Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

PLEASE HELP ME WITH LIMEWIRE WORM

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Taylor » December 4th, 2007, 1:41 am

My limewire keeps on opening and I believe that I have an alvarc worm.
I have done a BU uninstaller and ran a high jack this scan. Also tested it with Norton scans and Ewiddo. PLEASE help!!!Thank you so much. Here is my highjack this scan.
Taylor

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:29:20 PM, on 12/3/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1188792234\ee\aolsoftware.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Taylor\svchost.exe
C:\Users\Taylor\svchost.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Users\Taylor\Downloads\HJTInstall.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1188792234\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Host Process] C:\Users\Taylor\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NoIPDUCService - Unknown owner - C:\Program Files\No-IP\DUC20.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13223 bytes
Taylor
Regular Member
 
Posts: 24
Joined: December 4th, 2007, 1:34 am
Advertisement
Register to Remove

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Katana » December 4th, 2007, 8:51 am

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic.
3. Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those three things, everything should go smoothly :D

Did you install RealVNC ? ........... It is a remote access program


IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Limewire

I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Also available here.

My recommendation is you go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).
Please note: you must NOT use this whilst we are cleaning your machine.

Fix With HJT
Close all other windows and then start HiJack This
Click Do A System Scan Only
When it has finished scanning put a check next to the following lines
O4 - HKCU\..\Run: [Host Process] C:\Users\Taylor\svchost.exe

- Close ALL open windows (especially Internet Explorer!)-
Now click Fix checked
Click yes to any prompts
Close HijackThis

Show All Files And Folders
Now you need to show all files and folders
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Show hidden files and folders.
  • Uncheck Hide file extensions for known file types
  • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.

Stop A Proccess
Press CTRL + ALT + DEL (All together) >>> Select Task Manager
Select All Programs On This Computer, at the prompt click Allow

Click the Processes tab and look for C:\Users\Taylor\svchost.exe
Right click Proccess name and select End Task
( It may show more than once, please repeat for each instance )

Delete Files and Folders
Find and delete the following Files if present
C:\Users\Taylor\svchost.exe << This File


Please post a fresh HJT log in your reply
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Taylor » December 4th, 2007, 12:07 pm

Katana

Thank you so much for your reply. About a few hours after I posted this topic I stopped having the Limewire screen pop up. I deleted it in the control panels only to receive a popup that said "I am not allowed, but it will remove it from the control panel list". So I tried deleting it through "Programs" but I don't know if I was successful. The green icon at the bottom of the screen is gone as well. Instead I have this pop-up from Java on my screen that says, "One or more necessary files appear to be invalid. This is generally caused by a corrupted installation. Please try downloading and installing Limewire again. Thank you LimeWire version 4.14.10 Pro
Java version 1.6.0_03 from Sun Microsystems Inc.
Windows Vista v. 6.0 on x86
Free/total memory: 31412168/33357824

com.limegroup.gnutella.gui.GUILoader$StartupFailedException: invalid xml.war
at com.limegroup.gnutella.gui.GUILoader.sanityCheck(GUILoader.java:292)
at com.limegroup.gnutella.gui.GUILoader.load(GUILoader.java:57)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.limegroup.gnutella.gui.Main.main(Main.java:45)
STARTUP ERROR!
FILES IN CURRENT DIRECTORY:
C:\Program Files\limewire\lib
LAST MODIFIED: 1196747311996
SIZE: 8192
C:\Program Files\limewire\LimeWire.exe
LAST MODIFIED: 1190039185718
SIZE: 147456

I don't know what RVC is and I don't believe that I did download it. Perhaps a friend of mine who hooked up my computer did.(should I download it) I know he downloaded some kind of program so he could fix any installations from his house. (dont know what though. Anyway sorry for the LONG post and appreciate the help. PLEASE HELP ME KATANA. :-) I deleted the highjack file you said to delete. I did notice the java program running in the list as well. Here is the new log list.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:29:20 PM, on 12/3/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1188792234\ee\aolsoftware.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Taylor\svchost.exe
C:\Users\Taylor\svchost.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Users\Taylor\Downloads\HJTInstall.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1188792234\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Host Process] C:\Users\Taylor\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NoIPDUCService - Unknown owner - C:\Program Files\No-IP\DUC20.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13223 bytes
Taylor
Regular Member
 
Posts: 24
Joined: December 4th, 2007, 1:34 am

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Taylor » December 4th, 2007, 12:21 pm

When I click on "computer" in on the start button I do not see the view tab. I have Windows Vista..I tried locating the "hidden files" button but I can not find it. What I have on my screen does not match up to whats in the post.
Taylor
Regular Member
 
Posts: 24
Joined: December 4th, 2007, 1:34 am

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Taylor » December 4th, 2007, 12:47 pm

So I found the hidden files button and selected it. Wen I open up taskmngr I dont see the svchost.exe. But when I go to View-show process from all users, then about ten of them show up moving up and down and have a pink shade over them. I went to "kill process" on all of them and about 20 seconds after I killed all of them my computer went into restart. It was real slow starting up and now I see that their back. WHAT DO I DO...please help.. I deleted the folder with :\Users\Taylor\svchost.exe.. here is a new highjack list
Taylor
Regular Member
 
Posts: 24
Joined: December 4th, 2007, 1:34 am

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Taylor » December 4th, 2007, 1:08 pm

When I do the san woth HighJack this I do not see the systemhost.exe on the program window to select. Its like their hiding. But when I view the log on the notepad you can see below how many their are. Im going to try to delete them from the task managr again. PLEASE help asap

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:03:09 AM, on 12/4/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1188792234\ee\aolsoftware.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\hp\kbd\kbd.exe
C:\SYSINTERNALSUITE\PROCEXP.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1188792234\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NoIPDUCService - Unknown owner - C:\Program Files\No-IP\DUC20.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 15117 bytes
Taylor
Regular Member
 
Posts: 24
Joined: December 4th, 2007, 1:34 am

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Katana » December 4th, 2007, 1:35 pm

Is limewire still starting on its own ?

C:\Windows\System32\svchost.exe is safe DO NOT delete it
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Taylor » December 4th, 2007, 3:48 pm

katana wrote:Is limewire still starting on its own ?

C:\Windows\System32\svchost.exe is safe DO NOT delete it


No but the Java window pops up and my computer seems to be a little slower. Should I delete anything else.
Taylor
Regular Member
 
Posts: 24
Joined: December 4th, 2007, 1:34 am

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Katana » December 4th, 2007, 4:35 pm

Download the latest version of Java Runtime Environment (JRE) 6u3
http://java.sun.com/javase/downloads/index.jsp
Scroll down to where it says "The Java Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.

Now go to Add/Remove programs uninstall any Java or JRE items you find
Reboot
Next double click the install you just downloaded.
That should sort the Java problem.

Let me know how you get on
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Taylor » December 5th, 2007, 3:07 am

Any reason why my computer is about 5 times slower during start up and suring applications. Could I have messed it up through deleting the systemhost.exe files over and over. What can I do to make sure everything is running properly because I do notice a big difference in speed and its annoying??? This computer is about a month old. Thanks for the help and I will be more then happy to send a donation.
Taylor
Regular Member
 
Posts: 24
Joined: December 4th, 2007, 1:34 am

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Taylor » December 5th, 2007, 4:53 am

WOW I JUST RAN KASPERSKEY and found over 7,000 trojan.win32.Agent.cmn as well many other programs. Theirs like 7,000 corrupted files and they are either trojans or .zip or .exe files. PLEASEEEEEEE HELPPPPP ME!
Taylor
Regular Member
 
Posts: 24
Joined: December 4th, 2007, 1:34 am

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Katana » December 5th, 2007, 6:56 am

Please can you post the header of the log, and a section which shows the file path of an infected object
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Taylor » December 5th, 2007, 9:35 am

deleted: Trojan program Trojan.Win32.Agent.cmn File: C:\$Recycle.Bin\S-1-5-21-1645411277-3239267054-1436179895-1001\$R49UL5P.zip/Crack.exe
deleted: adware not-a-virus:AdWare.Win32.TrafficSol.o File: C:\$Recycle.Bin\S-1-5-21-1645411277-3239267054-1436179895-1001\$RF1FCRY.exe//data0009//stream//data0004//PE_Patch.UPX//UPX
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\$Recycle.Bin\S-1-5-21-1645411277-3239267054-1436179895-1001\$RM4TCJL.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\$Recycle.Bin\S-1-5-21-1645411277-3239267054-1436179895-1001\$RTFHGS6.zip
deleted: Trojan program Trojan.Win32.Agent.cmn File: C:\$Recycle.Bin\S-1-5-21-1645411277-3239267054-1436179895-1001\$RZ3UYLR.exe
deleted: Trojan program Trojan.Win32.Agent.cmn File: c:\$recycle.bin\s-1-5-21-1645411277-3239267054-1436179895-1001\$rm4tcjl.zip/Crack.exe
deleted: Trojan program Trojan.Win32.Agent.cmn File: c:\$recycle.bin\s-1-5-21-1645411277-3239267054-1436179895-1001\$rtfhgs6.zip/Crack.exe
deleted: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\a.zip/Crack.exe
deleted: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\Crack.exe
deleted: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\#1 Video Converter 4.1.35 Keygen.zip/Crack.exe
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\#1040;k#1086;n - #1050;#1086;nvi#1089;ted Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\001 File JoinerSplitter Pro 3.0 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\007 Spy Software v3.873 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\00jj99uuii66ddxxqqq.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1 Click DVD Copy Pro v3.0 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1 DVD Ripper 5.3 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1 DVD Ripper 5.3 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1 DVD Ripper 5.3 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1 DVD Ripper 6.03 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\10 books on Hacking Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\10 Man Cum Slam 19 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\10 Seconds To Love Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\100 Greatest Songs of RapHip Hop Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\100% Jenna Haze Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\101 Jukebox Classics Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\101 Jukebox Classics Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\10thWolf Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\110% Natural 12 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\12 Work asterix Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\123 DVD Clone v2.42 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\123 DVD Converter v4.6.1 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\123 DVD Ripper 1.00.060718 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\123 Flash Menu Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\123 Flash Menu v2.1.0.1059 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\123 Video Converter v4.3.3 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1408 [2007] Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\18 And Asian 3 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\18 And Easy 10 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\18 And Easy 10 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\18 And Easy 10 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\18 Candles # 1 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\18 years old Cameron Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\18 years old Cameron Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\18 Years Plus 1 Day Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\18Eighteen - Courtney Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\18Eighteen - Courtney Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1Click DVD Copy 5.1.1.3 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1Click DVD Copy Pro v2.4.0.6 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1Click DVD Copy v5.0.3.5 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1Click DVD Copy v5.0.3.5 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1Click Mini AIO Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\1st Security Agent with 1st Screen Lock 7.5 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2 Days in Paris (2007) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2 guys get nice Jayna Oso Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2 guys get nice Jayna Oso Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2 New Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2 Russian Girls get screwed Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2 Young girls have fun in front of her webcam Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2 Young girls have fun in front of her webcam Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2 Young To Fall In Love 3 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2 Young To Fall In Love 3 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\20 Fantastic Hits Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\20 Fantastic Hits Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\20 Years Of Jethro Tull, Awesome Collection Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\20 Years Of Jethro Tull, Awesome Collection Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\20 Years Of Jethro Tull, Awesome Collection Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\237.DVDRip.XviD.2006 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\25 To Life Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\25 to Life Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\25 to Life Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\28 Weeks Later (2007) TS Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\28 Weeks Later Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2nd Speech Center v3.2.7.406 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2Pac - Pac's Real Life Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2Pac - The 10TH Anniversary Collection Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2Pac - The 10TH Anniversary Collection Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\2Pac - The 10TH Anniversary Collection Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3 Doors Down - Another 700 Miles (EP) Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3 Sums Easy As... 1 2 3 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3 Ways All Ways Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3-D Fish School (3D Screensaver) Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\30 Days of Night (2007) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\30 Days Of Night Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\30 Days Of Night Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\300 (2007) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\300 (2007) Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\300 (2007) Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\300 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\300 March To Glory (PSP) Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\300 [2007] Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\300 [2007] Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\300 [2007] Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\31 Blowjob Quickies movies Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\32nd America’s Cup The Game Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3Com Network Supervisor v5.1 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D Album PicturePro Platinum v3.1 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D Album PicturePro Platinum v3.1 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D Bank _ My Baby Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D Home Architect Home Design Deluxe 6 Retail Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D Live Pool v2.32 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D Live Pool v2.32 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D Live Snooker Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D Live Snooker Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D Mark 06 1.1.0 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D ProductBox 2007 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D ProductBox R2 v2007 w Keygen Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D ProductBox R2 v2007 w Keygen Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D SexVilla v30.001 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D SexVilla v30.001 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3D-Shape 3DViewer 1.52 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3DNA Desktop v1.1 ! Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3GP Player 2007 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3GP to AVI Converter - Splitter v1.0 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3GP to GIFJPEG Converter 1.0 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3nity CD DVD Burner 1.7 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3Pete Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\3Planesoft Screensavers Collection Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\50 Cent - Before Curtis [2007] Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\50 Cent - Curtis (2007) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\50 Things You are Not Supposed To Know Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\501 Levi's Hits Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\501 Levi's Hits Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\5star Game Copy v.1.0.5.124 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\602LAN Suite 2004.0.05.0803 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\602LAN Suite 2004.0.05.0803 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\7 Sins Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\88 Minutes (2007) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\88 Minutes (2007) Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\88 Minutes (2007) Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\88 minutes dvd rip- (2007) Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\88.Minutes.2007.DVDRiP Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\==Vista Ready Upgrade adviser== Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\A Bridge Too Far (1977) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\A Cinderella Story (2004) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\A Dead Calling Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\A Dirty Western Patch.zipdisinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Helium Music Manager 2007 v0.0.5500 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hell A Cyber Punk Thriller (ISO) Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hellfire Sex 8 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Helloween - Better Than Raw Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Helloween - Chameleon Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Helloween - Master Of The Rings Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Helloween - Pink Bubbles Go Ape Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Helloween - The Time Of The Oath Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hentai Love Doll 1 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hentai Love Doll 1 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Her 1st Anal! Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Her Deep Dark Secret # 3 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hera's Hurts in First Time Anal Action! Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hera's Hurts in First Time Anal Action! Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Herb Alpert - The Very Best Of Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Heritage Of Kings The Settlers Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Heroes of Might and Magic 2 Gold Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Heroes Of Might and Magic V Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Heroes Of Might And Magic V Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Heroes Of Might And Magic V Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Heroes Of MightMagic 5 en español Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Heroes Of MightMagic 5 en español Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hex Workshop 4.23 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hex Workshop 4.23 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hex Workshop 4.23 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hex Workshop v4.23 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hexen Beyond Heretic Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hidden Recorder v1.7 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide IP Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide IP Platinum 3.31 Serial Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide IP Platinum 3.42 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide IP Platinum v3.1 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide IP Platinum v3.31 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide IP Platinum v3.31 with KeyGen Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide IP Platinum V3.42 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide IP Platinum v3.43 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide IP v1.0 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide IP Version 2.1 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide My Drives v1.5 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide My Drives v1.5 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hide Window Now 2.5 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\HiDownload Pro 7.06 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\HiDownload Pro 7.06 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\HiDownload Pro 7.06 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\High On The Hog Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\High Power Encryption 4.0 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\High School Musical 2 OST Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Highwaymen HDRip Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\HIM - Venus Doom Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\HIM - Venus Doom Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hip Hop Ejay V6 rise Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hiren's BootCD 8.3 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hirens Boot Cd 8.6 Plus Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hirens Bootcd 8.4 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hirens.Bootable.v7.6-cSm Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\History Sweeper 2.82 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\History Sweeper ver.2.78 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitch Hikers Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitch Hikers Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitler The Rise of Evil (2003) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitler The Rise of Evil Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman 2 Silent Assassin Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman 2 Silent Assassin Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman 3 Contracts Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman 3 Contracts Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman 3 Contracts Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman Blood Money Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman Blood Money Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman Blood Money Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman Contracts 3 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman Contracts 3 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman Contracts Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hitman.Blood.Money-RELOADED Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Holly Halston is Older and Stacked 4 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Holly Halston is Older and Stacked 4 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hollywoodland.DVDRip.XviD-DiAMOND Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Home On The Range (DVDRip) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\HomeCOST Estimator for Excel 3.00 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Homegrown Video # 717 The Porn Ultimatum Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Homegrown Video # 717 The Porn Ultimatum Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Homegrown Video # 717 The Porn Ultimatum Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Homemade Tape of Cute Asian American Girl Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Homemade Tape of Cute Asian American Girl Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Homerworld 2 Full iso Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Homeworld 2 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Homeworld 2 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Homeworld II Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Honey I Blew Everybody 3 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hooligans Storm Over Europe ISO Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hooligans Storm Over Europe ISO Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hoppet (2007) Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Horny bitch got fucked by big dick Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Horny Holiday Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Horny Holiday Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Horny Little Schoolgirls Xxx Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Horny Little Schoolgirls Xxx Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hospital Tycoon Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hospital Tycoon Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hostel (2005) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hostel (2005) Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hostel 2 (2007) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hostel 2 (2007) Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hostel 2 DVD WORKPRINT.XViD-PUKKA Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hostel Part II (2007) Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot and sweet desi girl Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Beavers Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Cpu Tester Pro Edition 4.3 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot CPU Tester Pro v4.3 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Fuzz (2007) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Fuzz (2007) Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Fuzz (2007) Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Hits 2007 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Hits 2007 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Oil Sex 3 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Pink Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Potatoes v6.2.0.4 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Potatoes v6.2.0.4 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot public masturbation Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot sex scene in the bathroom Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Squirts 3 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Squirts 3 Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot Wheels World Race Patch.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot.Fuzz (2007) Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\Hot.Fuzz (2007) Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\HotDog Pro 7.3 Crack.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\HotDog Pro 7.3 Keygen.zip
disinfected: Trojan program Trojan.Win32.Agent.cmn File: C:\Users\Taylor\'\HotDog Professional 7.03 Crack.zip

WHERE DID ALL THIS GARBAGE come from. My computer is a lot slower now and I am afraid that my computer is really damaged. I have about
6,500 of these stupid Trojans and other corrupted files.
PLEASE HELP
Taylor
Regular Member
 
Posts: 24
Joined: December 4th, 2007, 1:34 am

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Katana » December 5th, 2007, 10:02 am

The infection you have is a Password Stealer
It allows outsiders COMPLETE access to every keystroke, account, and password you use while on this machine,

If the Computer has been used for any important data, you are strongly advised to do the following, immediately:
  • Disconnect the infected computer from the internet and from any networked computers until the computer can be cleaned.
  • If you have ever used this computer for shopping, banking, or any transactions relating to your financial well being:
    Call all of your banks, credit card companies, and financial institutions, informing them that you may be a victim of identity theft, and to put a watch on your accounts or change all your account numbers.
  • From a clean computer, change ALL your online passwords -- for ISP login, email, banks, financial accounts, PayPal, eBay, online companies, and any online forums or groups you belong to.
  • DO NOT change passwords or do any transactions while using the infected computer because the attacker will get the new password and transaction information.
  • Take any other steps you think appropriate for an attempted identity theft.
I am sorry to be the bearer of bad news, but it is best that you know the full impact of this infection :(

It looks like the infection has been stopped, so lets find out what it has done

OTMoveIt
Please download OTMoveIt by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt.exe to run it.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

    C:\Users\Taylor\'

    ( be sure to include the apostrophe at the end ' )
  • Return to OTMoveIt, right click on the "Paste List of Files/Folders to be moved" window and choose Paste.
  • Click the red Moveit! button.
  • Close OTMoveIt
  • Copy and paste the contents of the results box as a reply to this topic
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

**If a reboot was necessary or you needed to Exit before posting the log, you will find a copy of the log at the root of the drive where OTMoveIt is installed, usually at :
C:\\_OTMoveIt\\MovedFiles\\********_******.log
(where "********_******" is the "date_time")


Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply
Last edited by Katana on December 5th, 2007, 1:45 pm, edited 1 time in total.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: PLEASE HELP ME WITH LIMEWIRE WORM

Unread postby Taylor » December 5th, 2007, 11:26 am

I will send you the Omoveit log in an email now.
Taylor
Regular Member
 
Posts: 24
Joined: December 4th, 2007, 1:34 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 41 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware