hi the panda scan i dont know if i did the right thing because i didnt get a log but heres everything else also my computer has kinda of lost like color for exaple the start menu was blue now its gray and i tried but cant change it and my computer is also running a bit slow
hi jack log
Logfile of HijackThis v1.99.1
Scan saved at 10:37:13 PM, on 9/3/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\FBM Software\ZeroSpyware 2004\NetGuard.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ZeroSpyware] "C:\Program Files\FBM Software\ZeroSpyware 2004\ZeroSpyware.exe" -STARTUP
O4 - HKCU\..\Run: [NetGuard] "C:\Program Files\FBM Software\ZeroSpyware 2004\NetGuard.exe" -STARTUP
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: &AIM Search -
res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: RaptisoftGameLoader -
http://www.miniclip.com/hamsterball/rap ... loader.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoftware.com/activescan ... asinst.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
ewido log
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 5:38:46 PM, 9/3/2005
+ Report-Checksum: E875D21A
+ Scan result:
HKLM\SOFTWARE\Classes\AtlControl.AtlCtrl -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\AtlControl.AtlCtrl\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\AtlControl.AtlCtrl\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1674BCBE-46DE-7BAB-FBFA-CA15D9FEB632} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7C559105-9ECF-42b8-B3F7-832E75EDD959} -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B26E0DA6-7964-2B58-9B4B-94CBAA3AFF83} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B5AB638F-D76C-415B-A8F2-F3CEAC502212} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C886256C-7A63-4213-AD2F-02AD3735DF06} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{3F947DE3-D937-414D-AF0A-548A4148A5E6} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{717BEB87-70F4-4EAB-80D4-E357B3619530} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\ISTx.Installer -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ISTx.Installer\CLSID -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\MediaAccX.Installer -> Spyware.WinAd : Cleaned with backup
HKLM\SOFTWARE\Classes\MediaAccX.Installer\CLSID -> Spyware.WinAd : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{C89E0F84-3C34-43D1-A72C-AF1A160A7C07} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{D6C76AA4-8532-4AFD-841D-287972A9E1E8} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\STO -> Spyware.WebSearch : Cleaned with backup
C:\Documents and Settings\Tim Miller\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-531c338a-226667a1.class -> Trojan.Byteverify : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim
miller@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim
miller@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim miller@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim
miller@cz4.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim
miller@cz8.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim
miller@e-2dj6wjk4kndpoco.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim
miller@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim miller@linkbuddies[2].txt -> Spyware.Cookie.Linkbuddies : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim
miller@programs.wegcash[2].txt -> Spyware.Cookie.Wegcash : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim
miller@stats3.porntrack[1].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim
miller@www.burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Tim Miller\Cookies\tim
miller@www.sidefind[2].txt -> Spyware.Cookie.Sidefind : Cleaned with backup
C:\Downloads\GoldMinerSetup-dm[1].exe -> Spyware.Trymedia : Cleaned with backup
C:\HJT\backups\backup-20050510-184157-995.dll -> TrojanDownloader.Agent.ne : Cleaned with backup
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Spyware.Wheaterbug : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP175\A0038848.exe -> Trojan.Agent.bi : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP175\A0038849.exe -> Trojan.Agent.bi : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039570.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039580.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039595.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039597.exe -> Trojan.Crypt.i : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039598.exe -> Trojan.Crypt.i : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039606.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039616.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039617.exe -> Trojan.Crypt.i : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039618.exe -> Trojan.Crypt.i : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039630.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039650.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039659.dll -> TrojanDownloader.Agent.ne : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039673.exe -> Spyware.Ipyn : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039676.exe -> Trojan.Agent.bi : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039681.exe -> TrojanDownloader.Apropo.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039693.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039702.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039712.EXE -> TrojanSpy.KBMan : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039721.dll -> Spyware.SpywareNo : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039736.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039799.exe -> Not-A-Virus.Hoax.Renos.m : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039802.dll -> TrojanDownloader.Murlo.ar : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\A0039809.dll -> Spyware.SpywareNo : Cleaned with backup
C:\WINDOWS\CLOCK.AVI:pcmln -> TrojanDownloader.Agent.lz : Cleaned with backup
C:\WINDOWS\DelIndex.BAT:sigzyz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\DELL.BMP:bquxh -> TrojanDownloader.Agent.ne : Cleaned with backup
C:\WINDOWS\DELL.BMP:zdxej -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\DirectX.log:lizetj -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\DtcInstall.log:gslbm -> TrojanDownloader.Agent.lz : Cleaned with backup
C:\WINDOWS\DtcInstall.log:uahpne -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\DtcInstall.log:wmwjjo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dyeax.txt:dsxqv -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\FaxSetup.log:onopmy -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\Gone Fishing.bmp:vxonk -> TrojanDownloader.Agent.ne : Cleaned with backup
C:\WINDOWS\Greenstone.bmp:rtomi -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\IIS6.LOG:quqvbo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\KB817611.log:bvbavq -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\KB817611.log:grryh -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\KB823182.log:cieff -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\KB823182.log:pdqwnx -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\KB824105.log:qiijz -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\KB824105.log:rjnma -> TrojanDownloader.Agent.lz : Cleaned with backup
C:\WINDOWS\KB828035.log:tdnat -> TrojanDownloader.Agent.lz : Cleaned with backup
C:\WINDOWS\KB828035.log:wtprus -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\KB828741.log:cdqxw -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\KB828741.log:zgtdnm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\KB833407.log:wetvty -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\KB835732.log:ouixoc -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\KB837001.log:rhejpo -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\KB839643-DirectX9.log:pedbvj -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\KB840987.log:efylp -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\msjg32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_rgbzeb.dat:tgmqv -> TrojanDownloader.Agent.ne : Cleaned with backup
C:\WINDOWS\OCGEN.LOG:eiqjr -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\OOBEACT.LOG:juklpv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\q329623.log:ohldt -> TrojanDownloader.Agent.ne : Cleaned with backup
C:\WINDOWS\SETUPERR.LOG:brsjg -> TrojanDownloader.Agent.ne : Cleaned with backup
C:\WINDOWS\speed.reg:ikulk -> TrojanDownloader.Agent.lz : Cleaned with backup
C:\WINDOWS\spupdsvc.log:lkvuc -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\sys316.exe -> Trojan.Crypt.i : Cleaned with backup
C:\WINDOWS\sys318.exe -> Trojan.Crypt.i : Cleaned with backup
C:\WINDOWS\sys319.exe -> Trojan.Crypt.i : Cleaned with backup
C:\WINDOWS\sys320.exe -> Trojan.Crypt.i : Cleaned with backup
C:\WINDOWS\SYSTEM32\abc.exe -> TrojanSpy.LdPinch.os : Cleaned with backup
C:\WINDOWS\SYSTEM32\cssrs.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\WINDOWS\SYSTEM32\cvxh8jkdq1.exe -> TrojanDownloader.Small.bho : Cleaned with backup
C:\WINDOWS\SYSTEM32\cvxh8jkdq2.exe -> Not-A-Virus.Hoax.Renos.m : Cleaned with backup
C:\WINDOWS\SYSTEM32\cvxh8jkdq5.exe -> TrojanDownloader.Small.awa : Cleaned with backup
C:\WINDOWS\SYSTEM32\cvxh8jkdq6.exe -> TrojanDownloader.Small.awa : Cleaned with backup
C:\WINDOWS\SYSTEM32\cvxh8jkdq7.exe -> TrojanDownloader.Agent.ho : Cleaned with backup
C:\WINDOWS\SYSTEM32\cvxh8jkdq8.exe -> TrojanDownloader.Small.bho : Cleaned with backup
C:\WINDOWS\SYSTEM32\HPCHuninstaller.exe -> TrojanSpy.Haxspy.d : Cleaned with backup
C:\WINDOWS\SYSTEM32\init32m.exe -> TrojanDownloader.Agent.ho : Cleaned with backup
C:\WINDOWS\SYSTEM32\javex80.vxd/C:/WINDOWS/System32/nvms.dll -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\SYSTEM32\javex80.vxd/C:/Program Files/NaviSearch/bin/nls.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\SYSTEM32\latest.exe -> Trojan.Crypt.i : Cleaned with backup
C:\WINDOWS\SYSTEM32\maxd1.exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\SYSTEM32\psis80ex.ax/C:/WINDOWS/System32/mscb.dll -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\SYSTEM32\psis80ex.ax/C:/Program Files/CashBack/bin/cashback.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\SYSTEM32\psis80ex.ax/C:/Program Files/CashBack/bin/cb.exe -> Spyware.CashBack : Cleaned with backup
C:\WINDOWS\SYSTEM32\psis80ex.ax/C:/Program Files/CashBack/bin/flash.exe -> Spyware.CashBack : Cleaned with backup
C:\WINDOWS\SYSTEM32\symcsvc.exe -> Trojan.Crypt.i : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysdrc.dll -> TrojanDropper.Agent.cy : Cleaned with backup
C:\WINDOWS\SYSTEM32\systr.dll -> Spyware.Globosearch : Cleaned with backup
C:\WINDOWS\SYSTEM32\thn32.dll -> TrojanProxy.Small.bk : Cleaned with backup
C:\WINDOWS\SYSTEM32\vxgamet1.exe -> TrojanDropper.Small.wv : Cleaned with backup
C:\WINDOWS\SYSTEM32\vxgamet2.exe -> TrojanProxy.Lager.x : Cleaned with backup
C:\WINDOWS\SYSTEM32\web\msusb64.ocx -> TrojanDropper.Small.zr : Cleaned with backup
C:\WINDOWS\SYSTEM32\ywphm.dll -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\SYSTEM32\zolker010.dll -> Spyware.Zbar : Cleaned with backup
C:\WINDOWS\SYSTEM32\zsfiles\00003.rps -> TrojanSpy.KBMan : Cleaned with backup
C:\WINDOWS\SYSTEM32\ztoolb010.dll -> Spyware.Zbar : Cleaned with backup
C:\WINDOWS\VBADDIN.INI:lmqja -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\vr_sys.dll -> TrojanSpy.LdPinch.os : Cleaned with backup
C:\WINDOWS\Windows Update.log:aeaby -> TrojanDownloader.Agent.ne : Cleaned with backup
C:\WINDOWS\Windows Update.log:uvsqb -> TrojanDownloader.Agent.ne : Cleaned with backup
C:\WINDOWS\wkbay.dat:lxduv -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\wmsetup.log:xwdjx -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_delis32.ini:aapqqa -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_delis32.ini:baxrpb -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_delis32.ini:ddfwez -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_delis32.ini:haxkwq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_delis32.ini:jdxxmp -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_delis32.ini:jhemvy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_delis32.ini:mnsdf -> TrojanDownloader.Agent.lz : Cleaned with backup
C:\WINDOWS\_delis32.ini:oefkfe -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_delis32.ini:ooxcrv -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\_delis32.ini:piobdr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_delis32.ini:qcfssf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_delis32.ini:vvqbyj -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_delis32.ini:wdetji -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\_delis32.ini:wduwlu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_delis32.ini:xhvvbh -> TrojanDownloader.Agent.ne : Cleaned with backup
C:\WINDOWS\_delis32.ini:yruiqf -> Spyware.SearchPage : Cleaned with backup
::Report End
smit log
smitRem log file
version 2.3
by noahdfear
The current date is: Sat 09/03/2005
The current time is: 16:08:29.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pre-run Files Present
~~~ Program Files ~~~
~~~ Shortcuts ~~~
Install.dat
~~~ Favorites ~~~
~~~ system32 folder ~~~
thn.dll
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
desktop.html
~~~ Drive root ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Post-run Files Present
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Wininet.dll ~~~
CLEAN!
thanks timroc