Author Topic: Win32.P2P-Worm.Alcan.a (Read 3898 times)

NDorKidz · « **on:** February 08, 2006, 12:34:39 AM »

I managed to get it to where I can open my Task Manager again, but it still shows up when I run ad-aware and the computer seems to be running a bit slower unless I'm just paranoid. Anyway, here's the HJT.

Logfile of HijackThis v1.99.1
Scan saved at 12:24:22 AM, on 2/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\Common Files\AOL\1135475162\ee\aolsoftware.exe
c:\program files\common files\aol\1135475162\ee\aim6.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thottbot.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1135475162\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

I appreciate any help that you can offer

guestolo · « **Reply #1 on:** February 09, 2006, 12:03:13 AM »

We can run your thru a couple scans to ensure you are clean

Can you do the following please
******************************************************
When I ask you too download a zip file, make sure you choose SAVE TO DISK rather than Open
Can you open "MyComputer"
Double click to open Local Disk C: drive
Right click an empty spot and left click NEW>>Folder
A new folder will be placed in the C: folder , name it BFU
So you now have C:\BFU

Please download Brute Force Uninstaller
Reminder, choose SAVE rather than OPEN
Then Extract (UNZIP) the contents to the (C:\BFU) folder you just made

~~[color=\"#CC0000\"]RIGHT CLICK HERE[/color]~~
and choose "Save As" (in IE it's "Save Target As") in order to download Alcra Remover.
Save it in the folder you made earlier (c:\BFU)
[/s]
The above has been updated, this won't help any other users!

==Download and then Install
Ewido anti-malware 3.5

When installing, under "Additional Options" Uncheck
"Install background guard" and "Install scan via context menu".

From the main ewido screen, click on Update in the left menu, then click the Start update button.
After the update finishes (the status bar at the bottom will display "Update successful")
Close out Ewido for now, we'll need it later
If for some reason the Updater won't work can you manually download the
Updates from this link after you have Ewido installed
http://www.ewido.net/en/download/updates/

Open the C:\BFU folder
Double click to run BFU.exe
Use the "Open Script file" button (the folder icon next to Scriptfile to execute)
Navigate to p2pnetwork.bfu in the C:\BFU folder
Right click p2pnetwork.bfu and choose Select
In Brute Force Uninstaller select Execute
Wait for the "complete script execution" box to pop up and press OK.
Press exit to terminate the BFU program.

Reboot the computer
Back in Windows
==Open Ewido anti-malware
Click on the Scanner button on the left menu
Select Complete System Scan
*If Ewido finds something it will prompt you with "Infected Object found"
Ensure the following are Selected
*1. Perform Action = Remove
*2. Create Encrypted Backup in Quarantine (Recommended)
*3. Perform action with all infections
Then click OK
When Ewido has finished it's scan click the "Save Report" button
Save the report to desktop
Exit Ewido
NOTE: When Ewido is running, don't open any other Windows

Post back the following
1. Run a "Scan and Save logfile" with Hijackthis and post the fresh log
2. Post the whole report you saved earlier from Ewido's

NDorKidz · « **Reply #2 on:** February 19, 2006, 12:29:50 PM »

--Fresh HJT Log--

Logfile of HijackThis v1.99.1
Scan saved at 12:28:00 PM, on 2/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\AOL\1135475162\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\My Documents\download\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thottbot.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1135475162\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--Ewido Report--

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         12:27:09 PM, 2/19/2006
+ Report-Checksum:      B217460B

+ Scan result:

   C:\Documents and Settings\Administrator\Complete\138 Dreamweaver Extensions.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\3D World Map 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Adobe Type Manager Deluxe 4.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Alive Task Manager 1.2.0.54.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\AutoCAD 2006 Archicad 9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\BearShare Acceleration Patch 2.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Blade III Trinity.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Bob Dylan, Slow Train Coming.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Brokeback Mountain (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Counter Strike Source.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Cucusoft Video Converter Pro 7.07.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\DivX Pro 6.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Double Take.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Download Accelerator Plus 8.0.3.9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Dream Match Tennis 1.03.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Dude Where Is My Car.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\DVD-Cloner III 3.06.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Easy CD-DA Extractor 9.0.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Emule Speed Booster 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Fight Club (2006).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Figure Drawing Without a Model.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\File Splitter Deluxe 3.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Fish Tycoon.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Flightplan.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\FTP Voyager 12.3.0.1 ES.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Golden FTP Server Pro 2.70.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Google Video.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Hacking the PSP.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Hellraiser Hellworld (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Hirens BootCD 7.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\ImTOO DVD Ripper 4.0.39.0116.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\ImTOO DVD To Pocket PC Ripper 4.0.38.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\ImTOO iPod Movie Converter 2.1.58.010.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\ImTOO MOV Converter 2.1.57.1228B.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Intelli HyperSpeed 2005 1.8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\MediaUndelete 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Microsoft Graphing Calculator 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Nero Burning Rom 7.0.1.4b.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Net Monitor For Employees Pro 2.6.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\NOKIA Mobile Java Games.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\North Country (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Norton AntiVirus 2006 Protection Pack.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Old School.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\PDF to Word 1.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\PPRecorder 1.53.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\RapidShare 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Restauraunt Empire.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\RonyaSoft ProPoster 1.01.16.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Saving Private Ryan.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Saw II (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Scary movie 3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\School Of Rock.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Screamer 4x4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\SNMP-Probe 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Stardock Aquarium Desktop 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\SuperRam 5.1.23.2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Talisman Desktop 2.9.2900.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Talisman Desktop 2.9.29000.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\The Chronicles of Narnia (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\The Chronicles Of Narnia - The Lion, The Witch And The Wardr.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\The Fog.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\The Ladykillers.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\The Lion King Grubalicious.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\The Little Mermaid Pinball.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\The Matador.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\The Net 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Touratech QV 4.0.43.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Tradewinds Legends.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\TweakNow PowerPack 2006 Professional 1.1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\TweakNow PowerPack 2006 Professional 1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Valentine Fever Vol 1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Valentine Fever Vol 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Windows XP Professional 64bit.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Xilisoft DVD To iPod Converter 4.0.39.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Xilisoft DVD To PSP Converter 4.0.39.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Xilisoft MOV Converter 2.1.59.0118B.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Xilisoft MP3 WAV Converter 2.1.44.011.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Xilisoft PSP Video Converter 2.1.59.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Xilisoft RM Converter 2.1.59.0118B.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Complete\Yours Mine And Ours.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Coremetrics : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup

::Report End

thx for your help

guestolo · « **Reply #3 on:** February 19, 2006, 01:41:00 PM »

I don't see any Anti-Virus software installed on your computer

If you don't have your own to install
I recommend you install one of these free versions
ONLY install one please, more than one will cause conflicts and decrease system performance
They all have a free version supplied at the website

AVG 7 by Grisoft

Avast Home Edition by ALWIL

AntiVir Personal Edition Classic

After installation ensure it is fully updated and run a full system scan
Let it fix whatever it finds
Reboot the computer afterwards

Come back here and post one last hijackthis log and let me know how things are running please

Skitzo1989 · « **Reply #4 on:** February 27, 2006, 11:09:05 PM »

Thank you for posting your reply on this worm i had the same thing that he did and i couldnt get it to go away, i used ad-aware and avast, they said it was gone but i still couldnt open my task manager, but after i read your post and did what you said to do it worked, thank you so much for your help, i just have one question, do you know what the source of the worm could have been? thanks

guestolo · « **Reply #5 on:** February 27, 2006, 11:56:01 PM »

Hi Skitzo1989
You took the time to register and let us know how what helped>>Thank you
Why don't you post your own Hijackthis log in your own post to ensure you have cleaned everything
Here's the instructions

Skitzo1989 · « **Reply #6 on:** February 28, 2006, 12:33:05 PM »

here is my HJT log file

Logfile of HijackThis v1.99.1
Scan saved at 11:31:58 AM, on 2/28/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hjt\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://wapp.verizon.net/bookmarks/bmredir....ie&bm=yh_search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wapp.verizon.net/bookmarks/bmredir....1_ie&bm=yh_home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://dslstart.verizon.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ymetray] "C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: ChatSpace Full Java Client 4.0.0.320 - http://forums.walkers.org:8563/Java/cfs40320.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

zxypher · « **Reply #7 on:** March 02, 2006, 07:17:43 PM »

hi. i just happened to stumble here and find this informative site. i too had a problem with the alcan.a the only real problem i have left is that the file still wont go away. i downloaded a .avi file from bearshare that is titled "The Island divx rip" and it has been bothering me since. but the tools i have for my pc wont allow it to do any damage. if i try to open it using any type of utility it causes my eplorer.exe to use 100% of my cpu, thus slowing it down. I just bring up my task manager and end the process of explorer. then just restart it and my pc is back to normal. here is the hijackthis file so maybe you might be able to give me some further advice as to hoow to get rid of this 700MB file.

Logfile of HijackThis v1.99.1
Scan saved at 6:59:53 PM, on 3/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Owner\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [_AntiSpyware] C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: + &Download Express: download this file - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

i did everything you said in the original post for the BFU and eWido. so this is the results. at least me know if its good. thanks for the help. and if i did have time and money to donate i would figure out some way to help you fight this juvenile crap. its a waste of very good minds in the feild of programming.

computernoob · « **Reply #8 on:** March 04, 2006, 09:07:29 AM »

Logfile of HijackThis v1.99.1
Scan saved at 9:07:17 PM, on 3/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\LEE\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {AB41010D-4804-4793-A6A2-3B5EBE2348DD} - (no file)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: (no name) - {C11483F7-D7D8-4804-98D8-6055470BB989} - (no file)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MPTBox] C:\Program Files\Canon\MultiPASS4\MPTBox.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} -
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.5.0_04) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.5.0_03) -
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} (Java Plug-in 1.5.0_04) -
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         10:03:44 PM, 3/4/2006
+ Report-Checksum:      1A716B56

+ Scan result:

   :mozilla.12:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
   :mozilla.13:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
   :mozilla.16:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
   :mozilla.24:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.25:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.26:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.34:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.35:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.36:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.51:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.52:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.55:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.56:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.57:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.60:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.61:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.62:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.63:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.66:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
   :mozilla.67:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.68:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.69:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.70:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.71:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.72:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.74:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
   :mozilla.77:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
   :mozilla.78:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
   :mozilla.79:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
   :mozilla.81:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
   :mozilla.97:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
   :mozilla.101:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.113:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
   :mozilla.114:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.115:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.116:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.117:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.118:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.122:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.123:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.124:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.125:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.132:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
   :mozilla.133:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
   :mozilla.139:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.140:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.141:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.142:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.143:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.144:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.145:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.153:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
   :mozilla.161:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
   :mozilla.171:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.177:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.178:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.179:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.184:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
   :mozilla.185:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
   :mozilla.212:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
   :mozilla.213:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
   :mozilla.214:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
   :mozilla.222:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
   :mozilla.223:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
   :mozilla.230:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
   :mozilla.231:C:\Documents and Settings\LEE\Application Data\Mozilla\Firefox\Profiles\93hnbr66.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\About CNET Networks.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\All Software.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\CNET .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\CNET Channel.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\CNET Download.com.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\CNET News.com.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\CNET Reviews.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\CNET Shopper.com.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Computer Shopper.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Free Screensavers.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Help Center.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\International Media.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P-Encryption Suite 3.6.2.11.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P-EncryptMail for Outlook 1.6.2.11.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P-Jongg 5.5.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P-pack 2002.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P-Ping Tools 2.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P2P Backup 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P2P Barrier 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P2P Doctor 2.0.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P2P Messenger 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P2P Music Jukebox 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P2P Share Spy 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P2P TV Recorder 1.51.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P2PBazaar 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P7 Fax 1.12.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P7mViewer 4.0.31.36.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\P@WS 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PA Home Router 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pabx Billing System and Hotel Management 4.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pac Man demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pac Saver .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pac the Man 2 1.0.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pac the Man X 1.0.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PAC-FIX 7.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacBomber 1.7.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacDoom 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacestar UML Diagrammer 5.04.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacFish 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacFish 3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pachinko a Go Go 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PachinkoSaver 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacific DMS 3.5.44.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacific General demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacific Gunner 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacific Northwest - Scenes from Oregon and Washington 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacific Warriors demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacifist 1.6.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pack1 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Package Tracker (Classic) 3.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Package Tracker 3.9.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Package Tracker Widget 2.1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PackageCleaner 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PackageValidator 1.0 build 1412.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Packet Analyzer Enterprise Edition 5.5 build 926.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Packet Analyzer Professional Edition 5.5 build 926.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Packet Sniffer SDK 2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacketAlarm 4.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacketStuff Network Toolkit 0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PackMan - Package Manager 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacMad 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacman 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacMan 1.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacman 2002 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacman 2005 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacMan Adventures 3D 2.06.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pacman3D 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacPC 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacQuest 3D 3.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacQuest 3D 3.15.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacShooter 3D 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacsPrinter 1.09.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PacsScanner 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pad 2.7b.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pad 4.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pad Magic 2005 2.4.0.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pad+ 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PadEditor 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PADexpress 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PadLock Pro 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PadPlus 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paessler Netflow Tester 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paessler Site Inspector 4.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paessler SNMP Tester 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paessler URL Recorder 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Page Generator 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Page Promoter 7.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Page Promoter 7.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Page Update Watcher 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageBreeze Free HTML Editor 3.0d.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageCraft 2.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageFix 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pageflix 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageFocus Draw 3.71.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageFocus Pro 6.71.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageFour 1.30.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageGate 4.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageHelper 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageLock 3.1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageMaker Update PostScript Printing 1.03.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageMark 2.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageMethods 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PagePainter 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PagePit 1.3.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PagePlus SE 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PagePopupMaker 1.3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PagePorter 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageQ 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageR Enterprise 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageRank Checker 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageScanner 1.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageScrape 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageSender 3.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageSentry 4.1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageSpinner 4.6.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageSpy 1.3.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageSucker 3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PageUpdater 8.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pageville Shopping Cart API 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pageville Shopping Cart Editor 1.5.170.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pageville Shopping Cart Plug-in for FrontPage 2.02g.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pagoo Internet Voice Mail 6.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pagos Spreadsheet Component 3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pagos Spreadsheet Component for .NET 3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pagos Spreadsheet Component for Java 3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaieFie 2004 French 8.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller Chains mod .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller Compmode mod 0.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller dedicated server 1.3.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller demo 2 .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller demo 3 .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller editor and tools 1.3.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller multiplayer 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller patch 1.3.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller standalone server .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller v1.2 patch .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller v1.3 patch .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller v1.3 to v1.3.1 patch .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painkiller v1.3.5 CPL patch .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paint & Create 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paint Ball X-Wizard 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paint Defense 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paint Express 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paint Shop Photo Album 6.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paint Shop Pro 10.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paint Shop Pro Studio 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paint-By-Grids 3.0.2406.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paint.NET 2.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paintball 1.33.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaintBall II 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaintBall II 2.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paintball Manager Extreme 1.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paintball Party 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaintBox 2.2.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaintBuster 10.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaintCOST Estimator for Excel 3.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painted Flowers Jigsaw Puzzle 104pc.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Painter - Kids Colouring Book 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paintfx 1.2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaintStar 2.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pair Them Up 1.1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pajama Sam Sock Works .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pakistan Telephone Directory 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PakMed PakNeurol 01 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PakMed PakNeurol 02 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PakMed PakNeurol 03 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PakMed PakNeurol 04 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PakMed PakNeurol 05 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PakMed PakNeurol 07 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PakMed PakPsych 72 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PakNutri 12 1.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PakVault 4.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PAL Computer Surveillance System 3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PAL Evidence Eliminator and Tracks Eraser 1.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PAL Keylogger 1.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PAL PC Spy 1.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PAL Popup Killer and AD Stopper 1.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PAL Registry Cleaner Optimizer 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palcu Drawing for Children 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palette Panel 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palfun 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Alarm Christmas Edition Dec99.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Basic 1.0.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Biorhythms 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Commander .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Concentration 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Currency Converter 1.28.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Debugger 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Desktop 4.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Desktop 4.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Desktop for Macintosh 4.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Desktop Utilities 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Dictate 1.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Direct Install 0.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Explorer 2.5.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Finance Genius 1.25.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Kings Corners 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Mirror (CE palmtop, SH3) 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm OS Emulator 3.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Pocket Oxford English Dictionary 3.51.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Reader 2.5.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Scriptures Plus 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm SDK (Mac) 4.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm Unit Converter 1.22.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm USAF Flight Log 1.9.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palm4Fix 1.2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmaryCalc 1.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmaryClock 3.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmaryClock Wireless Edition 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmBFLThe Body for Life Companion 6.3.2c.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palmbutler 2.2.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmCard 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmCents 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmCrack 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmHide 1.3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmIRC 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmMSN 0.14.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmPilot HotSync Manager 3.1.1 Updater 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmPM (Project Manager for Palm) 1.19.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmPod Complete 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmPR 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmPrint 4.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmShisensho 1.24.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmToolBox 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Palmtumi 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PalmWars Standard 1.02.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paltalk 8.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paltalk 8.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paltalk BufferZone Security 1.70-6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PAM - The Pocket Asset Manager 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pamela Anderson Sex-E Screensaver 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pamela for Skype - Professional Version 1.25.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panasonic KV-S2055 Series ISIS Driver 1.76 (12198).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panasonic KV-S2055 Series TWAIN Driver 1.50 (12198).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panasonic KV-SS855 High-Speed Scanner Firmware 1.06 (12198).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panasonic KX-TD1232816308 Programmator .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panasonic KXL-D720 PCMCIA CD-ROM Driver 041796.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PanaVue ImageAssembler 3.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panda Assistant 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panda Craze Gold 1.0.25.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panda Platinum Internet Security 2006 10.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panda Quick Remove for Sasser.B .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panda QuickRemover for Sasser.A .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panda ScreenSaver 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panda Titanium Antivirus 2006 5.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panda TruPrevent Personal 2005 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panda TruPrevent Personal 2006 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PandaCam Widget 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pandali Intelligent Editor 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pandamonium Plus 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pandemonium 2 3Dfx demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pandemonium demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PandoFrame 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pandora Engine 20036.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pandora News 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pandora's Box .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pandora's Box AOE II 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pandora's Box Patch 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaneKiller 1.44.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panel Commander 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panel Toolbar 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PanelBar for ASP.NET 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panic 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PanIntegers 2.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pannasoft Ingenuity 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panorama - Terrain Editor 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panorama BackPacker a0.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panorama Express 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panorama Perfect Lite 1.6.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panoweaver 4.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pantone ColorWeb Update .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panzer Commander demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panzer Dragoon demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panzer Elite Action Fields of Glory demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panzer Elite Action Fields of Glory multiplayer demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panzer General II demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Panzer General III Scorched Earth updated demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaolaZip 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Papara Tata 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paparazzi Trailer .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Papelmedia GS SoundFont SF2 Premium Plus+ 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paper 2 PDF 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paper Grid 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paper Harbour 1.0.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paper Output Controlling 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paper Shredder 1.03.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paper Shredder 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paper Valet 2.1.08.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup

computernoob · « **Reply #9 on:** March 04, 2006, 09:19:15 AM »

continued:

2.1.08.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaperBall 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaperCut Quota 5.2.569.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paperiter 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paperless Desktop 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaperlessPrinter 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaperMaster Pro 7.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaperPicture 2 DXF 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaperQuote '01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paperstore 2.61.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Papertape Calculator 1.02.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaperToolsPro 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaperToolsPro 2005 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PaperToolsPro Standard 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paprotka ScreenSaver 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PAPShareware (Plastic Animation Paper) 3.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Papyrus Library Administration System 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paq File Share eFileGo 3.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paq KeyLog 3.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paq KeyLog Engine 2.04.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paq PDF2htm 2.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paq PDF2txt 2.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paq PDFtools 2.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paq Queue Simulation 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paquet Builder 2.9.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben Gif Animator 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Ball Buster 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Business Card Builder 5.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Case Agent Companion 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Cell Seizure 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Daily Journal 3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Deck of Cards 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Decryption Collection Enterprise Edition 2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Diet Tracker 2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Download Manager 3.1 build 143.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's E-mail Examiner 3.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Flow Charter 4.19 build 1790.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Icon Builder 7.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Label Builder 4.3.0.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's LAN Charter 4.19 build 1790.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Mah-jong 2.4.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Network E-mail Examiner 1.31.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's PDA Seizure 3.0.2.43.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Photo Wizard 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Registry Analyzer 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Screen Capture 4.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Text Searcher 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Text-To-Voice 2.0 build 94.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraben's Web Page Wizard 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paraclete 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paradigm Lingua 2.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paradigm PiDataCtl200 2.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paradigm PiHyper200 ActiveX Control 2.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paradise Photo Screensaver 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parador File Protection Personal Edition 1.0.0.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paradox Direct Engine (ActiveX) 2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paradox Viewer 1.57.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paradoxion 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\ParadoxRecovery 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon CD-ROM Emulator (Personal) 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Disk Wiper 7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Drive Backup (Personal Edition) 7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Drive Backup 7.0.0.1168.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Drive Backup Server Edition 7.0 build 69.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Easy CD-DVD Recorder build 2004-10-08.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Encrypted Disk 3.02.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Exact Image 7.0 build 27.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Ext2FS Anywhere 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Hard Disk Manager (Personal) 6.01.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Hard Disk Manager 6.01.464.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon NTFS for Win 98 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Partition Manager (Personal) 7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragon Partition Manager 7.0.1144.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paragraph Punch 4.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parallaxis Cuckoo Clock 5.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parallaxis iAlbum 1.1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parallaxis Winclip 3.2.2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parallel Greek New Testament 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paralogix Level One 2.11.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paranoia 1.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paranoid Android 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paranoid Spam Detector 2.0.120.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parashara's Light 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parasoft BPEL Maestro 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parasol Wallop 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paratrooper for Nokia 9200 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paratroopers 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paratroopers 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\ParaWin ME Pro 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parchisi 1.0.2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pardon 1.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parent Server Changer 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parent Timer 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parent Tools for AIM 2.1.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parental Control Reporting 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parental Control Tool 4.7 build 4.7.5.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parental Filter 0.251.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parental Key 2.06.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parental Lock Guard 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parenting Assist 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parents 5.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parents CyberAlert 1.50.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\ParentSnooper 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pariah single-player demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paribus 1.3.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paris 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paris Audio Guide 5.6.17.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paris Hilton Bikini Screensaver 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paris Hilton Screensaver 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Paris Hilton Sex-E Screen Saver 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parlay Master Picker 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parmen 2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parrot Capture 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parse-O-Matic Power Tool 4.03.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parsec LAN-Test .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\ParseMyLog 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parser Generator 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\ParseRat 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\ParseWare 1.5.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Parsnips 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Particle Fire Screensaver 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Particle Systems Screen Saver 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Particle Text 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Particles 4 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Partition Boot Manager 1.07.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Partition Logic 0.61.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Partition Table Doctor 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Partition Zapper 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Partitioned Query for MySQL 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Partner Dictionary English-Chinese for Pocket PC 2.4.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Partner Dictionary English-French 2.5.58.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Partner Dictionary English-Spanish 1.1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Partner Links 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Partnership Opportunities.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Party Bowling 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Party Guestware 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Party Poker 2006 - Premium Edition 1.1 2006.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Party-Pod Pro 6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PartyDJ 7.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PartyTime Player 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pascal Look 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pass First Certificate 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pass Shield 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pass-It 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Pass2Go by RoboForm 6.6.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PasSafe Password Manager 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passage 1995 Edition 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passage 3 2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passage 3 Christmas Edition 2.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passage Of Time 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passage Portal .NET 5.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passback for AOL Instant Messenger 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassBack for Ultrafunk Popcorn 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassCache 1.0a.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passcape Internet Explorer Password Recovery 1.2.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passcape Outlook Express Password Recovery 1.3.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passcape Outlook Password Recovery 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passcape Win CD Keys 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassCheck 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassCrypt 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passenger 2.3.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passenger Professional 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passgen 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassMark SoundCheck 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassMonster 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassPhrase .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passphrase Keeper 2.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassPic 2.02 build 36.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passport PC to Host 2004-3B30-4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassProtect InSight Home Edition 2.05.002.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassSV 4.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passtracker 2.0.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassVault Password Manager 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\PassWallet 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passware Kit Enterprise 6.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passware Password Recovery Kit 6.5 build 980.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Passweerd 1.02E.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password 2000 2.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Administrator 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Agent Lite 2.3.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Anti-Peeking 2.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Assistant 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Box 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Calculator 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Catalog 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Commander Pro 2.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Construction Kit 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Crypt Professional 2004 2.1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Depot 2.5.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Director 2.1.1663.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Discovery 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Door 8.2.12.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Generator 1.1.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Generator 2004 1.1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Generator Pro 3.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Inspiration 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password It 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Keeper 2000 6.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Keeper 3.12.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Keychain 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Lock Transparent Screensaver 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Maintenance 2.16.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Manager 1.0.2221.4794.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Manager 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Manager for IIS 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Manager XP 2.1.322.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Master 1.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password No-Hack 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Officer Deluxe 5.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Organizer Deluxe 2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Policy Enforcer 4.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Pop-up 1.52.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Protect 3.2.0.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Protect Folders 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Protected Lock 2.9.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Protection 4.1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Password Protector 1.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Privacy Policy.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Product reviews.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Release 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Spyware Removal.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Tech news.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Complete\Terms of Use.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
   C:\Documents and Settings\LEE\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   C:\Documents and Settings\LEE\Cookies\[email protected][1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
   C:\Documents and Settings\LEE\Cookies\lee@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
   C:\Documents and Settings\LEE\Local Settings\Temp\~zs4.tmp\NNZAP388.exe -> Adware.NewDotNet : Cleaned with backup
   C:\WINDOWS\NDNuninstall6_98.exe -> Adware.NewDotNet : Cleaned with backup
   C:\WINDOWS\NDNuninstall7_14.exe -> Adware.NewDotNet : Cleaned with backup
   C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup

::Report End

thanks alot, the problem appears to be gone
i was almost freaked out when the task manager didnt appear and as you can see i think i had way too much unclean stuff inside my com

guestolo · « **Reply #10 on:** March 04, 2006, 11:44:58 AM »

Let me break this up

[color=\"#CC0000\"]TO Skitzo1989:[/color]

Your log looks good
One optional entry in your log can be a bit of a resource hog

Quote

BigFix can automatically download and read technical support information provided by computer and software manufacturers and other technical support experts (published in the form of Fixlet® Messages) and can automatically check your computer for bugs configuration conflicts and security holes. Should only be started manually as it's a resource hog

I suggest that you
Do a "System scan only" with Hijackthis and put a check next to these entries:

O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe

After you have ticked the above entry, close All other open windows
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis
Reboot your computer

Back in Windows
*If everything is running better
Final Cleanup
We should clear all your restore points to ensure you don't restore any nasties that may be sitting idle

msconfig
Click OK
Click the "Launch System Restore" button
On the Left hand side click on "System Restore Settings"
Put a Check in "Turn off System Restore"
Apply it and OK out of there>>Reboot your computer
[/list]
Back in Windows, Go back and take the check out of "Turn off system restore"
This will reenable the System Restore feature and creates a new restore point

[indent][color=\"#CC0000\"]Protect yourself against Future Attacks[/color][/i][/b][/indent]
*Install SpywareBlaster 3.5.1 by JavaCool[/url]

After installation, Check for updates and then click the "Enable all protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"

*Make sure your Anti-Virus software is always kept up to date and actively running in the background

*Check for updates with your anti-spyware programs and run a scan on a regular basis
If you don't have Spybot 1.4, I recommend installing it
You can download it from HERE
or HERE

After installation--Click the UPDATE button on the left
SEARCH FOR UPDATES on the right
Check all boxes and then download all updates
After update is complete
Click the "Immunize" button on the left>>>OK at the prompt>>Immunzine at the top green cross
Click the "Search & Destroy" button on the left
"Check for Problems"---When the Scan is complete
FIX all selected promblems in RED
RESTART the computer if any Red entries were fixed
Please Immunize after every update

You may also choose to hold onto Ewido
Ewido will become a Limited version in a couple weeks
It's still a very good scanner to update and run once a month
and CleanUp! to clean those temp files, cookies, etc...

Now would be a good time to Defragment your system
*Keep up to date on Windows updates
This is the most important step in keeping your system secure
Service Pack 2 for Windows has been out for some time now and you still haven't updated
We have done steps to prepare your system for the installation
Please read this link
http://www.microsoft.com/windowsxp/sp2/default.mspx
Read the page>>Take note of the link What to know before you download and install
In addition: Make sure you keep up on Microsoft Office updates
You will find a link at Windows Updates named "Office Family"

*Make sure your Firewall is enabled and running
A Firewall is also very important
This provides a line of defense against someone who might try to access your computer without your permission

BE CAREFUL on what you download with your FileSharing programs, this worm spreads thru P2P programs
Scan your downloads with your AV before opening them
Most AV's will allow to right click on a file and scan it before opening it

[color=\"#CC0000\"]TO zxypher:[/color]
Do a "System scan only" with Hijackthis and put a check next to these entries:

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

After you have ticked the above entry, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis
Reboot the computer
NOTE: Don't let McAfee AntiSpyware interfere, if prompted about a change, ALLOW it please

You should all the other Final Cleanup steps and protections I suggested to Skitzo1989
excluding updating to SP2

[color=\"#CC0000\"]TO computernoob[/color]
Your log is not that bad, but I want to do additional cleaning
Please start your own post, it's getting too confusing having you post your logs to this thread

[color=\"#990000\"]To Any others[/color]
If you post your logs to this thread, they will be REMOVED
Please start your own Post, thanks
Here's the instructions on how to post your Own Hijackthis log

NDorKidz · « **Reply #11 on:** April 04, 2006, 05:43:38 PM »

------BUMP-----

I started this blog and then I went out of town in the middle of it and now a whole bunch of people posted on my thread, so I just wanted to make sure everything was good on my computer. I'll post a fresh HJT log and a fresh ewido scan. Lemme know if it's all cleaned off. Thx.

-----Ewidio Anti-malware 3.5------

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         6:54:50 PM, 4/4/2006
+ Report-Checksum:      4F8ED7EE

+ Scan result:

   C:\Documents and Settings\Administrator\Cookies\administrator@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Addynamix : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Webtrendslive : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Smartadserver : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup
   C:\Documents and Settings\Administrator\Cookies\administrator@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup

::Report End

------HJT LOG FILE------

Logfile of HijackThis v1.99.1
Scan saved at 6:55:37 PM, on 4/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files\Winamp\winamp.exe
C:\Fraps\fraps.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\My Documents\download\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

-----END------

I would appreciate you taking a look. Thanks.

guestolo · « **Reply #12 on:** April 09, 2006, 07:12:47 PM »

Your last log looked good NDorKidz
If you still need a hand, please start a new topic

TheTechGuide Forum

News:

Author Topic: Win32.P2P-Worm.Alcan.a (Read 3898 times)

NDorKidz

Win32.P2P-Worm.Alcan.a

guestolo

Win32.P2P-Worm.Alcan.a

NDorKidz

Win32.P2P-Worm.Alcan.a

guestolo

Win32.P2P-Worm.Alcan.a

Skitzo1989

Win32.P2P-Worm.Alcan.a

guestolo

Win32.P2P-Worm.Alcan.a

Skitzo1989

Win32.P2P-Worm.Alcan.a

zxypher

Win32.P2P-Worm.Alcan.a

computernoob

Win32.P2P-Worm.Alcan.a

computernoob

Win32.P2P-Worm.Alcan.a

guestolo

Win32.P2P-Worm.Alcan.a

NDorKidz

Win32.P2P-Worm.Alcan.a

guestolo

Win32.P2P-Worm.Alcan.a