Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

smithfraud.c


  • This topic is locked This topic is locked
7 replies to this topic

#1 masr

masr

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:06 PM

Posted 10 August 2005 - 05:34 AM

Hello, will you be so kind and help me to get rid of smithfraud.c? Thank you very much. Here is my log.

Logfile of HijackThis v1.99.1
Scan saved at 12:22:19, on 10.8.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.updatesearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.updatesearches.com/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.updatesearches.com/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.updatesearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.updatesearches.com/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.updatesearches.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [FineReader7NewsReaderPro] C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [MSN Messenger] C:\WINDOWS\system32\msmsgs.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF0249F9-D3BB-4F56-B381-F3F0191EF8A1}: NameServer = 192.168.1.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe" -service (file missing)

Masr

BC AdBot (Login to Remove)

 


#2 g2i2r4

g2i2r4

    Malware remover


  • Members
  • 900 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:06 AM

Posted 11 August 2005 - 09:04 AM

Welcome masr to Bleeping Computer.

Please read these instructions carefully. You may want to print them. Copy the text to a Notepad file and save it to your desktop! We will need the file later.
Be sure to follow ALL instructions!



Download smitRem.exe and save the file to your desktop.
Double click on the file to extract it to it's own folder on the desktop.

***

Place a shortcut to Panda ActiveScan on your desktop.

***

Please download the trial version of ewido security suite.Install ewido security suite
When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".

Launch ewido, there should be an icon on your desktop double-click it.
The program will prompt you to update click the OK button

The program will now go to the main screen
You will need to update ewido to the latest definition files.On the left hand side of the main screen click update
Click on Start
The update will start and a progress bar will show the updates being installed.
Once the updates are installed, close Ewido for now.

***

If you have not already installed Ad-Aware SE 1.06, please download and install AdAware SE 1.06.
Check Here on how setup and use it - please make sure you update it first.

***

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

For additional help in booting into Safe Mode, see the following site:
http://www.pchell.com/support/safemode.shtml

***

Open HijackThis
Place a check against each of the following, making sure you get them all and not any others by mistake:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.updatesearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.updatesearches.com/bar.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.updatesearches.com/search.php?qq=%1

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.updatesearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.updatesearches.com/search.php?qq=%1

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.updatesearches.com/

Close all programs leaving only HijackThis running.
Click on Fix Checked when finished and exit HijackThis.

***

Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.
The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed.
Post me the contents of the smitfiles.txt log as you post back.

***

Open Ad-aware and do a full scan. Remove all it finds.

***

Now open Ewido Security Suite:* Click on scanner
* Click Complete System Scan and the scan will begin.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop
Reboot your computer.

***

Next go to Control Panel click Display > Desktop > Customize Desktop > Web > Uncheck "Security Info" if present.

***

Reboot back into Windows and click the Panda ActiveScan shortcut, then do a full system scan.
Save the report and post it along with a new HijackThis Log, the contents of the smitfiles.txt log and the Ewido Log by using Add Reply.


You also have VNC on the computer.
VNC stands for Virtual Network Computing. It is, in essence, a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures.
Did you know this?


Posted Image
Life is what happens while you're making other plans

#3 masr

masr
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:06 PM

Posted 13 August 2005 - 07:11 AM

Thank's very much. Here are the results.

Logfile of HijackThis v1.99.1
Scan saved at 14:02:17, on 13.8.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Executive Software\Diskeeper\DfrgNTFS.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [FineReader7NewsReaderPro] C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [MSN Messenger] C:\WINDOWS\system32\msmsgs.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF0249F9-D3BB-4F56-B381-F3F0191EF8A1}: NameServer = 192.168.1.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe" -service (file missing)

smitRem log file
version 2.3

by noahdfear


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pre-run Files Present


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~

logfiles


~~~ Icons in System32 ~~~



~~~ Windows directory ~~~

sites.ini


~~~ Drive root ~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Post-run Files Present


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~ Wininet.dll ~~~

CLEAN! :thumbsup:



---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 12:18:41, 13.8.2005
+ Report-Checksum: 168693E8

+ Scan result:

HKLM\SOFTWARE\AKSoft -> Spyware.AkSoft : Cleaned with backup
HKLM\SOFTWARE\AKSoft\X-Tractor -> Spyware.AkSoft : Cleaned with backup
:mozilla.6:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.38:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.39:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.40:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.41:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.42:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.43:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.44:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.45:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.46:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.73:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
:mozilla.83:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.84:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.85:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.91:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.92:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.93:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.98:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.113:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.114:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.131:C:\Documents and Settings\maja\Data aplikací\Mozilla\Firefox\Profiles\default.tam\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.6:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.32:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.48:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.63:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.64:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.65:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.69:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.70:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Gator : Cleaned with backup
:mozilla.71:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.72:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.80:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.85:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.86:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.97:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.98:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.99:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.100:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.112:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.139:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.140:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.141:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.142:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.143:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.144:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.145:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.151:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.153:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.155:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.156:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.157:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.158:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.159:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.160:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.161:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.173:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.174:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup
:mozilla.175:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup
:mozilla.191:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.194:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.217:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.220:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.221:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.229:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.230:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.237:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.238:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.239:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.240:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.241:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.246:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.265:C:\Documents and Settings\maja\Data aplikací\Phoenix\Profiles\default\uyiazjsv.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup


::Report End




I had some proglems with activescan. When scaning "My Computer", it did not show any report in the end but immediately closed Expolorer. So I ran it again, stopped before the end of scan and this is the result:


Incident Status Location

Adware:adware/cws.homesearchasisstantNo disinfected Windows Registry


Do you think my computer is now OK?

#4 g2i2r4

g2i2r4

    Malware remover


  • Members
  • 900 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:06 AM

Posted 13 August 2005 - 07:34 AM

Open Notepad.
Copy the pruple text to an empty file.
Save it as ‘hsa.bat’ to your desktop.
Choose ‘save as all types *.*’


REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HSA]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SE]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SW]


Close Notepad.
Double-click hsa.bat
Grant permissions to add it to the Registry.
Reboot the computer.


By the looks of it, the computer is fine now.
Is it running ok?
Shall I post you some tips for the future and close the topic?


Posted Image
Life is what happens while you're making other plans

#5 masr

masr
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:06 PM

Posted 13 August 2005 - 07:56 AM

Unfortunatelly, my spybot alarms that Smithfraud-C is still there in 29 entries. This is the result:


--- Search result list ---
Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\20x2p.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\adulthell.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bin.wordsx.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cc20foreva.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\crl.thawte.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\datingforlove.org\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\e-finder.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ewizard.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\fast-look.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-spy-cam.net\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ga31.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\greg-tut.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\letgohome.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\love-catalog.net\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\makechoice.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\meetyourfriend.biz\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\msnprotection.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\t34rulit.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\terra.hcworld.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\toprefsys.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\tracking.allposters.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u45.cx\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u46.cx\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u47.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u48.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\v-224.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\veryeasysearch.com\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\visitfriend.net\*!=W=4

Smitfraud-C.: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-1935655697-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\www.niger.ru\*!=W=4

User abort!: Scan was not completed successfully. ()



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-06-07 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-04-26 Includes\Cookies.sbi (*)
2005-08-12 Includes\Dialer.sbi (*)
2005-08-12 Includes\Hijackers.sbi (*)
2005-06-23 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-08-12 Includes\Malware.sbi (*)
2005-08-12 Includes\PUPS.sbi (*)
2005-04-27 Includes\Revision.sbi (*)
2005-08-06 Includes\Security.sbi (*)
2005-08-12 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-08-12 Includes\Trojans.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security Update for Microsoft Data Access Components
/ DirectX / DX9 / SP1: Oprava hotfix pro DirectX 9 - KB839643
/ Internet Explorer 6 / SP1: Oprava Hotfix systému Windows XP číslo KB834707
/ Internet Explorer 6 / SP1: Oprava Hotfix systému Windows XP číslo KB889293
/ Internet Explorer 6 / SP1: Oprava Hotfix systému Windows XP číslo KB890923
/ Windows Media Player: Oprava hotfix pro program Windows Media Player [Další informace viz Q828026.]
/ Windows Media Player / SP0: Oprava hotfix pro program Windows Media Player [Další informace viz Q828026.]
/ Windows Media Player: Windows Media Update 817787
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB834707
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB867282
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB873333
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB873339
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB883939)
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB885250
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB885835
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB885836
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB886185
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB887472
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB887742
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB888113
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB888302
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB890046)
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB890047
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB890175
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB890859
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB890923
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB891781
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB893066)
/ Windows XP / SP3: Oprava Hotfix systému Windows XP číslo KB893086
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Aktualizace systému Windows XP (KB894391)
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB896358)
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB896422)
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB896423)
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB896428)
/ Windows XP / SP3: Aktualizace systému Windows XP (KB896727)
/ Windows XP / SP3: Aktualizace systému Windows XP (KB898461)
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB899587)
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB899588)
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB899591)
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB901214)
/ Windows XP / SP3: Aktualizace zabezpečení systému Windows XP (KB903235)


--- Startup entries list ---
Located: HK_LM:Run, ATIPTA
command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 344064
MD5: c3ac6adec9f76b3863964c6906486eb2

Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 352256
MD5: 6e74941e3e14cb67fb1648b45a041f0d

Located: HK_LM:Run, FineReader7NewsReaderPro
command: C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
file: C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
size: 278528
MD5: b453664c9a22a299442a44434b0859df

Located: HK_LM:Run, MSN Messenger
command: C:\WINDOWS\system32\msmsgs.exe
file:

Located: HK_LM:Run, NeroCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90

Located: HK_LM:Run, OpwareSE2
command: "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
file: C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
size: 49152
MD5: 882539219b40107d5bc0557e0088dd79

Located: HK_LM:Run, pdfFactory Pro Dispatcher v2
command: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
file: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
size: 393216
MD5: d27c4c698149188bef188b726a8f39f4

Located: HK_LM:Run, Smapp
command: C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
file: C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
size: 143360
MD5: 2d765e811b6ffea9f91d4425e34b8461

Located: HK_LM:Run, WinVNC
command: "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper
file: C:\Program Files\UltraVNC\WinVNC.exe
size: 622661
MD5: 2a70e3ad290956a7e7f70f49d7737f1f

Located: HK_CU:Run, CTFMON.EXE
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: a5baa91475167161dea02ba3c4ca4f59

Located: Startup (common), Adobe Gamma Loader.lnk
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a

Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll



--- Browser helper object list ---


--- ActiveX list ---
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
DPF name:
CLSID name: ActiveScan Installer Class
Installer: C:\WINDOWS\Downloaded Program Files\asinst.inf
Codebase: http://www.pandasoftware.com/activescan/as5free/asinst.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: asinst.dll
Short name:
Date (created): 1.8.2005 8:16:40
Date (last access): 13.8.2005 14:29:32
Date (last write): 1.8.2005 8:16:40
Filesize: 135168
Attributes: archive
MD5: 48940CD1925A3616B8002B42540CD64C
CRC32: 1CF9E9D6
Version: 57.8.0.0



--- Process list ---
PID: 0 ( 0) [System]
PID: 308 ( 4) \SystemRoot\System32\smss.exe
PID: 356 ( 308) \??\C:\WINDOWS\system32\csrss.exe
PID: 380 ( 308) \??\C:\WINDOWS\system32\winlogon.exe
PID: 424 ( 380) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 6E401E61F952FBBF708AFBECEFAFAE81
PID: 436 ( 380) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 82A362FE1D4980B71B588D9C10748511
PID: 576 ( 424) C:\WINDOWS\System32\Ati2evxx.exe
size: 364544
MD5: 040C487C63FEF0DE230539B5D5CE0641
PID: 608 ( 424) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
PID: 680 ( 424) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
PID: 716 ( 424) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
PID: 768 ( 424) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
PID: 840 ( 424) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
PID: 916 ( 424) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1064 ( 380) C:\WINDOWS\system32\Ati2evxx.exe
size: 364544
MD5: 040C487C63FEF0DE230539B5D5CE0641
PID: 1148 (1088) C:\WINDOWS\Explorer.EXE
size: 1032704
MD5: 53114D57AB73A406AC7F602227781A99
PID: 1300 (1148) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
size: 393216
MD5: D27C4C698149188BEF188B726A8F39F4
PID: 1308 (1148) C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
size: 278528
MD5: B453664C9A22A299442A44434B0859DF
PID: 1356 (1148) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 344064
MD5: C3AC6ADEC9F76B3863964C6906486EB2
PID: 1364 (1148) C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
size: 49152
MD5: 882539219B40107D5BC0557E0088DD79
PID: 1404 (1148) C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
size: 143360
MD5: 2D765E811B6FFEA9F91D4425E34B8461
PID: 1444 (1148) C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 352256
MD5: 6E74941E3E14CB67FB1648B45A041F0D
PID: 1452 ( 424) C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
size: 330240
MD5: 9DBD26D7D7967D918C507B1E2A93A37E
PID: 1476 (1148) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: A5BAA91475167161DEA02BA3C4CA4F59
PID: 1528 ( 424) C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
size: 84480
MD5: 62E6B23B906B213836470740FE449B43
PID: 1572 ( 424) C:\Program Files\Executive Software\Diskeeper\DkService.exe
size: 241664
MD5: F9D39794F0AD5F2C0C16F8BFA665E5DD
PID: 1676 ( 424) C:\Program Files\ewido\security suite\ewidoctrl.exe
size: 16448
MD5: 867D9D1FA818F8629BB7A4A26E94B06A
PID: 1720 ( 424) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
size: 322120
MD5: 11F714F85530A2BD134074DC30E99FCA
PID: 1824 ( 424) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
size: 45056
MD5: 3978F082274F723AD5A0A8058C2417DD
PID: 1840 ( 424) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
PID: 1864 ( 424) C:\Program Files\UltraVNC\WinVNC.exe
size: 622661
MD5: 2A70E3AD290956A7E7F70F49D7737F1F
PID: 208 (1148) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 1256 ( 424) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: B3F690BF43F93A012A52F28F234FAA1B
PID: 964 ( 608) C:\WINDOWS\System32\wbem\wmiprvse.exe
size: 218112
MD5: EF897DDCD9E269B83F03F328698AAE7A
PID: 2172 ( 424) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
PID: 2296 ( 716) C:\WINDOWS\system32\wuauclt.exe
size: 124184
MD5: E1A91BB1778DCA27D534120189D416A7
PID: 2396 (1148) C:\Program Files\Mozilla Firefox\firefox.exe
size: 6578276
MD5: 0A614599F8E9FAA5069FEA6326A25D65
PID: 2520 (1148) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
size: 12037688
MD5: 1EEA7DD2F1EA6EFEF380B99A90228D2F
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 13.8.2005 14:52:45

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\SYSTEM32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://search.msn.com/spbasic.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?p...B_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?p...er=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---


--- Uninstall list ---
A.S.C. (A.S.C.)
uninstall cmd: C:\DOCUME~1\ALLUSE~1\Plocha\SEXYBR~1\AS2ECF~1.C\UNWISE.EXE C:\DOCUME~1\ALLUSE~1\Plocha\SEXYBR~1\AS2ECF~1.C\INSTALL.LOG

Aaron Support (Aaron Support)
uninstall cmd: C:\WINDOWS\uninst.exe -f"C:\Program Files\Nostromo\Aaron Support\DeIsL1.isu" -c"C:\Program Files\Nostromo\Aaron Support\_ISREG32.DLL"

AC3Filter (remove only) (AC3Filter)
uninstall cmd: C:\Program Files\AC3Filter\uninstall.exe

Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~2\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com

(AddressBook)

Adobe Photoshop 7.0.1 CE 7.0.1 CE (Adobe Photoshop 7.0.1 CE)
version (major): 7
install location: C:\Program Files\Adobe\Photoshop 7.0 CE
install source: G:\Photoshop\
uninstall cmd: C:\WINDOWS\ISUN0405.EXE -f"C:\Program Files\Adobe\Photoshop 7.0 CE\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0 CE\Uninst.dll"
publisher: Adobe Systems, Inc.

ATI - Software Uninstall Utility 6.14.10.1012 (All ATI Software)
install location: C:\Program Files\ATI Technologies\UninstallAll
uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

AP Guitar Tuner 1.02 (AP Guitar Tuner 1.02)
uninstall cmd: C:\WINDOWS\uninst.exe -f"C:\Program Files\Audio Phonics, Inc.\AP Guitar Tuner 1.02\DeIsL1.isu" -c"C:\Program Files\Audio Phonics, Inc.\AP Guitar Tuner 1.02\_ISREG32.DLL"

Arcade Racing (Arcade Racing)
uninstall cmd: C:\Program Files\PAL Games\Arcade Racing\Uninstal.exe

ASIO4ALL v2 (ASIO4ALL v2)
uninstall cmd: C:\Program Files\ASIO4ALL v2\uninstall.exe

ATI Display Driver 8.132-050503a2-022511C-ATI (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

AVG Free Edition (AVG7Uninstall)
uninstall cmd: C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL

(Branding)

BSPlayer (BSPlayer1)
uninstall cmd: "C:\Program Files\Webteh\BSPlayer\uninstall.exe"

CD-DA X-Tractor v0.24 0.24 (CD-DA X-Tractor_is1)
uninstall cmd: "C:\Program Files\CD-DA X-Tractor\unins000.exe"

(Connection Manager)

(DirectAnimation)

(DirectDrawEx)

DivX Pro Codec Adware (DivX Codec)
uninstall cmd: C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Pro Codec Adware\UninstalDivXProCodecAdware.log

DivX Player (DivX Player)
uninstall cmd: C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Player\uninstal.log

(DXM_Runtime)

ewido security suite (ewidosecuritysuite)
install location: C:\Program Files\ewido\security suite
uninstall cmd: C:\Program Files\ewido\security suite\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net

(Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Program Files\HijackThis\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

IK Multimedia Amplitube DX/VST/RTAS v2.0 (IK Multimedia Amplitube DX/VST/RTAS v2.0)
uninstall cmd: C:\PROGRA~1\IKMULT~1\AMPLIT~1\UNWISE.EXE C:\PROGRA~1\IKMULT~1\AMPLIT~1\INSTALL.LOG

(InstallShield Uninstall Information)

Corel Graphics Suite 11 11 (InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0})
version: 184549376
version (major): 11
version (minor): 11
estimated size: 267319
install date: 20040627
install location: C:\Program Files\Corel\Corel Graphics 11\
install source: G:\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{07A540AB-D785-11D5-8E89-0090275862A0}
publisher: Corel Corporation
comments:
contact: Corel Customer Service
help link: http://www.corel.com
help telephone: U.S. 1-800-772-6735 Outside U.S. 1-800-267-35127
readme:

Siemens Data Suite 1.0.0.76 (InstallShield_{7AE38076-D8FD-4EF9-A203-98A3EF0C66C1})
version: 16777216
version (major): 1
estimated size: 54777
install date: 20040809
install source: C:\Documents and Settings\maja\Plocha\cdsetup1.0.0.76\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7AE38076-D8FD-4EF9-A203-98A3EF0C66C1} /l1029
publisher: Siemens AG
comments: Siemens
contact: Oddilení pro technickou podporu
help link: http://www.my-siemens.com
help telephone: (049)
readme: Readme.txt

IrfanView (remove only) (IrfanView)
uninstall cmd: C:\Program Files\IrfanView\iv_uninstall.exe

Microsoft Data Access Components KB870669 (KB870669)
uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB870669

Oprava Hotfix systému Windows XP číslo KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333

Oprava Hotfix systému Windows XP číslo KB873339 20041117.094106 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339

Aktualizace zabezpečení systému Windows XP (KB883939) 1 (KB883939)
install date: 20050615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=883939

(KB884016)

Oprava Hotfix systému Windows XP číslo KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250

Oprava Hotfix systému Windows XP číslo KB885835 20041027.181751 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835

Oprava Hotfix systému Windows XP číslo KB885836 20041028.161024 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836

Oprava Hotfix systému Windows XP číslo KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185

Oprava Hotfix systému Windows XP číslo KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113

Oprava Hotfix systému Windows XP číslo KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302

Aktualizace zabezpečení systému Windows XP (KB890046) 1 (KB890046)
install date: 20050615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046

Oprava Hotfix systému Windows XP číslo KB890175 20041201.233338 (KB890175)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175

Oprava Hotfix systému Windows XP číslo KB890859 1 (KB890859)
install date: 20050608
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859

(KB890923)

Oprava Hotfix systému Windows XP číslo KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781

Oprava Hotfix systému Windows XP číslo KB893066 1 (KB893066)
install date: 20050608
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066

Oprava Hotfix systému Windows XP číslo KB893086 1 (KB893086)
install date: 20050608
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893086

Aktualizace zabezpečení systému Windows XP (KB893756) 1 (KB893756)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756

(KB893803)

3.1 (KB893803v2)
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Aktualizace systému Windows XP (KB894391) 1 (KB894391)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391

Aktualizace zabezpečení systému Windows XP (KB896358) 1 (KB896358)
install date: 20050615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358

Aktualizace zabezpečení systému Windows XP (KB896422) 1 (KB896422)
install date: 20050615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422

Aktualizace zabezpečení systému Windows XP (KB896423) 1 (KB896423)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423

Aktualizace zabezpečení systému Windows XP (KB896428) 1 (KB896428)
install date: 20050615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428

Aktualizace systému Windows XP (KB896727) 1 (KB896727)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896727

Aktualizace systému Windows XP (KB898461) 1 (KB898461)
install date: 20050629
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461

Aktualizace zabezpečení systému Windows XP (KB899587) 1 (KB899587)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587

Aktualizace zabezpečení systému Windows XP (KB899588) 1 (KB899588)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899588

Aktualizace zabezpečení systému Windows XP (KB899591) 1 (KB899591)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591

Aktualizace zabezpečení systému Windows XP (KB901214) 1 (KB901214)
install date: 20050717
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214

Aktualizace zabezpečení systému Windows XP (KB903235) 1 (KB903235)
install date: 20050717
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=903235

KRISTAL Audio Engine (KRISTAL Audio Engine)
uninstall cmd: C:\Program Files\Kreatives.org\KRISTAL Audio Engine\Uninstall.exe

Lingea Lexicon 2002 (Lexicon 4.0)
uninstall cmd: C:\WINDOWS\LgUninst.exe C:\Program Files\Lingea\Lex2002\Setup.exe

Macromedia Shockwave Player (Macromedia Shockwave Player)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log

(Microsoft NetShow Player 2.0)

Miranda IM (Miranda IM)
uninstall cmd: C:\Program Files\Miranda IM\uninstall.exe

Miranda Installer (Miranda Installer)
uninstall cmd: C:\Program Files\Miranda IM\Tools\MirInst\uninstall.exe

(MobileOptionPack)

Mozilla Firefox (0.9.3) 0.9.3 (en) (Mozilla Firefox (0.9.3))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\WINDOWS\UninstallFirefox.exe /ua "0.9.3 (en)"
publisher: Mozilla

(MPlayer2)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

(MsJavaVM)

NapkinRace v1.0 (NapkinRace_is1)
uninstall cmd: "C:\Program Files\NapkinRace\unins000.exe"
publisher: steinware
help link: http://www.steinware.dk/napkinrace

Native Instruments Guitar Rig v1.2 (Native Instruments Guitar Rig v1.2)
uninstall cmd: C:\PROGRA~1\NATIVE~1\GUITAR~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\GUITAR~1\INSTALL.LOG

Ahead Nero Burning ROM (Nero - Burning Rom!UninstallKey)
uninstall cmd: C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

(NetMeeting)

(OutlookExpress)

Panda ActiveScan (Panda ActiveScan)
uninstall cmd: C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
publisher: Panda Software S.L.

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

pdfFactory Pro (pdfFactory Pro)
uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppinst2.exe /uninstall

PV10 (PV10)
uninstall cmd: C:\WINDOWS\uninst.exe -f"C:\Program Files\PV10\DeIsL1.isu" -c"C:\Program Files\PV10\_ISREG32.DLL"

Santa Ride! (Santa Ride)
uninstall cmd: C:\Program Files\Invictus Games\Santa Ride!\uninstall.exe

(SchedulingAgent)

(Shockwave)

(ShockwaveFlash)

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

Steinberg Cubase SX v2.2.0.33 (Steinberg Cubase SX v2.2.0.33)
uninstall cmd: C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG

Steinberg Nuendo v2.2.0.33 (Steinberg Nuendo v2.2.0.33)
uninstall cmd: C:\PROGRA~1\STEINB~1\NUENDO~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\NUENDO~1\INSTALL.LOG

TORCS 1.2.1 (TORCS_is1)
uninstall cmd: "C:\Program Files\TORCS\unins000.exe"
publisher: The TORCS Team
help link: http://torcs.sourceforge.net

Total Commander (Remove or Repair) (Totalcmd)
uninstall cmd: C:\Program Files\totalcmd\tcuninst.exe

Winamp (remove only) (Winamp)
uninstall cmd: "C:\Program Files\Winamp\UninstWA.exe"

Windows XP Service Pack 2 20040817.151442 (Windows XP Service Pack)
uninstall cmd: C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=811113

XnView 1.74 1.74 (XnView_is1)
install location: C:\Program Files\XnView\
uninstall cmd: "C:\Program Files\XnView\unins000.exe"
publisher: Gougelet Pierre-e

Corel Graphics Suite 11 11 ({07A540AB-D785-11D5-8E89-0090275862A0})
version: 184549376
version (major): 11
version (minor): 11
estimated size: 267319
install date: 20040627
install location: C:\Program Files\Corel\Corel Graphics 11\
install source: G:\
publisher: Corel Corporation
comments:
contact: Corel Customer Service
help link: http://www.corel.com
help telephone: U.S. 1-800-772-6735 Outside U.S. 1-800-267-35127
readme:

Canon CanoScan Toolbox 4.7 ({088A077A-8028-408C-AE7B-4512AE2A65A0})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{088A077A-8028-408C-AE7B-4512AE2A65A0}\setup.exe" -l0x9 anything

ATI Control Panel 6.14.10.5154 ({0BEDBD4E-2D34-47B5-9973-57E62B29307C})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"

Adobe Photoshop Album 2.0 Starter Edition 2.00.000 ({11B569C2-4BF6-4ED0-9D17-A4273943CB24})
version: 33554432
version (major): 2
estimated size: 15907
install date: 20040824
install source: C:\WINDOWS\Downloaded Installations\{E21460AB-331B-445C-A93C-A6CDF9DA1C3C}\
uninstall cmd: MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}
publisher: Adobe Systems, Inc.
readme: C:\Program Files\Adobe\Photoshop Album Starter Edition\2.0\readme.txt

ArcSoft PhotoStudio 5.5 ({230CCBE9-14B0-4008-97AF-30C10F99E42C})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{230CCBE9-14B0-4008-97AF-30C10F99E42C}\setup.exe" -l0x9

WebFldrs XP 9.50.6513 ({350C9405-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154278257
version (major): 9
version (minor): 50
estimated size: 2624
install date: 20040528
install source: C:\WINDOWS\System32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

ACDSee 6.0 PowerPack 6.0.0 ({38A0BB97-772D-422E-BCCA-4BA2A5D81F42})
version: 100663296
version (major): 6
estimated size: 44745
install date: 20040627
install location: C:\Program Files\ACD Systems\
install source: C:\WINDOWS\Downloaded Installations\{B0CC1A89-E31E-455D-85F9-E168107BAC9F}\
uninstall cmd: MsiExec.exe /I{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}
publisher: ACD Systems Ltd.
comments: This database contains the necessary files and logic to install ACDSee and additional support programs and plug-ins where appropriate
contact: Technical Support
help link: http://www.acdsystems.com/English/Support
help telephone: 250-544-6701
readme: ""

XTNDConnect PC ({3D6ACBBB-A640-4715-BA0F-42D1EA05F23A})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D6ACBBB-A640-4715-BA0F-42D1EA05F23A}\Setup.exe" UNINSTALL

Ultr@VNC 1.0.0 RC11d - Win32 1.00 ({448C30CF-1082-43F7-A266-DF89B81B260E}_is1)
uninstall cmd: "C:\Program Files\UltraVNC\unins000.exe"
publisher: Ultra@VNC
help link: http://ultravnc.sourceforge.net/

VBA (2627.01) 6.03.00.9188 ({5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6})
version: 100859904
version (major): 6
version (minor): 3
estimated size: 17258
install date: 20040627
install source: G:\VBA6\
publisher: Microsoft Corporation

Java 2 Runtime Environment, SE v1.4.2 1.4.2 ({7148F0A8-6813-11D6-A77B-00B0D0142000})
version: 17039362
version (major): 1
version (minor): 4
estimated size: 63140
install date: 20040824
install source: C:\Documents and Settings\maja\Local Settings\Data aplikací\{7148F0A6-6813-11D6-A77B-00B0D0142000}\
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Readme.txt

OmniPage SE 2.0 2.00.0000 ({79D5997E-BF79-48BB-8B41-9BE59C15C2D7})
version: 33554432
version (major): 2
estimated size: 69099
install date: 20040721
install location: C:\Program Files\ScanSoft\OmniPageSE2.0\
install source: F:\omnipage\
uninstall cmd: MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
publisher: ScanSoft, Inc.

Siemens Data Suite 1.0.0.76 ({7AE38076-D8FD-4EF9-A203-98A3EF0C66C1})
version: 16777216
version (major): 1
estimated size: 54777
install date: 20040809
install source: C:\Documents and Settings\maja\Plocha\cdsetup1.0.0.76\
publisher: Siemens AG
comments: Siemens
contact: Oddilení pro technickou podporu
help link: http://www.my-siemens.com
help telephone: (049)
readme: Readme.txt

Microsoft Office Professional Edition 2003 11.0.5614.0 ({90110405-6000-11D3-8CFE-0150048383C9})
version: 184554990
version (major): 11
estimated size: 599492
install date: 20040529
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\90000405-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1029\OFREADME.HTM

Microsoft Office FrontPage 2003 11.0.5614.0 ({90170405-6000-11D3-8CFE-0150048383C9})
version: 184554990
version (major): 11
estimated size: 308370
install date: 20040529
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\90000405-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{90170405-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1029\OFREADME.HTM

Diskeeper Professional Edition 8.0.459 ({A320805E-26CE-4332-9239-2F4837165C8B})
version: 134218187
version (major): 8
estimated size: 9266
install date: 20041028
install location: C:\Program Files\Executive Software\Diskeeper\
install source: C:\WINDOWS\Downloaded Installations\Diskeeper Professional\{5F631B67-D9A5-4B57-88AE-EA7EC7BA7DEF}\
uninstall cmd: MsiExec.exe /X{A320805E-26CE-4332-9239-2F4837165C8B}
publisher: Executive Software
comments: Disk Defragmenter
contact: Technical Support
help link: http://www.execsoft.com
help telephone: 1-818-771-1600

ABBYY FineReader 7.0 Professional Edition 7.00.522.3623 ({AAF70000-22B9-4CE9-98D6-2CCF359BAC07})
version: 117441034
version (major): 7
estimated size: 73323
install date: 20040627
install location: C:\Program Files\ABBYY FineReader 7.0 Professional Edition\
install source: C:\Program files\FR70PRO\
uninstall cmd: MsiExec.exe /I{AAF70000-22B9-4CE9-98D6-2CCF359BAC07}
publisher: ABBYY Software House
comments: ABBYY Software House
contact: http://www.abbyy.com/support
help link: http://www.abbyy.com
help telephone: +7 (095) 234 44 00

Adobe Reader 6.0 6.0 ({AC76BA86-7AD7-1033-7646-000000000001})
version: 100663296
version (major): 6
estimated size: 26400
install date: 20040529
install location: C:\Program Files\Adobe\Acrobat 6.0\Reader\
install source: C:\WINDOWS\Cache\Adobe Reader 6.0\ENUMIN\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7646-000000000001}
publisher: Adobe Systems Incorporated
comments:
contact: Customer Support Department
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 6.0\Reader\Readme.htm

Manual CanoScan 5200F ({CABB50D8-AC2C-4C59-BF8A-71F073B88B3B})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CABB50D8-AC2C-4C59-BF8A-71F073B88B3B}\setup.exe" -l0x9

SoundMAX 5.12.01.3665 ({F0A37341-D692-11D4-A984-009027EC0A9C})
install location: C:\Program Files\Analog Devices\SoundMAX
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
publisher: Analog Devices



--- System Services ---
Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Start: 4
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Microsoft ACPI Driver
Image path: System32\DRIVERS\ACPI.sys
Image size: 188288
Image MD5: FA2FBCDA96D2385F773B059FE5A125A6
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Start: 4
Type: 1
Error Control: 1

Service (registry key): aeaudio
Image path: system32\drivers\aeaudio.sys
Image size: 4816
Image MD5: 11C04B17ED2ABBB4833694BCD644AC90
Start: 3
Type: 1
Error Control: 1

Service (registry key): aec
Display name: Microsoft Kernel Acoustic Echo Canceller
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 841F385C6CFAF66B58FBD898722BB4F0
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Display name: Prostředí pro podporu sítě AFD
Description: Prostředí podpory sítí AFD
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): agp440
Display name: Filtr Intel sběrnice AGP
Image path: System32\DRIVERS\agp440.sys
Image size: 42368
Image MD5: 2C428FA0C3E3A01ED93C9B2A27D8D4BB
Start: 0
Type: 1
Error Control: 1

Service (registry key): Aha154x
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78u2
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78xx
Start: 4
Type: 1
Error Control: 1

Service (registry key): Alerter
Display name: Výstrahy
Description: Upozorňuje vybrané uživatele a počítače na výstrahy správy. Je-li služba zastavena, nebudou výstrahy správy doručovány programům, které tyto výstrahy využívají. Jestliže je tato služba zakázána, nezdaří se spuštění žádných služeb, které na této službě závisí.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalService
Image size: 14336
Image MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Display name: Služba brány aplikačního rozhraní
Description: Zajišťuje podporu modulů plug-in pro protokoly třetích stran, které budou součástí sdílení připojení k Internetu a brány firewall systému Windows.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: B3F690BF43F93A012A52F28F234FAA1B
Start: 3
Type: 16
Error Control: 1

Service (registry key): AliIde
Start: 4
Type: 1
Error Control: 1

Service (registry key): amsint
Start: 4
Type: 1
Error Control: 1

Service (registry key): AppMgmt
Display name: Správa aplikací
Description: Poskytuje služby instalace softwaru, jako např

#6 g2i2r4

g2i2r4

    Malware remover


  • Members
  • 900 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:06 AM

Posted 14 August 2005 - 07:02 AM

The entries found by Spybot are security related, they are part of a block list preventing you to visite roque sites. You can leave them.

I don't see any strange things. You may want to update Firefox (0.9.3) as they are on version 1.06 now.

Is the computer running ok now?


Posted Image
Life is what happens while you're making other plans

#7 masr

masr
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:06 PM

Posted 14 August 2005 - 07:22 AM

Yes, everything seems to work properly in my computer. Thank's very much again.

#8 g2i2r4

g2i2r4

    Malware remover


  • Members
  • 900 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:06 AM

Posted 14 August 2005 - 02:54 PM

Please follow these simple steps in order to keep your computer clean and secure:
  • Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point.

    You can find instructions on how to enable and reenable system restore here:

    Managing Windows Millenium System Restore

    or

    Windows XP System Restore Guide

    Renable system restore with instructions from tutorial above

  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialize and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub-frames across different domains to Prompt
      • When all these settings have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.
  • Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

    See this link for a listing of some online & their stand-alone antivirus programs:

    Virus, Spyware, and Malware Protection and Removal Resources

  • Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

  • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

    For a tutorial on Firewalls and a listing of some available ones see the link below:

    Understanding and Using Firewalls

  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

  • Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.

    A tutorial on installing & using this product can be found here:

    Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers

  • Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

    A tutorial on installing & using this product can be found here:

    Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

  • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

    A tutorial on installing & using this product can be found here:

    Using SpywareBlaster to protect your computer from Spyware and Malware

  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

Glad I was able to help.


Posted Image
Life is what happens while you're making other plans




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users