Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93104 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved]My Hijackthis Log For Checking Please


  • This topic is locked This topic is locked
10 replies to this topic

#1 2nutz

2nutz

    Authentic Member

  • Authentic Member
  • PipPip
  • 34 posts

Posted 23 July 2007 - 11:48 PM

Hi folks, I feel certain something has creeped into my computer despite running all the recommended software.Could you check this log out for me please. Thanks ! :thumbup:

Logfile of HijackThis v1.99.1
Scan saved at 3:35:00 PM, on 24/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\TV4STU~1\MImpPRO\MIProHst.exe
C:\Program Files\Trojan Remover\Trjscan.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.zoomerang...=WEB224ASTH6QXB
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\programs\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [MImpPro] C:\PROGRA~1\TV4STU~1\MImpPRO\MIProHst.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - Global Startup: PowerMenu.lnk = C:\Program Files\PowerMenu\PowerMenu.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download with &FileFactory Turbo - C:\Program Files\FileFactory Turbo\Plugins\IE\FileFactoryIE.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\programs\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Html To Image - C:\Program Files\Html To Image\menu.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\programs\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\programs\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Program Files\Messenger2\im2_ie_plugin.dll,-4 - {410C30C7-098A-4090-928E-F1D356D34C7F} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Store link with e-Stalker - {410C30C7-098A-4090-928E-F1D356D34C7F} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\programs\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=iehomepage&c=3C01&lc=0c09
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\programs\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: fsp_lmwl - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeActiveFileMonitor5.0 - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dopewars server (dopewars-server) - Unknown owner - C:\Program Files\dopewars-1.5.12\dopewars.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVSvc - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XI.SP3\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XI.SP3\RpcSandraSrv.exe
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

    Advertisements

Register to Remove


#2 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 06 August 2007 - 04:42 AM

Hello and welcome to the forum.

Sorry about the delay in responding

If you still need help, Scan again with HijackThis, and "copy/paste" a new log file into this thread.

Please make a uninstall list using HijackThis
To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.
5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here in a reply.


Also please describe how your computer behaves at the moment.
You too could train to help others- Join the Classroom

Posted Image


Posted Image

Posted Image

#3 2nutz

2nutz

    Authentic Member

  • Authentic Member
  • PipPip
  • 34 posts

Posted 06 August 2007 - 07:01 PM

Thanks for helping me out! I guess everything has really slowed down, and considering I had recently popped in an extra 512mb for 1024mb of memory I assume something else is playing up?

Ok here is the fresh log

Logfile of HijackThis v1.99.1
Scan saved at 10:56:42 AM, on 7/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Futuremark\3DMark03\3DMark03.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\programs\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - Global Startup: PowerMenu.lnk = C:\Program Files\PowerMenu\PowerMenu.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download with &FileFactory Turbo - C:\Program Files\FileFactory Turbo\Plugins\IE\FileFactoryIE.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\programs\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Html To Image - C:\Program Files\Html To Image\menu.htm
O8 - Extra context menu item: MasterCook: Select Image - C:\Program Files\MasterCook 9\Web\MCIEContext.hta
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: WebPod Studio - {193B17B0-7C9F-4D5B-AEAB-8D3605EFAAA} - C:\PROGRA~1\WEBPOD~1\wpc.exe
O9 - Extra 'Tools' menuitem: Launch WebPod Studio - {193B17B0-7C9F-4D5B-AEAB-8D3605EFAAA} - C:\PROGRA~1\WEBPOD~1\wpc.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\programs\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\programs\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Program Files\Messenger2\im2_ie_plugin.dll,-4 - {410C30C7-098A-4090-928E-F1D356D34C7F} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Store link with e-Stalker - {410C30C7-098A-4090-928E-F1D356D34C7F} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\programs\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: MasterCook Web Import Bar - {E6EF5071-7647-4E85-9785-87B6CF5CB561} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=iehomepage&c=3C01&lc=0c09
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\programs\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: fsp_lmwl - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeActiveFileMonitor5.0 - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dopewars server (dopewars-server) - Unknown owner - C:\Program Files\dopewars-1.5.12\dopewars.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVSvc - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Wintab32 - Unknown owner - C:\WINDOWS\system32\Wintab32.exe (file missing)

The Uninstall List

"Doras Carnival Adventure (remove only)"
"Doras Rapido River Rafting Race (remove only)"
© MDGx Tricks + Secrets
1001 Tangram Puzzles
3DMark03
ABC Amber EPS Converter
ABC Amber LIT Converter
AC3Filter (remove only)
ACDSee 9 Photo Manager
Active WebCam
Ad-Aware SE Professional
ADG Aspect 5.0.0.73
Adobe Acrobat 8.1.0 Professional
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Common File Installer
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit 2
Adobe Flash Player 9 ActiveX
Adobe Fonts All
Adobe Help Center 2.1
Adobe Help Viewer CS3
Adobe Illustrator 9.0
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Photoshop Elements 5.0
Adobe Reader 7.0.8
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos 1.0
Adobe Stock Photos CS3
Adobe SVG Viewer
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced File Organizer 3.0
Advanced Gomoku version 2.4
Advanced Video Poker
Airport Tycoon 3
Alien Skin Blow Up
Alien Skin Exposure
Alien Skin Eye Candy 5 Impact
Alien Skin Eye Candy 5 Nature
Alien Skin Eye Candy 5 Textures
Alien Skin Image Doctor
Alien Skin Snap Art
Alien Skin Xenofex 2.0
Animaatiokone Studio
Anime Studio Pro 5.5
Anim-FX
Antenna
AnyDVD
Apple Software Update
Aquarium Lab 2.0
AQUAZONE "Reef Fish Pack"
A-Ray Scanner 2.0.2.3
Arensus Crossword Puzzle Editor 1.1
Arkadia
Artizen HDR 2.4.11
ArtRage 2
ArtRage 2.1
Ashampoo Movie Shrink & Burn 2005
AstroPop Deluxe 1.0
AT&T Labs' Natural Voices - Desktop 1.4 Redist
Atmosphere Deluxe v6.0
Atomica Deluxe 2.52
ATT 1.4 Engine Only (no voices)
Audacity 1.2.6
Autodesk 3ds Max 8
Autodesk DWF Viewer
AutoHotkey 1.0.46.10
AutoPlay Menu Builder
AVG 7.5
AVG Anti-Spyware 7.5
AVI DVD Burner 2007 ver 2.23
AviSplit Classic Version 1.43
AVS Audio Recorder version 3.7
Backburner
Backspin Billiards
Backyardigans Mission to Mars (remove only)
Ballance (remove only)
Batch Watermark Creator 5.5.2
BDE Utils 1.1
Beetle Bomp (remove only)
Bejeweled 2 Deluxe 1.0
Bejeweled Deluxe 1.862
Bet Recorder
BetTracker 2.1
Big Money Deluxe
Big Money Deluxe 1.3
Bigfish Games Miss Management
Bit Che
BlueSoleil
Book Writer 4.00
BookWorm Deluxe 1.03
Box Shot 3D
BoxMaker Classic Version 1.2
Brain Train Age V3.20
Butterfly Escape 1.0
By-A-Nose AU 4.2.0
Cake Mania
Cake Mania Back to the Bakery (remove only)
Camtasia Studio 4
Canon CanoScan Toolbox 4.1
Canvas X
CardShark
Cartoonist 1.2
CBC Content Pack - CBC Fun Pack #1
CBC Content Pack - CBC Penguins
CBC Content Pack - CBC Pets - Dogs
CCleaner (remove only)
Chameleon
Chuzzle Deluxe 1.0
Circulate 1.09.1
Classic Menu 1.51 for Office
CoffeeCup Web Video Recorder
Comic Book Creator Content Pack - Bluetorch
ConceptDraw MINDMAP 5 Professional
ConceptDraw Reporter Trial
ConceptDraw WebWave Trial
CopyProfile
Corel Paint Shop Pro Photo XI
Corel Painter IX
C-Organizer Pro v 3.7.0
Crazy Lunch 1.0
Crazy Machines
CrazyTalk v4.5 Media Studio
Crime Puzzle 1.0
Crossword Forge 5.1.9
CTP Pro 1.8
Cubology 1.10.1
Cue Club
Custody Toolbox 2.1.4
CyberMotion 3D-Designer v.12.0
DART Karaoke Studio CDG
DATA BECKER Your Handwriting II
dBpoweramp Music Converter
Decorator
Delicious Deluxe
Diego`s Dinosaur Adventure (remove only)
Diego`s Wolf Pup Rescue (remove only)
Diego’s Rescue Adventure 3-D
DigiCel FlipBook 4.5
Diner Dash - Flo on the Go (remove only)
DiscAPI (Studio 10)
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Documeron 2.1
dopewars-1.5.12
Dora the Explorer 3D Pyramid Adventure (remove only)
Dora`s Magic Castle (remove only)
Dora`s World Adventure (remove only)
Doras Star Catching Game (remove only)
Dragon
Dragon Dollars 5 v.18.5.24.12
Duplicate File Remover 1.2
DVD Decrypter (Remove Only)
DVD Presenter
DVD Shrink 3.2
DVD-CLONER V4.40 Build 920
Dynomite Deluxe 2.71
Each Way Tipping System 7.2.2.2
ebgcInfra
ebgcRes
ebgcSDK
Eets
eGames Mini Golf Master 2
Elprime Media Recovery 1.0
Engage (v1.2.2.87)
EPSON Printer Software
e-tax 2007
EzGenerator Trial 2.8
FaceFilter Studio 2
FaceGen Modeller 3.1
FairUse Wizard 2
Fantastic Flame Screensaver
ffdshow [rev 1299] [2007-06-17]
FileDownloader 1.9
FileZilla (remove only)
Final Draft 7
Find and Delete (Remove) Duplicate Files Software 7.0
FinePrint
Firebird SQL Server - MAGIX Edition 2.0.0.1 (US)
Flash Decompiler
Flash Effect Maker Pro v3.2560 Free (560 Templates)
Flash Games 1.0
FlashGet(JetCar)
FlashGet(Jetcar) 1.80
Flower Shop Big City Break
FLV Player 1.3.3
Folder Marker Home v 2.0
Font Creator 5.0
Font Fitting Room Deluxe
Font Xplorer Demo 1.2.2
Fontonizer
Forum Promoter Demo
Funny Faces
FunPhotor 3.8
Gadget Buster 1.0
GameHouse Games Collection: Academy of Magic
GameHouse Games Collection: Adventure Inlay
GameHouse Games Collection: Adventure Inlay - Safari Edition
GameHouse Games Collection: Air Strike 3D
GameHouse Games Collection: Alien Sky
GameHouse Games Collection: Aloha Solitaire
GameHouse Games Collection: Aloha TriPeaks
GameHouse Games Collection: Ancient Tri-Jong
GameHouse Games Collection: Ancient Tripeaks
GameHouse Games Collection: Astrobatics
GameHouse Games Collection: Atlantis
GameHouse Games Collection: Atomaders
GameHouse Games Collection: Bejeweled 2
GameHouse Games Collection: Bewitched
GameHouse Games Collection: Big Kahuna Reef
GameHouse Games Collection: Boggle Supreme
GameHouse Games Collection: Bounce Out Blitz
GameHouse Games Collection: Casino Island To Go
GameHouse Games Collection: Chainz
GameHouse Games Collection: Chainz 2 - Relinked
GameHouse Games Collection: Charm Solitaire
GameHouse Games Collection: Charm Tale
GameHouse Games Collection: Chicktionary
GameHouse Games Collection: Chuzzle Deluxe
GameHouse Games Collection: Collapse! Crunch
GameHouse Games Collection: Combo Chaos!
GameHouse Games Collection: Crystal Path
GameHouse Games Collection: Cubis Gold 2
GameHouse Games Collection: Digby's Donuts
GameHouse Games Collection: Diner Dash
GameHouse Games Collection: Feeding Frenzy
GameHouse Games Collection: Fiber Twig
GameHouse Games Collection: Five Card Deluxe
GameHouse Games Collection: Flip Words
GameHouse Games Collection: Flying Leo
GameHouse Games Collection: Fortune Tiles Gold
GameHouse Games Collection: Fresco Wizard
GameHouse Games Collection: GameHouse Sudoku
GameHouse Games Collection: Gearz
GameHouse Games Collection: Granny in Paradise
GameHouse Games Collection: Gutterball
GameHouse Games Collection: Gutterball 2
GameHouse Games Collection: Hamsterball
GameHouse Games Collection: Hello!
GameHouse Games Collection: Holiday Express
GameHouse Games Collection: Iggle Pop!
GameHouse Games Collection: Incadia
GameHouse Games Collection: Incredible Ink
GameHouse Games Collection: Insaniquarium Deluxe
GameHouse Games Collection: Inspector Parker
GameHouse Games Collection: Invadazoid
GameHouse Games Collection: Jewel Quest
GameHouse Games Collection: Lemonade Tycoon
GameHouse Games Collection: Luxor
GameHouse Games Collection: Mad Caps
GameHouse Games Collection: Magic Ball
GameHouse Games Collection: Magic Ball 2
GameHouse Games Collection: Magic Ball 2 - New Worlds
GameHouse Games Collection: Magic Inlay
GameHouse Games Collection: Magic Vines
GameHouse Games Collection: Mah Jong Adventures
GameHouse Games Collection: Mah Jong Medley
GameHouse Games Collection: Mah Jong Quest
GameHouse Games Collection: Mahjong Garden To Go
GameHouse Games Collection: Mahjong Towers Eternity
GameHouse Games Collection: Maui Wowee
GameHouse Games Collection: Phlinx To Go
GameHouse Games Collection: Pin High Country Club Golf
GameHouse Games Collection: Pizza Frenzy
GameHouse Games Collection: Platypus
GameHouse Games Collection: Poker Superstars
GameHouse Games Collection: Puzzle Express
GameHouse Games Collection: Puzzle Inlay
GameHouse Games Collection: Puzzle Solitaire
GameHouse Games Collection: QBz
GameHouse Games Collection: Reader's Digest Super Word Power
GameHouse Games Collection: Ricochet
GameHouse Games Collection: Ricochet Lost Worlds
GameHouse Games Collection: Ricochet Lost Worlds - Recharged
GameHouse Games Collection: Roller Rush
GameHouse Games Collection: Saints & Sinners Bingo
GameHouse Games Collection: SCRABBLE
GameHouse Games Collection: Shape Shifter
GameHouse Games Collection: Slingo Deluxe
GameHouse Games Collection: Spelvin
GameHouse Games Collection: Splash
GameHouse Games Collection: Spring Sprang Sprung
GameHouse Games Collection: Super 5-Line Slots
GameHouse Games Collection: Super Blackjack!
GameHouse Games Collection: Super Bounce Out!
GameHouse Games Collection: Super Candy Cruncher
GameHouse Games Collection: Super Collapse!
GameHouse Games Collection: Super Collapse! II
GameHouse Games Collection: Super Collapse! II Platinum
GameHouse Games Collection: Super Fruit Frolic
GameHouse Games Collection: Super GameHouse Solitaire Vol. 1
GameHouse Games Collection: Super GameHouse Solitaire Vol. 2
GameHouse Games Collection: Super GameHouse Solitaire Vol. 3
GameHouse Games Collection: Super Gem Drop
GameHouse Games Collection: Super Glinx!
GameHouse Games Collection: Super Letter Linker
GameHouse Games Collection: Super Mah Jong Solitaire
GameHouse Games Collection: Super Nisqually
GameHouse Games Collection: Super PileUp!
GameHouse Games Collection: Super Pool
GameHouse Games Collection: Super Pop & Drop!
GameHouse Games Collection: Super Rumble Cube
GameHouse Games Collection: Super SpongeBob Collapse!
GameHouse Games Collection: Super TextTwist
GameHouse Games Collection: Super WHATword
GameHouse Games Collection: Super Wild Wild Words
GameHouse Games Collection: Tap a Jam
GameHouse Games Collection: Ten Pin Championship Bowling Pro
GameHouse Games Collection: Tennis Titans
GameHouse Games Collection: Tradewinds 2
GameHouse Games Collection: Trivia Machine
GameHouse Games Collection: Tropical Swaps
GameHouse Games Collection: Tumblebugs
GameHouse Games Collection: Turtle Bay
GameHouse Games Collection: Twistingo
GameHouse Games Collection: Ultimate Dominoes
GameHouse Games Collection: Varmintz Deluxe
GameHouse Games Collection: Walls of Jericho, The
GameHouse Games Collection: Wheel of Fortune
GameHouse Games Collection: Word Jolt
GameHouse Games Collection: Word Slinger
GameHouse Games Collection: WordJong To Go
GameHouse Games Collection: Zuma Deluxe
Google Earth Pro
Google Video Player
GPL Ghostscript Fonts
GridLines 1.01.1
Guitar Pro 5.0
Handy Free Clock 1.5
Heavy Weapon Deluxe 1.0
Hemera Photo Clip Art
HijackThis 1.99.1
Hollywood Screenplay and StoryCraft
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB917821)
Hotfix for Windows Media Format SDK (KB922042)
Hotfix for Windows Media Format SDK (KB922814)
Hotfix for Windows XP (KB319740)
Hotfix for Windows XP (KB889527)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB903234)
Hotfix for Windows XP (KB904412)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB907865)
Hotfix for Windows XP (KB913538)
Hotfix for Windows XP (KB918005)
Hotfix for Windows XP (KB918093)
Hotfix for Windows XP (KB918766)
Hotfix for Windows XP (KB919071)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB928388)
Html To Image 2.0
Hypercosm Player 3.29
Hypercosm Teleporter for SketchUp 1.1
IBP & ARELIS 9.7.1
iCash 3.3.3
Icon Constructor 3
IconCool Studio v3.0
IconCool Studio v3.3x
IconPackager
Ideal DVD Copy V2.1
ieSpell 2.2.0 (build 647)
ImgBurn (Remove Only)
Incomedia WebSite X5
Incomedia WebSite X5 Evolution
Indianboy 2007 Presents Bigfish Yumstters Precracked
Insaniquarium Deluxe 1.0
Instant Photo Effects 2.0
interneTIFF 7.0-FREE (IE Browser)
IP Confidentiality Agreement Generator
IrfanView (remove only)
Items TV
iTunes
JAlbum
Java™ SE Runtime Environment 6 Update 1
Joes 3-D Scavenger Hunt (remove only)
Jungle Heart v1.8.1
JustDogs Demonstration
Kaspersky Online Scanner
Key Ring Creator V1.0.0
Key Ring Creator V1.0.0
KeyWords
KoolMoves 5.7.2
KPT 6
La Casa De Dora (remove only)
Learning Essentials for Microsoft Office
Light Artist 1.4
Lizardtech DjVu Control
Loquendo TTS: Dave (American English)
Loquendo TTS: Elizabeth (British English)
Loquendo TTS: Kenneth (American English)
Loquendo TTS: Simon (British English)
Lotto007 2007 9.9
Macromedia Dreamweaver 8
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
MadMagic
Magic Bullet Suite 2.1
Magic ISO Maker v5.3 (build 0214)
Magic Stones
Magic Whiteboard version 1.8
MagicDisc 2.5.74
MAGIX Podcast MAKER e-version (US)
MakeTorrent v2.1
MasterCook Deluxe 9
Masterra PostSmile 6.1
Maya 8.5 Personal Learning Edition
Maya 8.5 Personal Learning Edition Documentation (en_US)
Mazaika 3.1
MCSBudgetPlanner
Media Resizer PRO
Messenger 2 (remove only)
Messenger Plus! Live
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Bootvis
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Math
Microsoft Money System Pack
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server Desktop Engine (PINNACLESYS)
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft Student 2007 for Learning Essentials
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Media Video 9 VCM
Microsoft Windows XP Video Decoder Checkup Utility
MightyFax
MIKSOFT Mobile 3GP converter
Mindgames
Mirage Studio
MirrorMixup 1.07.1
Moleskinsoft Clone Remover 2.4
MonkeyJam 3_050529
Monopoly Here & Now
Morpheus Photo Animation Suite v3.00
MotionArtist 2.0
MouseImp PRO
MozBackup 1.4.5
Mozilla Firefox (2.0.0.6)
Mozilla Sunbird (0.3)
Mozilla Thunderbird (2.0.0.6)
MPEG Video Wizard DVD
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 6.0 Parser
Mummy Maze Deluxe 1.1
Music MasterWorks v3.87
muvee autoProducer 6.1
muvee Chinese New Year stylePack
muvee Christmas stylePack
muvee coolStyles 1
muvee coolStyles 2
muvee corePack
muvee Hi-Octane stylePack
muvee Keep It All stylePack
muvee Kids stylePack
muvee Photo-Centric stylePack
muvee photoMemories stylePack
muvee Pro Classic stylePack
muvee Pro Modern stylePack
muvee Soccer stylePack
muvee Vacation stylePack
muvee Wedding stylePack
MyPhpFactory 1.0
N.I Pro-53 v3.0-OxYGeN
Nero 7 Essentials
Netbet Pro
newnovelist
NextUp-Acapela Brightspeech Heather22 US English Voice
NextUp-Acapela Brightspeech Ryan22 US English Voice
NextUp-Acapela Elan Aaron22 US English Voice
NextUp-Acapela Elan Graham22 UK English Voice
NextUp-Acapela Elan Laura22 US English Voice
NextUp-Acapela Elan Lucy22 UK English Voice
NingPo MahJong Deluxe 1.04
Noah's Ark Deluxe 1.1
Nuclear Coffee - VideoGet 2.0.2.26
Numericon
NVIDIA Drivers
OrgScheduler Pro version 3.3
OtsDJ 1.75.008
PageFour 1.50
Panda ActiveScan
PAP 4.0 Beta
PAP project files
PAP:Film 3.2
Papagayo 1.2
Paparazzi
PC Pitstop Optimize 1.5
PC User DVD DoubleShrink 1.0
PC User GoTube 1.0
PCMark04
PDF Password Remover v3.0
PDF Settings
PerformanceTest v6.1
Perpetuum Software .NET ModelKit Suite
Photo Toolkit 1.6
PhotoBrush
PhotoKit Color 2 Plug-In Module
PhotoRazor
PhotoShape Classic Version 1.1
PHP Designer 2007 - Professional - version 5.0.3
PianoFX STUDIO 4.0
Picasa 2
Pinnacle Instant DVD Recorder
Pinnacle MediaServer
Pinnacle PCI Performance Enhancer
Piranesi 5
PitchPerfect Uninstall
Pivot Stickfigure Animator
Pizza Panic
Plato Video To 3GP Converter Free 3.45
PNG MNG Construction Set
Popims Animator
Posh Shop
PowerDVD
PowerISO
PPFA_Buster version 2.0.0
PPJ version 2.6.0
Practical Sports Betting Calculator
Project Dogwaffle Professional
QUAKE 2007
QuickTime
RacetextUni
RAPID (Studio 10)
RapidCheck v0.4
ReadyToPrint Organizer
RealArcade
Real-Draw PRO 4.0
Registry Mechanic 5.2
Resize Your Picture
Restaurant Empire (remove only)
Rocket Bowl
Rocket Mania Deluxe 1.02
Roll6
Room Arranger
Saints & Sinners Bowling
SecondLife (remove only)
Security Update for Excel 2007 (KB934670)
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Office 2007 (KB934062)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Serif DrawPlus 8
Serious Magic Ultra 2
Seven Seas Deluxe 1.13
Shark - Hunting the Great White
Shave And A Haircut for Maya 8.5
Shoot the Roach
ShopFactory V5 Developer
SiteHound for FireFox 1.5.0
Sketch
SketchUp 5
Skype™ 3.2
SLang 2
Slots_London 2.0
SmartDraw 7
SmartDraw PDF Filter
SmartSound Quicktracks Plugin
SnagIt 8
Snapshot Adventures
Snowy Lunch Rush
Snowy The Bears Adventure
Snowy Treasure Hunter
Snowy Treasure Hunter 2
Snowy. Fish Frenzy
Snowy. Puzzle Islands
Snowy. Space Trip
Sony ACID Pro 6.0
Sony CD Architect 5.2
Sony Cinescore 1.0
Sony Cinescore Plug-In 1.0
Sony DVD Architect 4.0a
Sony Media Manager 2.2
Sony Sound Forge 8.0d
Sony USB Driver
Sony Vegas 7.0
Sorenson Squeeze 4.5
Sothink SWF Decompiler
Sothink SWF Quicker
SoundMAX
SpeedCommander 11
Spinner the Space Kid (remove only)
Splat! 1.0
SpongeBob SquarePants Typing
Springboard
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
Stamp
Stand O`Food (remove only)
Sticky Password 3.3
Stop Motion Pro v5.1 Trial
Studio 10
Stun Attack
Sudoku Challenge
Suite Specific
SUPER © Version 2007.bld.21 (Jan 4, 2007)
Sweetopia
Swift 3D v4.50
SWiSHmax
System Requirements Lab
Tales Animator 2.0
Teleport Pro
Ten Thumbs 4.3.1
TestLog V3.0 build 1008
Tetris 5000(v1.10 full version)
TextAloud
Text-To-Speech-Runtime
The Flash Ad Creator
The GIMP 2.2.13
The Logo Creator v4
The Logo Creator v5
The Movies™ Demo
The Panorama Factory V4 m32 Edition
the TAB 2.2
Thinstall Virtualization Suite
Tiks Texas Hold Em
Titan Backup
Track Database 1.1
TrackWatcher 2.0
Tropical Puzzle 1.09
TubeHunter
TuneUp Utilities 2007
Turtix
Tux Paint 0.9.16
Tux Paint Stamps 2006-10-21
TVPaint Animation
TwistedBrush
Typer Shark Deluxe 1.02
Ulead DVD MovieFactory 5 Plus
Ulead GIF Animator 5
Ulead PhotoImpact 12
Ulead VideoStudio 10
Ultimate Solitaire
Uniblue RegistryBooster 2
Update for Office 2007 (KB932080)
Update for Office 2007 (KB933688)
Update for Office 2007 (KB934391)
Update for Office 2007 (KB934393)
Update for Outlook 2007 (KB933493)
Update for Outlook 2007 Junk Email Filter (KB934655)
Update for Windows XP (KB897663)
Update for Windows XP (KB920342)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Word 2007 (KB934173)
USB Tablet Driver
User Profile Hive Cleanup Service
vanBasco's Karaoke Player
Vertus Fluid Mask 3 2.100.1-RC1
VFRUN66BI
VideoAvatar
Viewpoint Media Player
Visual Money 2.3
Web Page Maker V2.3
Web Photo Posting
Web Weaver EZ
webcamXP 2007
WebHopper Classic
WebPod Studio - Professional
Weight Commander 8.0
Wild West Adventure
WinAVIVideoConverter
Windows Communication Foundation
Windows Defender Signatures
Windows Imaging Component
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB896097
Windows Media Player 10 Hotfix - KB888656
Windows Media Player 10 Hotfix - KB895316
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Creativity Fun Packs - Windows Movie Maker 2
Windows XP Hotfix - KB884020
Windows XP Hotfix - KB884883
Windows XP Hotfix - KB885222
Windows XP Hotfix - KB886716
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB894395
Windows XP Hotfix - KB896626
WinRAR archiver
Wondershare Photo Story Platinum (2.1.0)
Wondershare Video To Flash Encoder
Word Challenge Extreme
Word Spring
WordJuice 1.04.1
WriteItNow3
Writer's Café 1.24
Xar Thumbnail Viewer 1.2
Xara Xtreme 3.2
Xara Xtreme Pro
Xara3D6
Xeno Assault II
Xfire (remove only)
XnView 1.91
XPal 3.4
XviD 1.1 final uninstall
X-Ways Forensics
Yahoo! Install Manager
Yahoo!7 Messenger
YouConvert Classic
Your Uninstaller 2006
Your Uninstaller! 2006 Version 5
ZBrush3
Zoner 3D Photo Maker
ZSMC USB PC Camera
Zuma Deluxe 1.0

#4 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 07 August 2007 - 05:23 AM

Hi 2 Nutz

Wow, you like your games. :weee:

Im sure they are all fine but one cuaght my eye as it has installed a service. This is what I found.

Description of DopeWars.exe
This is a component of Dope Wars. Dope Wars (http://www.dopewars.net) is a DOS-based PC strategy game about dealing drugs on the streets. This game is distributed as shareware, and costs $5 to purchase. However, it is loaded with the spyware applications Gator and Cydoor, which will bombard you with pop-up ads which they retrieve using your Internet connection. The game is loaded with these applications, free or purchased.


I dont see any of the spyware mentioned, but if you wish to remove let me know as we will have to stop the service first.

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then start to download the latest definition files.
  • Once the scanner is installed and the definitions downloaded, click Next.
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:
    • Scan using the following Anti-Virus database:

      + Extended(If available otherwise Standard)
    • Scan Options:

      + Scan Archives
      + Scan Mail Bases
  • Click OK
  • Now under select a target to scan select My Computer
  • The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

You too could train to help others- Join the Classroom

Posted Image


Posted Image

Posted Image

#5 2nutz

2nutz

    Authentic Member

  • Authentic Member
  • PipPip
  • 34 posts

Posted 08 August 2007 - 08:46 PM

Thanks, here is the online scan.I removed Dope Wars and disabled its server in services??!! ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, August 09, 2007 12:43:15 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.93.0 Kaspersky Anti-Virus database last update: 8/08/2007 Kaspersky Anti-Virus database records: 377073 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ Scan Statistics: Total number of scanned objects: 864594 Number of viruses found: 14 Number of infected objects: 69 Number of suspicious objects: 0 Duration of the scan process: 14:37:41 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Avg7\Log\emc.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1388924336.mail/packed/Update-KB31-x86.zip/Update-KB31-x86.exe Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1388924336.mail/packed/Update-KB31-x86.zip Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1388924336.mail/packed Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1388924336.mail GZIP: infected - 3 skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\143172664.mail/packed/Update-KB3046-x86.zip/Update-KB3046-x86.exe Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\143172664.mail/packed/Update-KB3046-x86.zip Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\143172664.mail/packed Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\143172664.mail GZIP: infected - 3 skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1787782333.mail/packed/Update-KB9328-x86.zip/Update-KB9328-x86.exe Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1787782333.mail/packed/Update-KB9328-x86.zip Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1787782333.mail/packed Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1787782333.mail GZIP: infected - 3 skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1999073952.mail/packed/Update-KB3046-x86.zip/Update-KB3046-x86.exe Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1999073952.mail/packed/Update-KB3046-x86.zip Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1999073952.mail/packed Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\1999073952.mail GZIP: infected - 3 skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\_215739669.mail/packed/Update-KB5125-x86.zip/Update-KB5125-x86.exe Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\_215739669.mail/packed/Update-KB5125-x86.zip Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\_215739669.mail/packed Infected: Email-Worm.Win32.Warezov.pk skipped C:\Documents and Settings\Robert\.spamato4thunderbird\activity\mails\_215739669.mail GZIP: infected - 3 skipped C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\cert8.db Object is locked skipped C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\flashgot.log Object is locked skipped C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\formhistory.dat Object is locked skipped C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\history.dat Object is locked skipped C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\key3.db Object is locked skipped C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\parent.lock Object is locked skipped C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\search.sqlite Object is locked skipped C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\Robert\Application Data\Thunderbird\Profiles\hiz67nrf.default\Mail\Local Folders\Junk/[From YouTube Service <service@youtube.com>][Date Mon, 5 Mar 2007 09:55:50 -0800 (PST)]/UNNAMED/[From "Owen Garcia" <mtnranches.com@jandtsales.com>][Date Thu, 15 Mar 2007 00:51:11 +0100]/UNNAMED/[From "Scott Lewis" <imsolos.com@homesrelocation.com>][Date Wed, 14 Mar 2007 21:23:54 -0500]/text/[From "steven_1@terra.es" <steven_1@terra.es>][Date Thu, 15 Mar 2007 15:55:36 +0100 (MET)]/UNNAMED/[From "Tech ... /document.txt .exe Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Robert\Application Data\Thunderbird\Profiles\hiz67nrf.default\Mail\Local Folders\Junk/[From YouTube Service <service@youtube.com>][Date Mon, 5 Mar 2007 09:55:50 -0800 (PST)]/UNNAMED/[From "Owen Garcia" <mtnranches.com@jandtsales.com>][Date Thu, 15 Mar 2007 00:51:11 +0100]/UNNAMED/[From "Scott Lewis" <imsolos.com@homesrelocation.com>][Date Wed, 14 Mar 2007 21:23:54 -0500]/text/[From "steven_1@terra.es" <steven_1@terra.es>][Date Thu, 15 Mar 2007 15:55:36 +0100 (MET)]/UNNAMED/[From "Techno Plus" ... /[From mycampaign@bmesrv2.com][Date Sat, 17 Mar 200 ... /document_all02c.zip Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Robert\Application Data\Thunderbird\Profiles\hiz67nrf.default\Mail\Local Folders\Junk/[From YouTube Service <service@youtube.com>][Date Mon, 5 Mar 2007 09:55:50 -0800 (PST)]/UNNAMED/[From "Owen Garcia" <mtnranches.com@jandtsales.com>][Date Thu, 15 Mar 2007 00:51:11 +0100]/UNNAMED/[From "Scott Lewis" <imsolos.com@homesrelocation.com>][Date Wed, 14 Mar 2007 21:23:54 -0500]/text/[From "steven_1@terra.es" <steven_1@terra.es>][Date Thu, 15 Mar 2007 15:55:36 +0100 (MET)]/UNNAMED/[From "Techno Plus" ... /[From mycampaign@bmesrv2.com][Date Sat, 17 Mar 2007 13:23:56 +0330]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Robert\Application Data\Thunderbird\Profiles\hiz67nrf.default\Mail\Local Folders\Junk/[From YouTube Service <service@youtube.com>][Date Mon, 5 Mar 2007 09:55:50 -0800 (PST)]/UNNAMED/[From "Owen Garcia" <mtnranches.com@jandtsales.com>][Date Thu, 15 Mar 2007 00:51:11 +0100]/UNNAMED/[From "Scott Lewis" <imsolos.com@homesrelocation.com>][Date Wed, 14 Mar 2007 21:23:54 -0500]/text/[From "steven_1@terra.es" <steven_1@terra.es>][Date Thu, 15 Mar 2007 15:55:36 +0100 (MET)]/UNNAMED/[From "Techno Plus"<infejasdtj@vtr.net>][Date Fri, 16 Mar 2007 11:47:17 -0400]/html Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Robert\Application Data\Thunderbird\Profiles\hiz67nrf.default\Mail\Local Folders\Junk/[From YouTube Service <service@youtube.com>][Date Mon, 5 Mar 2007 09:55:50 -0800 (PST)]/UNNAMED/[From "Owen Garcia" <mtnranches.com@jandtsales.com>][Date Thu, 15 Mar 2007 00:51:11 +0100]/UNNAMED/[From "Scott Lewis" <imsolos.com@homesrelocation.com>][Date Wed, 14 Mar 2007 21:23:54 -0500]/text/[From "steven_1@terra.es" <steven_1@terra.es>][Date Thu, 15 Mar 2007 15:55:36 +0100 (MET)]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Robert\Application Data\Thunderbird\Profiles\hiz67nrf.default\Mail\Local Folders\Junk/[From YouTube Service <service@youtube.com>][Date Mon, 5 Mar 2007 09:55:50 -0800 (PST)]/UNNAMED/[From "Owen Garcia" <mtnranches.com@jandtsales.com>][Date Thu, 15 Mar 2007 00:51:11 +0100]/UNNAMED/[From "Scott Lewis" <imsolos.com@homesrelocation.com>][Date Wed, 14 Mar 2007 21:23:54 -0500]/text Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Robert\Application Data\Thunderbird\Profiles\hiz67nrf.default\Mail\Local Folders\Junk/[From YouTube Service <service@youtube.com>][Date Mon, 5 Mar 2007 09:55:50 -0800 (PST)]/UNNAMED/[From "Owen Garcia" <mtnranches.com@jandtsales.com>][Date Thu, 15 Mar 2007 00:51:11 +0100]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Robert\Application Data\Thunderbird\Profiles\hiz67nrf.default\Mail\Local Folders\Junk/[From YouTube Service <service@youtube.com>][Date Mon, 5 Mar 2007 09:55:50 -0800 (PST)]/UNNAMED Infected: Email-Worm.Win32.NetSky.q skipped C:\Documents and Settings\Robert\Application Data\Thunderbird\Profiles\hiz67nrf.default\Mail\Local Folders\Junk Mail Berkeley mbox: infected - 8 skipped C:\Documents and Settings\Robert\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Robert\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db Object is locked skipped C:\Documents and Settings\Robert\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db.shadow Object is locked skipped C:\Documents and Settings\Robert\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Robert\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Robert\Local Settings\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Robert\Local Settings\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Robert\Local Settings\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Robert\Local Settings\Application Data\Mozilla\Firefox\Profiles\t4y1wot9.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Robert\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Robert\Local Settings\History\History.IE5\MSHist012007080820070809\index.dat Object is locked skipped C:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Robert\ntuser.dat Object is locked skipped C:\Documents and Settings\Robert\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20070808-121242.log Object is locked skipped C:\Program Files\Babylon\Babylon-Pro\babylon.pro.6.xx-patch.exe Object is locked skipped C:\Program Files\Loquendo\LTTS\loquendo_tts_text-to-speech_no-license-key-needed_all-voices-patch_crack_serial_version_6-by_WAR_Hammer.exe Object is locked skipped C:\Program Files\Loquendo\LTTS\_patch.exe Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP142\A0051297.exe Object is locked skipped C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP146\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped C:\WINDOWS\system32\config\OSession.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\msssfc.exe Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_4f0.dat Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped H:\downloaded\34 TTS Voices\Loquendo TTS - English & Non-English\loquendo_tts_text-to-speech_no-license-key-needed_all-voices-patch_crack_serial_version_6-by_WAR_Hammer.exe Object is locked skipped H:\downloaded\34 TTS Voices\Loquendo TTS - English & Non-English\_patch.exe Object is locked skipped H:\downloaded\AJC Appz for your Computer -5in1- (AIO)\ALL MEDIA PROGRAMS\Fruity Loops Studio 7.0 Producer Edition 2007.exe Object is locked skipped H:\downloaded\AJC Appz for your Computer -5in1- (AIO)\ALL MEDIA PROGRAMS\LingvoSoft 2007 - Eng to 42 Lang + More (AIO)\LD2007\AutoPlay\Docs\FlashCards\patch\patch.exe Object is locked skipped H:\downloaded\CrazyTalk Media Studio 4.0 AiO [vertigo173]\CTMS4\autorun.exe Object is locked skipped H:\downloaded\Make Portable Applications by CSIWEMBLEY\TinyXP (Rev02)\TinyXP(Rev02).iso/$OEM$/$$/system32/pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.e skipped H:\downloaded\Make Portable Applications by CSIWEMBLEY\TinyXP (Rev02)\TinyXP(Rev02).iso ISO image: infected - 1 skipped H:\downloaded\Quick Apps 39in1 - 2007 - All Newest [MUST HAVE] (AIO)\AIO Quick APPs 2007.exe/AutoPlay/Docs/Error.Doctor.2007.v1.4.WinALL.Regged-iNDUCT/ErrorDoctorSetup.exe Infected: not-a-virus:FraudTool.Win32.ErrorDoctor.a skipped H:\downloaded\Quick Apps 39in1 - 2007 - All Newest [MUST HAVE] (AIO)\AIO Quick APPs 2007.exe ZIP: infected - 1 skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Cain & Abel.rar/Cain & Abel/ca_setup.exe/WISE0017.BIN Infected: not-a-virus:PSWTool.Win32.Cain.28 skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Cain & Abel.rar/Cain & Abel/ca_setup.exe/WISE0023.BIN Infected: not-a-virus:PSWTool.Win32.Cain.f skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Cain & Abel.rar/Cain & Abel/ca_setup.exe/WISE0025.BIN Infected: not-a-virus:PSWTool.Win32.Cain.e skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Cain & Abel.rar/Cain & Abel/ca_setup.exe Infected: not-a-virus:PSWTool.Win32.Cain.e skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Cain & Abel.rar Infected: not-a-virus:PSWTool.Win32.Cain.e skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/john-16w.zip/john-16/run/john.exe Infected: HackTool.Win32.John skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/john-16w.zip/john-16/run/john-k6.zip/john.exe Infected: HackTool.Win32.John skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/john-16w.zip/john-16/run/john-k6.zip Infected: HackTool.Win32.John skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/john-16w.zip/john-16/run/john-mmx.zip/john.exe Infected: HackTool.Win32.John skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/john-16w.zip/john-16/run/john-mmx.zip Infected: HackTool.Win32.John skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/john-16w.zip Infected: HackTool.Win32.John skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Munga Bunga Brute Forcer.rar/Munga Bunga Brute Forcer/Munta Bunta Brute Forcer.zip/mbhttpbf.exe/data0001 Infected: Backdoor.Win32.Skrat.e skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Munga Bunga Brute Forcer.rar/Munga Bunga Brute Forcer/Munta Bunta Brute Forcer.zip/mbhttpbf.exe/data0003 Infected: HackTool.Win32.VB.ao skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Munga Bunga Brute Forcer.rar/Munga Bunga Brute Forcer/Munta Bunta Brute Forcer.zip/mbhttpbf.exe Infected: HackTool.Win32.VB.ao skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Munga Bunga Brute Forcer.rar/Munga Bunga Brute Forcer/Munta Bunta Brute Forcer.zip Infected: HackTool.Win32.VB.ao skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Munga Bunga Brute Forcer.rar Infected: HackTool.Win32.VB.ao skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Munga Bunga's HTTP Brute Forcer.rar/Munga Bunga's HTTP Brute Forcer/Munta Bunta's Brute Forcer.zip/mbhttpbf.exe/data0001 Infected: Backdoor.Win32.Skrat.e skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Munga Bunga's HTTP Brute Forcer.rar/Munga Bunga's HTTP Brute Forcer/Munta Bunta's Brute Forcer.zip/mbhttpbf.exe/data0003 Infected: HackTool.Win32.VB.ao skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Munga Bunga's HTTP Brute Forcer.rar/Munga Bunga's HTTP Brute Forcer/Munta Bunta's Brute Forcer.zip/mbhttpbf.exe Infected: HackTool.Win32.VB.ao skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Munga Bunga's HTTP Brute Forcer.rar/Munga Bunga's HTTP Brute Forcer/Munta Bunta's Brute Forcer.zip Infected: HackTool.Win32.VB.ao skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Munga Bunga's HTTP Brute Forcer.rar Infected: HackTool.Win32.VB.ao skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Triton.zip/Triton.exe Infected: Exploit.Win32.Tryton.a skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe/AutoPlay/Docs/Triton.zip Infected: Exploit.Win32.Tryton.a skipped H:\downloaded\Reverse Engineering -12in1- [MUST HAVE] (AIO) [h33t.migel]\RE AIO.exe ZIP: infected - 23 skipped H:\downloaded\RollerCoaster Tycoon 2\Razor1911\yapkea.exe Object is locked skipped H:\downloaded\System Failure (Tweaks - Utilities - Network Tools) -48in1- (AIO) [h33t.migel]\System_Failure.exe/AutoPlay/Docs/Nero-7.8.5.0_eng_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped H:\downloaded\System Failure (Tweaks - Utilities - Network Tools) -48in1- (AIO) [h33t.migel]\System_Failure.exe/AutoPlay/Docs/Nero-7.8.5.0_eng_trial.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped H:\downloaded\System Failure (Tweaks - Utilities - Network Tools) -48in1- (AIO) [h33t.migel]\System_Failure.exe/AutoPlay/Docs/xpspro.exe/file39 Infected: not-a-virus:RiskTool.Win32.Shutdown.c skipped H:\downloaded\System Failure (Tweaks - Utilities - Network Tools) -48in1- (AIO) [h33t.migel]\System_Failure.exe/AutoPlay/Docs/xpspro.exe Infected: not-a-virus:RiskTool.Win32.Shutdown.c skipped H:\downloaded\System Failure (Tweaks - Utilities - Network Tools) -48in1- (AIO) [h33t.migel]\System_Failure.exe ZIP: infected - 4 skipped H:\downloaded\Windows XP Legal Maker.rar/3.WGA-Patcher Permanent Edition!/keyfinder.exe/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped H:\downloaded\Windows XP Legal Maker.rar/3.WGA-Patcher Permanent Edition!/keyfinder.exe/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped H:\downloaded\Windows XP Legal Maker.rar/3.WGA-Patcher Permanent Edition!/keyfinder.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped H:\downloaded\Windows XP Legal Maker.rar RAR: infected - 3 skipped H:\downloaded\Windows XP SP2 WGA Validation v.1.5.540.0\Key Changer\keyfinder.exe/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped H:\downloaded\Windows XP SP2 WGA Validation v.1.5.540.0\Key Changer\keyfinder.exe/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped H:\downloaded\Windows XP SP2 WGA Validation v.1.5.540.0\Key Changer\keyfinder.exe RarSFX: infected - 2 skipped H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped H:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP146\change.log Object is locked skipped Scan process completed.

Edited by 2nutz, 08 August 2007 - 08:47 PM.


#6 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 09 August 2007 - 03:19 PM

Hi 2nutz

I'm afraid I have unpleasant news for you. You have a Dangerous infection on this machine.
The infection is delivered by a Backdoor Trojan.
It allows outsiders COMPLETE access to every keystroke, account, and password you use while on this machine, and complete access to any other data present...
IF this computer has been used for any kind of important data, my best recommendation is to Disconnect from Internet, Re-Format the entire drive and re-install your Operating system and Applications.

We can likely clean the infected files off the computer, and if you wish we will attempt to do so, but we cannot be sure that the infection didn't do something to your system to reduce the system security. In that instance, even after removal of the infection, you could be subject to another attack or takeover as soon as you re-connect to the Internet.

The Decision Whether to ReFormat or Not should be based on:
  • The use of the computer - this is the primary factor in the decision whether to re-format and re-install, or just disinfect.
  • The variety of malware - this influences the decision on whether to re-format and re-install, or just disinfect.
If the Computer has been used for any important data, you are strongly advised to do the following, immediately:
  • Disconnect the infected computer from the internet and from any networked computers until the computer can be cleaned.
  • Back up all important data on the machine. Do not back up any Applications (programs). Those should be re-installed from the original source CDs or websites.
  • If you have ever used this computer for shopping, banking, or any transactions relating to your financial well being:
    Call all of your banks, credit card companies, and financial institutions, informing them that you may be a victim of identity theft, and to put a watch on your accounts or change all your account numbers.
  • From a clean computer, change ALL your online passwords -- for ISP login, email, banks, financial accounts, PayPal, eBay, online companies, and any online forums or groups you belong to.
  • DO NOT change passwords or do any transactions while using the infected computer because the attacker will get the new password and transaction information.
  • Take any other steps you think appropriate for an attempted identity theft.
While you are deciding whether to ReFormat and Re-Install, a useful link is here: http://www.dslreports.com/faq/10063
Please let me know what you decide.
You too could train to help others- Join the Classroom

Posted Image


Posted Image

Posted Image

#7 2nutz

2nutz

    Authentic Member

  • Authentic Member
  • PipPip
  • 34 posts

Posted 09 August 2007 - 05:39 PM

I have gone through the cleaning process before and have still got problems so I think we shall refomat and reinstall.I guess I will lose heaps of stuff but hey? OK so what is the way to go know Mac?

#8 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 09 August 2007 - 05:46 PM

Hi 2nutz We could clean you up, but it will take time and it's 12.40am here so Ill be signing off soon. There is the question of the files showing up in that Kaspersky log, though. It looks like you are using cracked software, and even your Windows is questionable. We can get you clean but it wont be long before your infected again, if you continue that way, as Im sure you already know.
You too could train to help others- Join the Classroom

Posted Image


Posted Image

Posted Image

#9 2nutz

2nutz

    Authentic Member

  • Authentic Member
  • PipPip
  • 34 posts

Posted 09 August 2007 - 08:44 PM

Hi, no I am saying lets reformat it etc.I have genuine windows XP I got with this computer, as well as lots of other legit software. I do have cracked games but I will not be reinstalling them because this stuff happens...So all help in restoring, reformatting etc will be fantastic... Thanks

#10 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 10 August 2007 - 03:56 AM

Hi 2Nutz

I know how tempting it is to save a bit of money, but in the cyber-world you rarely get something for nothing. Heres a few tips. It would be best, if possible, to print out the walk-through's.

Please make sure that you know what to do before beginning the operation.

Here are a few links that propably help.

Reformatting Windows XP by wng_z3r0
When should I re-format? How should I reinstall?
Windows XP Clean install

Then there are a couple of things you should do immediately after installing Windows and before surfing the net...

[*]Make your Internet Explorer more secure - This can be done by following these simple instructions:

[*]From within Internet Explorer click on the Tools menu and then click on Options.
[*]Click once on the Security tab
[*]Click once on the Internet icon so it becomes highlighted.
[*]Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
[*]Next press the Apply button and then the OK to exit the Internet Properties page.
[/list]Set correct settings for files that should be hidden in Windows XP
  • Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
  • Under "Hidden files and folders" if necessary select Do not show hidden files and folders.
  • If unchecked please checkHide protected operating system files (Recommended)
  • If necessary check "Display content of system folders"
  • If necessary Uncheck Hide file extensions for known file types.
  • Click OK
And take a look at this LINKY for further recommendations and tips to stay clean.

Follow this list and your potential for being infected again will reduce dramatically.

Glad I was able to help.
You too could train to help others- Join the Classroom

Posted Image


Posted Image

Posted Image

#11 Scotty

Scotty

    Always Happy

  • Authentic Member
  • PipPipPipPipPip
  • 3,634 posts

Posted 12 August 2007 - 05:20 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Coyote's Installed programs for prevention:

http://forums.tomcoy...showtopic=31418

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Visit the CoyoteStore http://TomCoyote.org/coyotestore.php
You too could train to help others- Join the Classroom

Posted Image


Posted Image

Posted Image

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users