games crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Grand Theft Auto 3 no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Grand Theft Auto III no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Grand Theft Auto San Andreas NO CD crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Grand Theft Auto Vice City NO CD crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\GTA crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Half-Life 2 Keygen.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Half-Life 2 NO CD Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Half-Life 2 VU Games crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Halo - Combat Evolved - Microsoft no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Halo 2 crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Harry Potter & The Sorcerers Stone no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Harry Potter and the Prisoner of Azkaban Adventure EA Games crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Harry Potter and the Sorcerers Stone no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Heroes of Might & Magic IV no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Hidden & Dangerous 2 NO CD Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Icewind Dale 2 no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\ICQ 4.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\ICQ Pro 2003b.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\iMesh patch.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Jedi Academy NO CD Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Joint Operations - Typhoon Rising NovaLogic crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Juiced Acclaim crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Kingdom Hearts II Role-Playing Square Enix crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Knights Apprentice Memoricks Adventures Games crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\LimeWire server scanner.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia ColdFusion MX crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia Contribute v2.0 crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia Director 8 Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia Dreamweaver 4.0 Patch.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia Dreamweaver MX v6.0 crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia Dreamweaver UltraDev 4.0 Patch.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia Fireworks 4.0 Patch.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia Flash All Versions keygen.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia Flash MX v6.0 crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia Flash SWF-Unprotect v2.0.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Macromedia FreeHand v10 Loader.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Madden NFL 2003 no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Madden NFL 2005 EA crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Mafia no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Malice Mud Duck Productions crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Mario Pinball Land GBA Puzzle Nintendo crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Mario Tennis GC Nintendo crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Matrix Screensaver.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Max Payne 2 Fall Of Max Payne no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Max Payne 2 NO CD Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Max Payne 2 The Fall of Max Payne NO CD crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\MaxPayne 2 The Fall Of Max Payne Crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\McFarlanes Evil Prophecy Konami crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Medal Of Honor - Allied Assault no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Medal Of Honor - Allied Assault BreakThrough no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Medal Of Honor - Allied Assault no cd crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Medal of Honor Pacific Assault EA Games crack.exe.tcf -> Worm.Krepper.c : Cleaned with backup
C:\Documents and Settings\Administrator\Shared\Medal of Honor- Allied Assault no cd crack.e
  • 0

Advertisements


#2
Granz00

Granz00

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 226 posts
Logfile of HijackThis v1.99.1
Scan saved at 3:49:23 PM, on 10/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us10.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {00000000-0000-4CC2-9F39-7D4F255E6011} - C:\Program Files\ProSiteFinder\ProSiteFinder.dll (file missing)
O2 - BHO: (no name) - {57D6B5A9-1D00-75FD-46E3-53AE4A8DD9AE} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {67FB85AA-3045-43BC-6BD6-638372B5F498} - (no file)
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares Lite Edition\Ares.exe" -h
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: DriveSelect.lnk = C:\Program Files\321Studios\Xpress\DriveSelect.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmat...enWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c9.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z....llInstaller.exe
O16 - DPF: {62CE3CBC-B889-423A-9457-2FE7A731BBD8} (UpdateStart Class) - http://eng.pristonta...pristontale.cab
O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ThereInstallHelper.dll
O16 - DPF: {8B486EF6-6B2A-4A1E-BB0D-236CB2DBB8D2} (There Voice Trainer) - file://c:\Program Files\There\ThereClient\ThereVoiceTrainer.dll
O16 - DPF: {AAF421E6-7914-430A-9981-72B31AFF3BF4} (There Launcher) - file://c:\Program Files\There\ThereClient\ThereLauncher.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
  • 0

#3
Trevuren

Trevuren

    Old Dog

  • Retired Staff
  • 18,699 posts
Hi GANZOO and welcome to the Geeks to Go Forums.

My name is Trevuren and I will be helping you with your log.

1. Please DELETE your current HJT program from its present location.

2. Download and run the following HijackThis autoinstall program from Here . Please choose the default location of C:\Program Files\ as the destination. HJT needs to be in its own folder so that the program itself isn't deleted by accident. Having the backups could be VITAL to restoring your system if something went wrong in the FIX process!
  • Run HijackThis
  • Click SCAN and SAVE LOG. (a notepad window will open with the log in it when you click Save Log) (Ctrl-A to'select all', Ctrl-C to 'copy')
  • POST the log into this thread using 'Add Reply' (Ctrl-V to 'paste')

DO NOT MAKE ANY CHANGES OR CLICK "FIX CHECKED" UNTIL WE CHECK THE LOG, AS MOST OF THE FILES ARE LEGIT AND VITAL TO THE FUNCTION OF YOUR COMPUTER


Regards,

Trevuren

  • 0

#4
Granz00

Granz00

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 226 posts
Logfile of HijackThis v1.99.1
Scan saved at 4:50:48 PM, on 10/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us10.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {00000000-0000-4CC2-9F39-7D4F255E6011} - C:\Program Files\ProSiteFinder\ProSiteFinder.dll (file missing)
O2 - BHO: (no name) - {57D6B5A9-1D00-75FD-46E3-53AE4A8DD9AE} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {67FB85AA-3045-43BC-6BD6-638372B5F498} - (no file)
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares Lite Edition\Ares.exe" -h
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: DriveSelect.lnk = C:\Program Files\321Studios\Xpress\DriveSelect.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmat...enWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c9.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z....llInstaller.exe
O16 - DPF: {62CE3CBC-B889-423A-9457-2FE7A731BBD8} (UpdateStart Class) - http://eng.pristonta...pristontale.cab
O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ThereInstallHelper.dll
O16 - DPF: {8B486EF6-6B2A-4A1E-BB0D-236CB2DBB8D2} (There Voice Trainer) - file://c:\Program Files\There\ThereClient\ThereVoiceTrainer.dll
O16 - DPF: {AAF421E6-7914-430A-9981-72B31AFF3BF4} (There Launcher) - file://c:\Program Files\There\ThereClient\ThereLauncher.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • 0

#5
Trevuren

Trevuren

    Old Dog

  • Retired Staff
  • 18,699 posts
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order in which they are mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.


I have included LimeWire in the fix. The older versions came bundled with spyware. The newer version is clean. If you have the newer version of LimeWire just disregard all entries pertaining to this program.
  • First we need to make all files and folders VISIBLE:
    • Go to start>control panel>folder options>view (tab)
    • Choose to "show hidden files and folders,"
    • Uncheck the "hide protected operating system files" and the "hide extensions for know file types" boxes.
    • Close the window with ok
  • Please RUN HijackThis.
    . Click the SCAN button to produce a log.

  • Place a check mark beside each one of the following items:

    O2 - BHO: (no name) - {00000000-0000-4CC2-9F39-7D4F255E6011} - C:\Program Files\ProSiteFinder\ProSiteFinder.dll (file missing)
    O2 - BHO: (no name) - {57D6B5A9-1D00-75FD-46E3-53AE4A8DD9AE} - (no file)
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: (no name) - {67FB85AA-3045-43BC-6BD6-638372B5F498} - (no file)
    O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
    O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
    O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c9.cab
    O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ThereInstallHelper.dll



  • Now with all the items selected, and all windows closed except for HJT, delete them by clicking the FIX checked button. Close the HijackThis window.

  • Reboot Your System in Safe Mode

    How to use the F8 method to Start Your Computer in Safe Mode

    • Restart the computer.
    • As soon as BIOS is loaded begin tapping the F8 key until the Advanced Options menu appears.
    • Use the arrow keys to select the Safe mode menu item
    • Press Enter.
  • Using Windows Explorer, locate the following files/folders, and DELETE them (if they are present):

    C:\Program Files\winupdates\winupdates.exe
    ALCXMNTR.EXE<==You will have to Search for this one
    C:\Program Files\LimeWire<===Folder
    C:\Program Files\Updates from HP\137903<===Folder


  • Exit Explorer, and REBOOT BACK INTO NORMAL MODE

  • Finally, RUN Hijackthis again and produce a new HJT log. Post it in the forum so we can check how everything looks now.
Regards,

Trevuren

  • 0

#6
Granz00

Granz00

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 226 posts
Logfile of HijackThis v1.99.1
Scan saved at 5:29:00 PM, on 10/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us10.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares Lite Edition\Ares.exe" -h
O4 - Global Startup: DriveSelect.lnk = C:\Program Files\321Studios\Xpress\DriveSelect.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmat...enWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z....llInstaller.exe
O16 - DPF: {62CE3CBC-B889-423A-9457-2FE7A731BBD8} (UpdateStart Class) - http://eng.pristonta...pristontale.cab
O16 - DPF: {8B486EF6-6B2A-4A1E-BB0D-236CB2DBB8D2} (There Voice Trainer) - file://c:\Program Files\There\ThereClient\ThereVoiceTrainer.dll
O16 - DPF: {AAF421E6-7914-430A-9981-72B31AFF3BF4} (There Launcher) - file://c:\Program Files\There\ThereClient\ThereLauncher.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • 0

#7
Trevuren

Trevuren

    Old Dog

  • Retired Staff
  • 18,699 posts
Your log looks good. If you have no more malware-related problems that you are aware of, just give me the OK and we can start the final but essential cleanup procedures.

Trevuren
  • 0

#8
Granz00

Granz00

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 226 posts
Ok I got a firewall now and no malware problems so just tell me what to do.
  • 0

#9
Trevuren

Trevuren

    Old Dog

  • Retired Staff
  • 18,699 posts
Congratulations, your log shows that your SYSTEM IS CLEAN

There are a few things you must do once you are completely clean:

1. Re-hide your System Files and Folders to prevent any future accidents.

Reconfigure Windows XP to hide hidden files:
  • Click Start. Open My Computer.
  • Select the Tools menu and click Folder Options. Select the View Tab.
  • Under the Hidden files and folders heading deselect "Show hidden files and folders".
  • Check the "Hide protected operating system files (recommended)" option.
  • Click Yes to confirm. Click OK.
2. Reset and Re-enable your System Restore to remove bad files from the backup that Windows makes as no program is able to clean those files:

TO DISABLE SYSTEM RESTORE
  • Right-click "My Computer", and then left click "Properties".
  • Left click on "System Restore Tab"
  • Check box beside "Turn Off System Restore"
  • Left click on "Apply"
TO ENABLE SYSTEM RESTORE
  • Remove check mark from "Turn Off System Restore"
  • Click on "Apply"
Here are some tips to reduce the potential for spyware infection in the future:

Make sure you keep your Windows OS current by visiting Windows update
regularly to download and install any critical updates and service packs. With out these you are leaving the backdoor open.

I strongly recommend installing the following applications:
  • Spywareblaster <= SpywareBlaster will prevent spyware from being installed.
  • Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts.
  • How to use Ad-Aware to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware.
  • How to use Spybot to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware.
To protect yourself further:
  • Spyad <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
  • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
  • Google Toolbar <= Get the free google toolbar to help stop pop up windows.
And also see TonyKlein's good advice
So how did I get infected in the first place? (My Favorite)

Regards,

Trevuren

  • 0

#10
Trevuren

Trevuren

    Old Dog

  • Retired Staff
  • 18,699 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP