Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help Please Pop Up Hell


  • This topic is locked This topic is locked
17 replies to this topic

#1 sloooowpc

sloooowpc

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 02 September 2006 - 12:07 AM

I foolishly downloaded and run a prog that I was sent. Ever since I have been in pop up hell, and my pc has been running very slow. Please help?
Here is my HijackThis log...

Logfile of HijackThis v1.99.1
Scan saved at 11:47:56 PM, on 9/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\windows\system32\netsecurity.exe
C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Portrait Displays\forteManager\dtsrvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\windows\sys043788.exe
C:\windows\Duce6.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\windows\system32\crunner\cproc.exe
C:\Program Files\WinPortrait\floater.exe
C:\windows\system32\taskmgr.exe
C:\windows\System32\svchost.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\wuauclt.exe
C:\Documents and Settings\Rob\My Documents\hijackthis\HijackThis.exe

R3 - URLSearchHook: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Program Files\Deskbar\deskbar.dll (file missing)
F2 - REG:system.ini: Shell=Explorer.exe, C:\windows\system32\liinr.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe,veorcem.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {263DE88B-6B98-4E95-B2A6-D9E0F0A089C3} - C:\Program Files\MSN Gaming Zone\pohebota.dll (file missing)
O2 - BHO: SSL encrypt - {746455FE-D059-47e7-AF0E-140E03F5A447} - C:\windows\system32\nsa57.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Related Page - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\windows\system32\WinNB58.dll (file missing)
O2 - BHO: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Program Files\Deskbar\deskbar.dll (file missing)
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\windows\system32\WinNB58.dll (file missing)
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [winupdate] C:\Program Files\winupdate\winupdate.exe /auto
O4 - HKLM\..\Run: [defender] C:\\dfndrff_15.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_15.exe
O4 - HKLM\..\Run: [sys043788] C:\windows\sys043788.exe
O4 - HKLM\..\Run: [uqje4ddf] RUNDLL32.EXE w008bfed.dll,n 003e4ddc00000003008bfed
O4 - HKLM\..\Run: [loaddr] C:\topaff.exe
O4 - HKLM\..\Run: [TheMonitor] C:\windows\Duce6.exe
O4 - HKLM\..\Run: [newname] C:\\nwnmff_15.exe
O4 - HKLM\..\Run: [adstart] "iexplore.exe" "http://iesettingsupdate"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [cprocsvc] C:\windows\system32\crunner\cproc.exe
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\nwinrpex.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\windows\system32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\windows\system32\dmonwv.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols3/fscax.cab
O18 - Filter: text/html - {994D478A-45D0-4DB4-AE27-738B1E346F99} - C:\Program Files\Batty2\Batty2.dll
O20 - Winlogon Notify: SharedDLLs - C:\windows\system32\lsnkinfo.dll (file missing)
O20 - Winlogon Notify: ShellScrap - C:\windows\system32\szhannel.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32\WgaLogon.dll
O23 - Service: .NETSecurity - Unknown owner - C:\windows\system32\netsecurity.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\windows\VGhlIFNsb21hbnM\command.exe (file missing)
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Portrait Displays\forteManager\dtsrvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Windows Overlay Components - Unknown owner - C:\windows\gevxaps.exe (file missing)

BC AdBot (Login to Remove)

 


m

#2 kairis

kairis

  • Members
  • 327 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:06:57 PM

Posted 02 September 2006 - 05:06 AM

Hi and welcome. My name is kairis and I will be helping you.
You have some crap there! But don't worry, we'll get you cleaned up!
Please follow my steps in the right order...
We'll start with this:

1. Please download Ewido Anti-Malware
  • Install ewido anti-malware
  • Launch ewido, there should be an icon on your desktop, double-click it.
  • The program will now open to the main screen.
  • When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.

    You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  • The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")
  • Exit Ewido, do not run the scan yet!
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

2. Please download Brute Force Uninstaller to your desktop.
  • Right click the BFU folder on your desktop, and choose Extract All
  • Click "Next"
  • In the box to choose where to extract the files to,
  • Click "Browse"
  • Click on the + sign next to "My Computer"
  • Click on "Local Disk (C:) or whatever your primary drive is
  • Click "Make New Folder"
  • Type in BFU
  • Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
3. RIGHT-CLICK HERE and choose "Save As" (in IE it's "Save Target As") in order to download Alcra PLUS Remover.
Save it in the same folder you made earlier (c:\BFU).

Do not do anything with these yet!

Reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping F8 until a menu appears. Highlight Safe Mode and hit enter.

4. Once in Safe Mode, Open Ewido:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido anti-malware.

5. Then, please go to Start > My Computer and navigate to the C:\BFU folder.
  • Start the Brute Force Uninstaller by doubleclicking BFU.exe
  • Behind the scriptline to execute field click the folder icon Posted Image and select alcanshorty.bfu
  • Press Execute and let the program do it’s job. (You ought to see a progress bar if you did this correctly.)
  • Wait for the complete script execution box to pop up and press OK.
  • Press exit to terminate the BFU program.
Reboot into normal windows and post the contents of Ewido text report that you saved and a new HiJackThis log.

#3 sloooowpc

sloooowpc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 03 September 2006 - 01:01 PM

Ewido Text Report (Part One)
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:52:41 AM 9/3/2006

+ Scan result:



C:\Program Files\TrustIn Contextual -> Adware.Generic : No action taken.
C:\Program Files\TrustIn Contextual\TRUSTINCONTEXT.0LL -> Adware.Generic : No action taken.
C:\Program Files\Internet Optimizer -> Adware.InternetOptimizer : No action taken.
C:\Program Files\Internet Optimizer\optimize.exe -> Adware.InternetOptimizer : No action taken.
C:\Documents and Settings\Rob\My Documents\hijackthis\backups\backup-20060518-234655-129.dll -> Adware.MediaMotor : No action taken.
C:\Documents and Settings\Rob\My Documents\hijackthis\backups\backup-20060901-211744-955.dll -> Adware.Softomate : No action taken.
C:\Documents and Settings\Rob\My Documents\hijackthis\backups\backup-20060901-211744-425.dll -> Adware.TrafficSol : No action taken.
C:\Program Files\Trust Cleaner -> Adware.TrustCleaner : No action taken.
C:\Program Files\Trust Cleaner\Quarantine -> Adware.TrustCleaner : No action taken.
C:\Program Files\Trust Cleaner\TCD.sys -> Adware.TrustCleaner : No action taken.
C:\Program Files\TrustIn Bar -> Adware.TrustCleaner : No action taken.
C:\Program Files\TrustIn Bar\bar.xml -> Adware.TrustCleaner : No action taken.
C:\Program Files\TrustIn Bar\trust.bmp -> Adware.TrustCleaner : No action taken.
C:\Program Files\TheSearchAccelerator -> Adware.UCmore : No action taken.
C:\Program Files\webHancer -> Adware.Webhancer : No action taken.
C:\Program Files\webHancer\whAgent_update.exe -> Adware.Webhancer : No action taken.
C:\Program Files\whInstall -> Adware.Webhancer : No action taken.
C:\Program Files\whInstall\whAgent.inf -> Adware.Webhancer : No action taken.
C:\Program Files\whInstall\whInstaller.ini -> Adware.Webhancer : No action taken.
:mozilla.30:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.31:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.79:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@hertz.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\det.MAINPC\Cookies\det@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@admarketplace[2].txt -> TrackingCookie.Admarketplace : No action taken.
C:\Documents and Settings\Rob\Cookies\rob@admarketplace[1].txt -> TrackingCookie.Admarketplace : No action taken.
D:\Documents and Settings\Jackie\Cookies\jackie@admarketplace[2].txt -> TrackingCookie.Admarketplace : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@adrevolver[2].txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.54:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.56:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.57:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.58:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@advertising[3].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.25:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\LocalService\Cookies\system@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@www.burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Rob\Cookies\rob@www.burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.61:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.62:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@casalemedia[1].txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.44:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Centrport : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@centrport[1].txt -> TrackingCookie.Centrport : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@com[1].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Rob\Cookies\rob@com[1].txt -> TrackingCookie.Com : No action taken.
:mozilla.32:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@e-2dj6wjmyqkajccq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Rob\Cookies\rob@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.52:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.53:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\LocalService\Cookies\system@c.goclick[2].txt -> TrackingCookie.Goclick : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@ehg-inforspaceinc.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@ehg-knightridder.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@ehg-traderelectronicmedia.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Rob\Cookies\rob@ivwbox[2].txt -> TrackingCookie.Ivwbox : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@sales.liveperson[2].txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.55:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.59:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@mediaplex[2].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Rob\Cookies\rob@stat.onestat[2].txt -> TrackingCookie.Onestat : No action taken.
:mozilla.34:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.35:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.36:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.37:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.64:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.17:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.18:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@edge.ru4[2].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : No action taken.
C:\Documents and Settings\Rob\Cookies\rob@statcounter[2].txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.60:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@anad.tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Rob\Cookies\rob@anad.tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Rob\Cookies\rob@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@trafficmp[1].txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.51:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.49:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.50:C:\Documents and Settings\Rob\Application Data\Mozilla\Firefox\Profiles\o0iinzu5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\LocalService\Cookies\system@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Rob\Cookies\rob@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Jackie\Cookies\jackie@zedo[1].txt -> TrackingCookie.Zedo : No action taken.
C:\Uploads\Sagetvclient 2.2.8 cracked by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sagetvclient 2.2.8 repack cracked by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SaifuSaver 1.0.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sail Palm v2.4 PalmOS Cracked by BLZPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sail Simulator v4.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sailbase v1.0.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint Studio 10.15.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint Studio 10.1x GENERIC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint Studio 10.5 CRK by FFF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint Studio 11.20.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint Studio v10.0.2 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint Studio v10.17.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint Studio v10.3 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint Studio v9.0 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint v2.2.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint v2.3.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint v2.3.9.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint v2.4.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint v2.4.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Saint Paint v6.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sajer v1.0 by EPS Updated.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sajer v1.0 by Orion.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sakersoft All-Time Baseball v1.x.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sakhr Arabian Dictionary.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salamander v2.5 Beta 2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sales Assistant v1.0 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sales Expert v1.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sales Personality Inventory v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sales Program Manager v2.0 by TBE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sales Program Manager v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sales Storm v3.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sales and Contact Management v1.0.4 by ECLiPSE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Sales and Contact Management v1.0.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesExpert v1.6.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesNotes Enterprise v5.0 DC 01202004.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesNotes Enterprise v5.0 DC 06152005 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesNotes Enterprise v5.0 DC 09242004 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesNotes Enterprise v5.0 DC 09242004.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesNotes Enterprise v5.0 DC 12042003.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesNotes Enterprise v5.0 DC 12072004 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesNotes Enterprise v5.0 Datecode 01202004 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesNotes Enterprise v5.0 Datecode 07222004 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesNotes Enterprise v5.0 Datecode 07222004.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesTalk Enterprise v5.0.DC.0930.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesTax Mate v2.0.93 Regged by EXPLOSiON.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesTax Mate v2.0.93.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\SalesWarrior 2.3 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salesstream EPOS v19.18.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salfeld-Exe Passwort 2004 V7.114.0.0 GERMAN by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salfeld-Exe Passwort 2004 V7.114.0.0 GERMAN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salford-Systems CART v4.0 Pro.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salford-Systems CART4 MARS and others Generic Cracker.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salford-Systems CART4, MARS and others Generic Cracker.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salford-Systems MARS v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salo Storm Software Extreme Password Generator Pro v1.4 Retail.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon 2000 v4.02 Beta.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon 2000 v4.05.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon 2000 v4.06.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 4.3.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 4.3.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 4.4.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 5.0.9.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 5.05.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 5.1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 5.1.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 5.1.8.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 5.2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 5.2.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris 5.2.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris Professional 4.3.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris WAN Package 4.3.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.2.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.2.6 WiN2KXP by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.2.8 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.2.8.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.1 Regged by ARN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.2 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.3 WiN2KXP by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.3 WiN2KXP.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.4 WiN2KXP by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.4 WiN2KXP.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.4 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.5 Regged by ARN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.5 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.5 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.3.6 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v4.4.0 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v5.0.0 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v5.0.6 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v5.0.8 REPACK by BRD.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v5.0.8 by BRD.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v5.05 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v5.2.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v5.2.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon Iris v6.0.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Salon iris 1.3.8.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-COM PowerDesk Pro v 6.0.1.8 by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-COM PowerDesk Pro v 6.0.1.8.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Com CD Anywhere 2.03.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Com CD Anywhere 2.04.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Com CD Anywhere 2.50.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Com System Commander v8.0 by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Com System Commander v8.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Com System Commander v8.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Mobile Software Network Browser v1.2 XSCALE WM2003.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Planner v3.30 by BLiZZARD.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Planner v3.30.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Planner v3.32.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Planner v3.43 Spanish by BLiZZARD.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Planner v3.43 Spanish.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Planner v3.43 by BLiZZARD.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Planner v3.43.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-STACK v1.2.0.22 NFO Fix.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Scheduler v2.0.1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Scheduler v2.1.x.x.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V-Scribe Systems Twang v3.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V.I.P 4 Music v1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V.I.P 4 Musik v1.1 German.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V.I.P. 4 Music v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V12-DBE33 for Authorware.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V12DBE for Macromedia Director v3.1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V12DBE for Macromedia Director v3.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V3mail 1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V3mail 1.21 Keygen.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V3mail 1.21 Serial.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V4 Customer Management System Professional 5.7.11.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\V8 Challenge NoCD Patch by BAT.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAC Builder Voice Activated Command v1.6.3 by YAG.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAG-COM Alpha v0.80.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAG-COM Alpha v0.81.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAG-COM Alpha v206.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAG-COM Alpha v206.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAG-COM Alpha v206.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAG-COM Multi Keygen.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAG-COM Release 208.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAG-COM v0.78 Beta.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAG-COM v311.6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAMP Advanced Mail Processor v1.2.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAMP v1.2.1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAMP v1.3.0.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAMP v1.4.0.0 by Crossfire.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAMP v1.4.0.0 by Eminence.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAMP v1.4.0.0 by PC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAMP v1.5.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAPS CCGLITE V6.3 by APOGEE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAPS CCGLITE V6.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAPS DESIGNDOC V6.3 by APOGEE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAPS DESIGNDOC V6.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAPS SIMULINK V6.3 by APOGEE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAPS SIMULINK V6.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAPS V6.3 by APOGEE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAPS V6.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAPS XT 661 V1.0 by APOGEE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAPS XT 661 V1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VASTNews v1.0.2 by FFF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VASTNews v1.0.2 by RP2K.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VASTnews v1.0.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VASTnews v1.0.8 by ACME.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VASTnews v1.0.8.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAZ 2010 v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VAZ Modular v3.03.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB 4 Decompile v4.11e.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB 4 Decompile v4.12e.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Advantage 6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Builder 1.3.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Builder 1.3.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Caretaker v1.01.0005 by EPS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Caretaker v1.01.0005.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Code Library 4.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Compress Pro 6.10.32.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Crash Shield v1.0.11 Patch by EViDENCE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Documentor 1.4.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Friend 2.05.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Guru 6.0.19.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB HTML Help Generator v1.0 for Visual Basic 6 by LUCiD.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB HelpWriter Lite 4.2.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB HelpWriter Professional 4.2.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB IDE Macro Studio 1.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Language Manager Pro 5.01.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Lister 3.1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Lister 3.2.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Lister 3.3.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net To C Sharp Converter v1.1.4002-Lz0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net To C Sharp Converter v1.1.4002.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net To C Sharp Converter v1.1.4003 by EMBRACE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net To C Sharp Converter v1.1.4003.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1001 by ORiON.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1001.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1003 by ORiON.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1003.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1006 by ORiON.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1006.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1008 by ORiON.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1008-Lz0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1008.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1011-Lz0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.1011.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.4004 Regged-F4CG.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.1.4004 by EMBRACE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.2-Lz0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.3 by ACME.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C Sharp Converter v1.31 by ACME.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Net to C sharp Converter v1.52.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB PowerWrap v3.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Shaped Form Creator 5.6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Shaped Form Creator 6.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Skinner Pro OCX v2.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Skinner v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Source File Lister 3.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Source File Lister.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Watch 2.0.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Watch Suite 1.0.11.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Watch Suite 1.0.15.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Watch Suite 1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB Y2k.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter 1.42.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter v1.1.0049 by LOCKLESS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter v1.1.0049.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter v1.1.1001 READ NFO-Lz0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter v1.1.1001.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter v1.1.1005 READ NFO by LOCKLESS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter v1.1.1005.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter v1.1.1012 by LOCKLESS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter v1.1.1012.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter v1.1.3003 by LOCKLESS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB dot Net to C sharp Converter v1.1.3003.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB-Build v2.0.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB-Build v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB-Build v2.7.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB-PowerWrap v3.0b.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB-Pro Binary File Object v1.0.33.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB.Net to C Sharp Converter v1.1.1001.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB.Net to C Sharp Converter v1.1.1011.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB.Net to C Sharp Converter v1.1.4003.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VB.Net to C# Converter 1.1.1012.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBA Key v6.5.918.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBA Recovery 2005.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBA6.5.918 by CHiCNCREAM.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAPlus 97.2 by AmoK.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAcodePrint for Visual Basic Applications (VBA) 6 v6.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAcodePrint for Visual Basic Applications (VBA) 6 v6.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAcodePrint for Visual Basic Applications VBA 6 v6.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAcodePrint for Visual Basic Applications VBA 6 v6.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAcodePrint v6.10.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAcodePrint v6.10.5 by FHCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAcodePrint v6.10.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAcodePrint v6.11.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAcodePrint97 v1.1.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBAssist 5.03.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBCodeLibrary 4.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBDoc 2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBFriend 2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBGUARD 2.3+.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBGold ActiveResize ActiveX Control v2.0 by Concept.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBGold ActiveResize ActiveX Control v2.0 by SnD.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBGold ActiveResize ActiveX v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBGold ActiveResize Control v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBGold ActiveResize Pro ActiveX v3.3.0.3 by DSi.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBGold ActiveResize Pro ActiveX v3.3.0.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBIndent 6.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBOWatch 1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBOWatch Protector v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBScodePrint v1.1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBScodePrint v1.1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBShapeFormCreator v6.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBcodePrint for Visual Basic 5 v5.6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBcodePrint for Visual Basic 6 v6.16.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBcodePrint for Visual Basic 6 v6.20.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBcodePrint for Visual Basic 6 v6.23.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBcodePrint for Visual Basic 6 v6.23.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBeXpress 2000 v3.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBeXpress Lite 3.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBeXpress Suite 2000 v3.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBeXpress.Net v2.01.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBergman Cafe Manager Pro 3.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBox 4.0,4.02,4.03 Protected Software.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBox 4.03 DLL for VBox Protected Software.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBox 4.03 Protected Software.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBox 4.10 Protected Software Universal Patcher.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBtransFORM 1.01 by PC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBtransFORM 1.01 by PSC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBtransFORM 1.01 by TEX.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBtransFORM 1.01.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VBulletin v2.3.3 PHP SpyFixed-DSL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VC Backup 1.11.356.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCD Burner ActiveX Control v1.0-Lz0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCD7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCDCut Pro v4.12 Fixed.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCDCut Pro v4.12 Updated by TSRH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCDCut Pro v4.12 Updated.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCDCut Pro v4.12.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCDCutter Pro v4.13.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCDCutter v4.03.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCDCutter v4.04.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCDCutter v4.11 for WinXP.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCDCutter v4.11.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCDImager ActiveX Control v1.0-Lz0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCI Roll Ratio v5.1 build 2.1125.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCL Zip 2.21.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCL Zip 2.23.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCLSkin v2.25 for Delphi 5 6 7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCLSkin v2.25 for Delphi 5, 6, 7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCLSkin v2.4 for Delphi 5 6 7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCLSkin v2.4 for Delphi 5, 6, 7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCLSkin v2.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCLSkin v2.45 for Delphi v5.6.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCLZip v2.23 for Delphi 6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM AutoSave v2.0.11.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM AutoSave v2.0.12.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM Final Bid v2.72.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM Fix-It Utilities Professional v6.0.1.2 READ NFO by iNFECTED.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM Fix-It Utilities Professional v6.0.2.3 Retail.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM Fix-It Utilities.Professional.v6.0.1.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM Partition Commander v9.01 by FOSI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM Partition Commander v9.01.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM Partition Commander v9.02 RETAIL FRENCH by BS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM PowerDesk Pro 6.0.1.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM PowerDesk Pro 6.0.3.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM PowerDesk Pro v6.0.3.4 by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM System Commander v8.10 by TSZ.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM System Commander v8.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM System Commander v8.13 by TSZ.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM SystemSuite Pro 6.0.1.4.retail.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCOM SystemSuite Pro v6.0.1.4 retail by FOSI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCR Plus 1.2 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCR Thing 1.03.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Picture Searcher 1.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Picture Searcher 1.78.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Vicman's Submass 2.41.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Vicmans EmailEra v3.22.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Vicmans Photo Editor 5.68.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Vicmans Picture Searcher 1.56.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Vicmans Submass 2000.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Vicmans Submass 4.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Vicmans Submass 4.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Vicmans Submass 4.7 by Laxity.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCW Vicmans Submass 4.7 by TCA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VCX System Startup Master v1.0.57.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VClock 2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDB 2.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDE Directory Suite v2.0.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDOSun v1.2 by Maniacs.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDOSun v1.2 by TCA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDOSun v1.4.2 Cracked by iPA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDOSun v1.4.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDOSun v2.0 Regged by FFI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDOSun v2.0.1 by NiTROUS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDOSun v2.0.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDOSun v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDRIVE v1.00.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDS Twister v6.5 by ENFUSiA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDU Tachograph 2.0c by PC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDU Tachograph 2.0c by PGC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VData v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDial Pro 4.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VDialPro v4.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VECTORC C Compiler v1.1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VEDIT v6.10.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VEDIT v6.11.1 by RP2K.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VEDIT v6.11.1+.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VEDIT v6.15.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VEGAS MAKE IT BIG V1.11 PLUS 3 TRAINER by DEViANCE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VEdit 6.13.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VEdit Plus 32-Bit 5.15.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Manager 1.00 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus 1.3.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus International v1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.3 by NiTROUS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.4 by NiTROUS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.4.1 by NiTROUS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.5.1 by Futurity.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.5.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.6 by NiTROUS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.7 by NiTROUS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.2.8 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vacation Rental Tracker Plus v1.3.0 by ViRiLiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vale Software Audio Studio v1.0.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vale Software Audio Studio v2.1.3 by TSZ.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vale Software Audio Studio v2.1.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vale Software Audio Studio v2.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Valentine Cards.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Valentine Keyboard v1 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Valentine Slots 2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Valentine Slots.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Validate Form Extension for Dreamweaver MX.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\ValisCam v1.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Valkyrie 5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Valkyrie The Magical Odyssey Trainer +9.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Valkyrie The Magical Odyssey Trainer 9.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Valor Enterprise 3000 v7.2.4 Cracked by iNFECTED.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Valor Enterprise 3000 v7.2.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Valor Genesis v8.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Value Trend Indicator Win9 v5.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vamp3Player 2.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vamp3Player v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vamp3Player v2.1 German by ACME.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vamp3Player v2.x German.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vampent vNes v1.5 S60 SymbianOS Cracked by HeXPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vampire The Masquerade - Redemption v1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vampire The Masquerade Bloodlines 3CDs(PC) elitewebt3 passworded rar.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Van Dale 2001.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Van Dale Groot Woordenboek der Nederlandse Taal v1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Van Dale v1.1 Plus.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Van Dyke CRT v4.0.9.460.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Van Dyke Entunnel v1.0.8.259.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Van Dyke SecureCRT v4.0.9.460.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Van Dyke SecureFX v2.1.8.140.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanBasco's MIDI Player v2.02.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDale Woordenboek v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke AbsoluteFTP v2.2.10 Cracked-HS ZI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke AbsoluteFTP v2.2.6 by RECOiL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke AbsoluteFTP v2.2.6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke AbsoluteFTP v2.2.8 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke AbsoluteFTP v2.2.8.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke AbsoluteFTP v2.2.9 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke CRT v4.0.9.460 And Patch by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke CRT v4.1.10 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke CRT v4.1.11 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke CRT v4.1.8 by RECOiL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke CRT v4.1.8.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke CRT v4.1.9 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke CRT v4.1.9.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke CRT v5.0 BETA5 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke CRT v5.0 BETA7 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke CRT v5.0.0.992 Cracked by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke Entunnel v1.0.8.259 And Patch by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke Entunnel v1.1.2 by RECOiL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke Entunnel v1.1.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke SecureCRT v4.0.9.460 And Patch by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke SecureCRT v4.1.9 by RECOiL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke SecureCRT v4.1.9.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke SecureFX v2.1.8.140 And Patch by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke SecureFX v2.2.6 by RECOiL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke SecureFX v2.2.6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke SecureFX v2.2.7 by RECOiL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke SecureFX v2.2.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke SecureFX v2.2.8 by RECOiL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanDyke SecureFX v2.2.8.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanMail v1.0.79 Cracked by HERETiC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VanMail v1.0.85 Cracked by iNFECTED.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vandyke Entunnel v1.0.8.259.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vandyke SecureCRT v4.1.10.292 by PH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vanguard DecisionPro Developer v4.0.24 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vanguard DecisionPro Developer v4.0.24.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vanguard DecisionPro Developer v4.1.0 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vanguard DecisionScript Author v4.0.23 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vanguard DecisionScript Author v4.0.24 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vanguard DecisionScript Author v4.0.24.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vanguard DecisionScript Author v4.1.0 by AGAiN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vanguard Xenox Signature Soundbank vol 1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VarIP 2005 v3.4 GERMAN by TBE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VariCAD v9.0-2.2 for Fedora Core Linux 1.0 by PARADOX.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\VariCAD v9.0-2.2 for Mandrake Linux 10.0 by PARADOX.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\U

#4 sloooowpc

sloooowpc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 03 September 2006 - 01:03 PM

Ewido Text Report (Part Two)

C:\Uploads\Vehiculos Domestica v1.8.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vehiculos Profesional v1.6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Vehiculos Profesional v1.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Y Expenses v1.1 PalmOS Cracked by BLZPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Y Groups Extractor 1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Y Tunnel Pro v1.3 build 264.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Y Tunnel Pro v2.34.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Y!Tunnel Pro Keygen.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Y!Tunnel Pro v1.2 build 222.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Y!Tunnel Pro v1.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Y-Tunnel Patch.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAPS (Yet Another Port Scanner) 1.2 by RAC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAPS (Yet Another Port Scanner) 1.2 by TNT.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAPS (Yet Another Port Scanner) v1.2 by IQhigh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAPS (Yet Another Port Scanner) v1.2 by RAC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAPS (Yet Another Port Scanner) v1.2 by TNT.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAPS v1.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YASA VOB to MPEG Converter v3.2.36.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YASAsoft MPEG-AVI 2 VCD-DVD-SVCD-MPEG-AVI Converter v2.4 35.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YASP 1.5 (Yet Another Sticky note Program).zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YATL 3.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YATS32 v7.5.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YATS32 v7.x.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YATS32 v8.0.13.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YATS32 v8.1.15.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YATS32 v8.1.17.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YATS32 v8.1.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YATS32 v8.6.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAW 3.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAW v3.5 Keygen by MP2K.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAW v3.5 by MP2K.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAW v3.5 by TSRH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YAW v3.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YDP Dictionary v2.1.0.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YENC POWER POST build 3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YESIR v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YESolo on the Keyboard v8.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YO! 1.x.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YPLog v4.26.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YPlog v4.36.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YPlog v4.39.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YPlog v4.48.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YTS Editor 4.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YTS Words Suite v3.0.3 NEW.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YTS Words Suite v3.0.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YTS Words Suite v3.5.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YTS Words Suite v4.0 Keygen.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YTS Words Suite v4.0 Serial by DiLJaLe PK.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YTS Words Suite v4.0 Serial by PC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YTSEditor 4.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaeger 1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yagoon Time Pro 2.1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahee v1.02 ALL PPC by COREPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahoo Message Archive Decoder v3.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahoo Messenger Patch.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahoo Pool Aimer v0.9.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahoo booter.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahoo pool aimer 0.9.0 crack by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahoo pool aimer 0.9.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahoo pool aimer 0.9.1 crack by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YahooBin v1.03 Cracked by ARN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YahooBin v1.03.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahooo locker.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YahtC Dice Game v2.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahtzee for PalmOS v1.20 HiRes for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahtzee for palm os 1.20 hires cracked prc by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yahtzee v1.20 PalmOS Regged by BLZPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yak v2.1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yak v2.1.2 build 18.08.04.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yak v2.1.2 by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yak v2.1.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yak!v 2.1.1 patch.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yakapdf v1.0 FRENCH by BS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yakumo QuickStick DVB-T Program.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex Colored ScrollBars 1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex Colored ScrollBars 1.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex Colored ScrollBars v1.1 Regged by ACME.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex Colored ScrollBars v1.1-SPK100.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex JSFactory PopUp 4.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex JSFactory PopUp v4.0 Regged by ACME.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex JSFactory Pro 2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex JSFactory Pro v2.0 Full.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex JSFactory Pro v2.0 Regged by ACME.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex PopUp 3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex PopUp v3.0 Full.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex StatusTitle Maker 4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex StatusTitle Maker 5.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex StatusTitle Maker v4.0 Full.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yaldex StatusTitle Maker v5.0 Regged by ACME.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yam 2.1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yam v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yam v2.1.0 by DBC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yam v2.1.0 by DSI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yam v2.1.0 by WKT!.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yam v2.3 Multilanguage.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yama'ZzZ Door'ZzZ v2.01.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha FS1R Editor 1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha S-YG20 Player.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha S-YXG 100 v1.02.51.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha S-YXG50 v3.0 and S-YXG100 v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha SVQbatch v2.60b1 RC6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha SoftSynth YXG100 PLUS 1.0.16.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha SoftSynthesizer S-YXG50 v1.17.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha SoundVQ Batch v2.54b2 RC5-5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha SoundVQ Encoder 2.54b1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha SoundVQ Encoder 2.54eb2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha SoundVQ Encoder 2.60b3e.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha SoundVQ Encoder v2.60b1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamaha SoundVQ.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamb Simulator 2000 v1.0.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yamp v1.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft Flash Desktop v1.0 by SCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft Flash Desktop v1.0.0 CRK by FFF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft Manager v4.8.4.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft Manager v4.8.5.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft Manager v4.8.5.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft Manager v4.8.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft Manager v4.86.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft Manager v4.86.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft Manager v4.87.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft Manager v4.87.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager 4.90.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager 4.95.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.8.4.2 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.8.5 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.8.5.1 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.8.5.2 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.8.5.2 by Core.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.8.5.2 by UCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.86.1 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.86.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.86.2 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.86.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.87 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.87.1 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.88 WinXP by SCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.88.1 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.89 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.89.1 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.89.2 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.90 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.90.1 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.90.2 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.91 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.92 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.92.1 WinXP by CORE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yanicsoft WinXP Manager v4.96.2 WinXP.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YantraMaker v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yards to Metres v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yards to metres 1.0 by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Audio Video Data CD Burner 4.2.0074 Working by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Audio Video Data CD Burner 4.2.0074 Working.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Audio Video Data CD Burner v4.2.0074 by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Audio Video Data CD Burner v4.2.0074.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Magic DVD Ripper V3.2.0069 Working by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Magic DVD Ripper V3.2.0069 Working.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Magic DVD Ripper v3.2.0069 by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Magic DVD Ripper v3.2.0069.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Video Converter V2.4.0058 Working by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Video Converter V2.4.0058 Working.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Video Converter v2.4.0058 by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Video Converter v2.4.0058.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Video Converter v2.4.0064 by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YasaSoft Video Converter v2.4.0064.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yasasoft Audio Video Data CD Burner v4.2.0078 by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yasasoft Audio Video Data CD Burner v4.2.0078.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yasasoft Video Converter v2.4.0061.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yasasoft Yasasoft Video Converter v2.4.0061 by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yasasoft Yasasoft Video Converter v2.4.0061.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YavSoft.Alive!.Icons.1.4.And.1.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Ycopy v1.0a.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Ydoc Quiz Generator v1.00.0326.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YeahPlayer v2.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YeahPlayer v2.4.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YeahPlayer v2.5 build 10508.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YeahPlayer v2.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Year At a Click 3.15.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YearBooker Studio v1.0 Cracked by CTi.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.01.105.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c 116 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c 116 by NiTROUS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c 118 by UCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c 123 by UCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c 123.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c 128 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c 128 by UCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c 128.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c 134 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c by SCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c.113.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c.123.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c.128 by Futurity.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c.128 by UCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c.128.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Pages Super Grabber v2.02c.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yellow Sticky v5.06.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YellowView 2.x.x.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yenc Power Post A and A v11B 21-03-04.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yenc Power Post-A and A v11B 21-03-04.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yenc Power-Post A and A v10c.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yenc Power-Post A and A v11.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yenc Power-Post A and A v11b French.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yenc Power-Post A and A v11b by Unknown.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yenc Power-Post A and A v11b.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yenc Power-Post-A A v10C 09-11-03.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yenc-Post 2002 v1.02.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YencPowerPost A and A v11.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yesubet Search And Replace v1.3.4.236.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yeware CD To MP3 Maker v1.21.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YiShow Explorer v6.11 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YiShow Explorer v6.12 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YiShow Explorer v6.2 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YiShow Explorer v6.21 Multilanguage PalmOS Cracked by CSCPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yifosoft Smtp Scaner v1.32.2 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yin And Yang v1.06 by Eclozion.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yin and Yang v1.06 by DBC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yin and Yang v1.06 by Eminence.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yin4Yang Barcode CheckUP 1.0.3.for.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yin4Yang Barcode CheckUP v1.0.3 for Adobe Illustrator by SCOTCH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yin4Yang Barcode Toolbox v2.5 for Illustrator by SCOTCH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yin4Yang Barcode Toolbox v2.5 for Illustrator.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yin4Yang Barcode Toolbox v3.0.1 for Adobe Illustrator by SCOTCH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yin4Yang Barcode Toolbox v3.5.2 for Adobe Illustrator by SCOTCH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yinyang v1.01 PLUS 1 TRAINER by PiZZA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yishow explorer 6.12 for palmos cracked prc by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yishow explorer 6.12 for palmos.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yishow explorer 6.2 english for palmos cracked prc by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yishow explorer 6.2 english for palmos.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yishow explorer english 6.11 for palmos cracked prc by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yishow explorer english 6.11 for palmos.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yo Momma Jokes v1.0 ALL PPC Regged by COREPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.3.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.3.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.3.11 Cracked by DUST.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.3.2-Lz0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.3.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.3.3 Patch by EiTheL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.3.7 Cracked by DUST.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.3.7.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.3.8 Cracked by DUST.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Audio Recorder v1.3.8.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen AudioBlock Edit v1.0.1 Cracked by EiTheL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen AudioBlock Edit v1.0.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen AudioMagic v2.41.0 Cracked by EiTheL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen AudioMagic v2.41.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen AudioMagic v2.41.1-Lz0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen AudioMagic v2.41.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen AudioRecorder v1.3.1 Cracked by EiTheL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen AudioRecorder v1.3.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v1.0 by EVC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v1.0 by LasH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v1.0 by WKT!.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v1.01.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v1.10 by ICI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v1.10 by IMS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v1.10 by LasH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v1.10 by Laxity.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v1.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v2.0.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v2.0.2 Cracked by EiTheL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v2.0.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v2.0.3 Cracked by EiTheL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen File Splitter v2.0.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover 2.0 Patch.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v1.0 Serial by EVC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v1.0 Serial by LasH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v1.0 Serial by TCA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v1.00 Patch by Emience.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v1.00 Serial by DBC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v1.00 Serial by Emience.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v1.07 NEW.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v1.07 by IMS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v1.07.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v2.0.0.1 by diablo2oo2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v2.0.0.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v2.0.10-Lz0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v2.0.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v2.0.11 Cracked by DUST.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v2.0.11.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v2.0.9.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YoGen Vocal Remover v2.x.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yogen Audio Recorder v1.2 Cracked by NiTROUS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yogen File Splitter v1.10.0.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yogen Vocal Remover 1.07.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yogen Vocal Remover v1.00 Patch by KDK.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yogen Vocal Remover v1.07 by KDK.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yogen Vocal Remover v2.0.0.1 by LasH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.04.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.07.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.09 Keygen.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.09 Serial.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.11.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.12.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.13.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.14 bY TNT.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.14 by Eclipse.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.14 by Eminence.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.15.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.17 NEW.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.17.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.18.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.19.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.20.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.24 Keygen Only-UCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.24 by UCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.24 by UCF2000.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.24.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.25 by FUTURiTY.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.25.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yonc v1.26 by EXPLOSiON.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yoodoo v1.0 Cracked by UnderPl.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yoodoo v1.0 DateCode 03252005 by DIGERATI.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yosemite Backup Advanced 8.10.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\You Find Words! 1.0.0.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\You Find Words! 1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\You Find Words! 2001 v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\You Find Words! 2001 v1.01.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\You Find Words! 2001 v1.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\You Find Words! 2001.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\You ve Got Mail v1.2.1008 Cracked by BRD.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YouRNControl 1.2 Keygen.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YouRNControl 1.2 Serial.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YouRNControl 1.4.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YouRNControl 1.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Youngzsoft CCProxy v6.2 by HAZE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Youngzsoft CMailServer v3.30.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Youngzsoft CMailServer v5.0 by ECLiPSE.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Birthday News 3.01 SERIAL by FFF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Birthday News v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Birthday News v2.1.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Own ScreenSaver v1.12 Regged by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Personal Catalogue v1.0.07.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller 2003 v3.2.1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller 2003 v3.3.0.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller 2003 v3.9.370.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller 2004 Pro v3.9.516 Cracked by iNFECTED.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller 2004 Pro v3.9.516 by TSRH.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller 2004 Pro v3.9.516.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller 2004 Pro v3.9.517 by UCF.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller 2004 v3.9.516 Silent Update.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller 2004 v3.9.516.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller 3.2.1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller v2.00.245.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller v2.3.3.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller v2.3.4.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller v3.2.1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller! 2003 v3.8.1 by diablo2oo2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller! 2006 5.0.0.206.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller! 2006 Pro 5.xx.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller! v2.0.0.245.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller!2003 V3.3.0.23.Fixeed.Exe.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your Uninstaller!2003 V3.X.Generi.2Nd.Update.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your uninstaller 2003.3.2.1.0 crack by rev.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your uninstaller 2003.3.2.1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Your uninstaller 2004 pro 3.9.516 loader by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourSiteUp Pro v3.02 by AmoK.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourSiteUp Pro v3.02 by Eminence.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourSiteUp Pro v3.1 by KomA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourSiteUp Pro v3.1 by TNT.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourSiteUp Pro v3.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourSiteUp Pro v3.21.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourSoft FileTimeEdit 2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourSoft Hyper Calendar v2.03.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourSoft MessengerLog v3.06.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourSoft.Time.Edit.2.05.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourStamp v1.1 Cracked READ NFO by HS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourTris v1.01 by DBC.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YourTris v1.01 by MaTHieU.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Ytunnel pro 2.0 362.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yu Gi Oh Power Of Chaos Yugi The Destiny v2.0 plus 1 TRAINER.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yu-Gi-Oh Power of Chaos 4 Versions.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yu-Gi-Oh Power of Chaos Trainer.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yu-Gi-Oh Power of Chaos by DABhand.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yu-Gi-Oh Power of Chaos.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YuSuF2s CeNTeR HaCk ProGRaMs.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yua Aida v2.10 ARM PPC by COREPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yudoku 1.0.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yugi The Destiny v2.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yukon on the Palm v1.30 PalmOS Cracked by TBEPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yukon on the Palm v1.31 PalmOS Cracked by TBEPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yukon on the Palm v1.34 PalmOS Regged by BLZPDA.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yukon-on-the-Palm v1.0 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yukon-on-the-Palm v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yukon-on-the-Palm v1.2 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yukon-on-the-Palm v1.22 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yukon-on-the-palm 1.22 cracked prc by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yukon-on-the-palm 1.37 palmcr.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yuletide Scenes ScreenSaver v5.0.1.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YumZee v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yummy Puzzle v1.04 by EXPLOSiON.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yuri's Revenge All Version No-CD Cheat by CSB.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yurist Baza v2.1 build 546 Russian.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yurist assistent 4.1 russian self by rev.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yurist baza 2.1 build 546 rus crack by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yurist raschet expert 3.1 russian crack by rev.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\YuristAssistent v4.0 Russian.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\Yuristassistent 4.0 rus crack by tsrh.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\g3Bay v1.0.4.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\gameSpace Light v1.5.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\s25 once v2.0.6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\s25@once 2.3.9.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\s25@once! 1.3.6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\s25atonce v2.0.9.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin Board v2.3.3.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin v2.2.0 PHP Retail SpyFixed.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin v2.2.0 PHP3 Retail SpyFixed.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin v2.2.2 php3 SpyFixed by ECN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin v2.2.2 php4 SpyFixed by ECN.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin v2.2.4 by DOM.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin v2.2.4 by FOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin v2.2.5 Retail.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin v2.2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin v2.3.0 PHP SpyFixed.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vBulletin v3.0.3 PHP NULL.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vCAD Viewer 3.2 rev C28.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vDHCP v0.10 by MP2K.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vDHCP v0.10 by Pandora.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vDHCP v0.6.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vDHCP v0.9.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vanBasco's MIDI Player 2.02.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vb4 AssetX5x.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vb4 SISISXP.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vb4 smartcountry2.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vb4 trx200.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\vbWizards v1.0.zip/setup.exe -> Trojan.Crypt.e : No action taken.
C:\Uploads\ylixir s Dimmer v1.0 for PalmOS.zip/setup.exe -> Trojan.Crypt.e : No action taken.


::Report end

#5 sloooowpc

sloooowpc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 03 September 2006 - 01:05 PM

Hijack This Log

Logfile of HijackThis v1.99.1
Scan saved at 12:46:35 PM, on 9/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\netsecurity.exe
C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Portrait Displays\forteManager\dtsrvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\windows\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\crunner\cproc.exe
C:\Program Files\WinPortrait\floater.exe
C:\windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Rob\My Documents\hijackthis\HijackThis.exe

F2 - REG:system.ini: Shell=Explorer.exe, C:\windows\system32\liinr.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe,veorcem.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {263DE88B-6B98-4E95-B2A6-D9E0F0A089C3} - C:\Program Files\MSN Gaming Zone\pohebota.dll (file missing)
O2 - BHO: SSL encrypt - {746455FE-D059-47e7-AF0E-140E03F5A447} - C:\windows\system32\nsa57.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Related Page - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\windows\system32\WinNB58.dll (file missing)
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\windows\system32\WinNB58.dll (file missing)
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [sys043788] C:\windows\sys043788.exe
O4 - HKLM\..\Run: [uqje4ddf] RUNDLL32.EXE w008bfed.dll,n 003e4ddc00000003008bfed
O4 - HKLM\..\Run: [loaddr] C:\topaff.exe
O4 - HKLM\..\Run: [adstart] "iexplore.exe" "http://iesettingsupdate"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [cprocsvc] C:\windows\system32\crunner\cproc.exe
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\nwinrpex.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\windows\system32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\windows\system32\dmonwv.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols3/fscax.cab
O18 - Filter: text/html - {994D478A-45D0-4DB4-AE27-738B1E346F99} - (no file)
O20 - Winlogon Notify: SharedDLLs - C:\windows\system32\lsnkinfo.dll (file missing)
O20 - Winlogon Notify: ShellScrap - C:\windows\system32\szhannel.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32\WgaLogon.dll
O23 - Service: .NETSecurity - Unknown owner - C:\windows\system32\netsecurity.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Portrait Displays\forteManager\dtsrvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Windows Overlay Components - Unknown owner - C:\windows\gevxaps.exe (file missing)

#6 kairis

kairis

  • Members
  • 327 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:06:57 PM

Posted 04 September 2006 - 02:30 AM

Hello sloooowpc, thanks for the logs.

Step 1:
Save these instructions in word or notepad to the desktop where they can be easily found.
Step 2:
Please rescan Ewido in safemode:reboot your computer into Safe Mode
Step 3:
Please start Ewido.

Click on Scanner on the toolbar.
Click on the Settings tab.
Under How to act?
Click on Recommended Action and choose Quarantine from the popup menu.
Under How to scan?
All checkboxes should be ticked.
Under Possibly unwanted software:
All checkboxes should be ticked.
Under Reports:
Select Automatically generate report after every scan and uncheck Only if threats were found.
Under What to scan?
Select Scan every file.
Click on the Scan tab.
Click on Complete System Scan to start the scan process.
Let the program scan the machine.
When the scan has finished, follow the instructions below.
IMPORTANT : Don't click on the "Save Scan Report" button before
you did hit the "Apply all Actions" button.

Make sure that Set all elements to: shows Quarantine
if not click on the link and choose Quarantine from the popup menu.
At the bottom of the window click on the Apply all Actions button
When done, click the Save Scan Report button.
Click the Save Report as button.
Save the report to your Desktop.
Right-click the Ewido Tray Icon and select Exit. Confirm by clicking Yes.
Step 4:
Reboot in Normal Mode.
Step 5:
In your next reply, please include the following logs: Ewido and Fresh Hijackthis, Thanks.

#7 sloooowpc

sloooowpc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 04 September 2006 - 01:27 PM

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:59:28 PM 9/4/2006

+ Scan result:



C:\Documents and Settings\Sam\Cookies\sam@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@bfast[2].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@c.goclick[1].txt -> TrackingCookie.Goclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@ehg-ifilm.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Sam\Cookies\sam@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).


::Report end



Logfile of HijackThis v1.99.1
Scan saved at 1:22:28 PM, on 9/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\netsecurity.exe
C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Portrait Displays\forteManager\dtsrvc.exe
C:\windows\system32\Ati2evxx.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\windows\Explorer.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\windows\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\WinPortrait\floater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\wuauclt.exe
C:\Documents and Settings\Rob\My Documents\hijackthis\HijackThis.exe

F2 - REG:system.ini: Shell=Explorer.exe, C:\windows\system32\liinr.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe,veorcem.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSL encrypt - {746455FE-D059-47e7-AF0E-140E03F5A447} - C:\windows\system32\nsa57.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O18 - Filter: text/html - {994D478A-45D0-4DB4-AE27-738B1E346F99} - (no file)
O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32\WgaLogon.dll
O23 - Service: .NETSecurity - Unknown owner - C:\windows\system32\netsecurity.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Portrait Displays\forteManager\dtsrvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe

#8 kairis

kairis

  • Members
  • 327 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:06:57 PM

Posted 05 September 2006 - 01:27 AM

Hi.

Step 1:
I need to see a different type of log from Hijackthis
Run Hijackthis.
Click on "Open the Misc Tools section".
Next click on "Open uninstall manager".
Press the button 'save list'. It will open a Notepad file.
Place the content of that file here in your in your next reply.

Step 2:
With all other windows closed, start your HijackThis and Click "Do a System Scan Only"
Click in the check-box to the left of each of the following entries, if found:
F2 - REG:system.ini: Shell=Explorer.exe, C:\windows\system32\liinr.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe,veorcem.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O18 - Filter: text/html - {994D478A-45D0-4DB4-AE27-738B1E346F99} - (no file)

Select Fix Checked

Step 3:
Please download Combofix to your desktop.
Double click combofix.exe and follow the prompts.
When it's done running it will produce a log for you. Please post that log in your next reply.

Edited by kairis, 05 September 2006 - 04:08 AM.


#9 sloooowpc

sloooowpc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 05 September 2006 - 09:35 PM

123 Flash Compressor V1.30
123 Flash Menu v1.6.4
Adobe Acrobat 5.0
Adobe Photoshop 7.0
ATI Display Driver
ATI Multimedia Center
Avanquest update
BitDefender 9 Professional Plus
BlackBerry Desktop Software 4.1
BlackBerry Desktop Software 4.1
BlackBerry v4.0.2 for the 7200 Series Wireless Handheld
CCleaner (remove only)
CDCheck
Command
Creative Audio Console
DivX Codec
DivX Player
Enhanced Browser Overlay
ewido anti-malware
ewido anti-spyware 4.0
forteManager
FTDI USB Serial Converter Drivers
Full Tilt Poker
Generic 6-in-1 USB Card Reader Driver v1.8b
GUIDE PLUS+™ for Windows® System
HijackThis 1.99.1
Homescan Internet Transporter
Hoyle Board Games 5
Hoyle Card Games 5
Hoyle Casino 6
hp deskjet 5600
HP Memories Disc
HP Photo and Imaging 2.0 - Deskjet Series
hp print screen utility
Intel® PRO Network Adapters and Drivers
IOGEAR Bluetooth Software
J2SE Runtime Environment 5.0 Update 3
J2SE Runtime Environment 5.0 Update 6
Kaspersky On-line Scanner
Macromedia Dreamweaver MX
Macromedia Extension Manager
Macromedia Fireworks MX
Macromedia Flash Player 8

#10 sloooowpc

sloooowpc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 05 September 2006 - 09:44 PM

Sam - 06-09-05 21:38:47.84
ComboFix 06.09.04BT - Running from: C:\Documents and Settings\Sam\Desktop

Microsoft Windows XP [Version 5.1.2600]

((((((((((((((((((((((((((((((((((((((((((((( Qoologic's Log )))))))))))))))))))))))))))))))))))))))))))))))))))


* * * POST-RUN - Files in the Quarantine folder * * * * * * * * * * * * * * * * * * * * * * * * *



DO NOT DELETE ANY FILES FROM THIS DIRECTORY UNLESS INSTRUCTED TO


((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\Sam\Application Data\Sskknwrd.dll
C:\Documents and Settings\Sam\Application Data\Sskuknwrd.dll
C:\Documents and Settings\Sam\Application Data\Sskcwrd.dll
C:\Documents and Settings\Sam\Application Data\Sskdmns.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\teller2.chk
C:\windows\system32\aaa00000.dll
C:\windows\system32\aaa00000.sys
C:\windows\system32\adrot-uninst.exe
C:\windows\system32\bszip.dll
C:\windows\system32\tsuninst.exe
C:\windows\justin.exe
C:\windows\system32\atmtd.dll
C:\windows\system32\atmtd.dll._
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Program Files\Deskbar
C:\windows\system32\crunner
C:\Program Files\Common Files\{00000ECC-0AF6-1033-0515-030304110001}


((((((((((((((((((((((((((((((( Files Created from 2006-08-05 to 2006-09-05 ))))))))))))))))))))))))))))))))))


2006-09-05 10:52 78,848 --a------ C:\WINDOWS\system32\nss5.dll
2006-09-01 20:57 186,219 --a------ C:\WINDOWS\srvnodrxba.exe
2006-09-01 20:57 126,976 --a------ C:\WINDOWS\system32\ieserv.exe
2006-09-01 20:57 115,160 --a------ C:\WINDOWS\Eim03.exe
2006-09-01 20:56 930 --a------ C:\WINDOWS\system32\winpfg32.sys
2006-09-01 20:56 61,952 --a------ C:\WINDOWS\system32\uqje4ddf.dll
2006-09-01 20:56 215,308 --a------ C:\WINDOWS\srvzzvfcwn.exe
2006-09-01 20:56 186,223 --a------ C:\WINDOWS\srvwoqgzlz.exe
2006-09-01 20:56 1,233 --a------ C:\WINDOWS\system32\uqje4ddf.sys
2006-09-01 20:55 48,190 --a------ C:\WINDOWS\RDFX4.exe
2006-09-01 20:53 7,168 --a------ C:\WINDOWS\system32\netsecurity.exe
2006-09-01 20:53 117,760 --a------ C:\WINDOWS\system32\authnet.dll
2006-08-11 23:12 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll
2006-08-11 23:12 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll
2006-08-11 23:12 44,544 -ra------ C:\WINDOWS\system32\MSXML4a.dll
2006-08-11 23:12 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-09-01 22:16 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-09-01 21:15 76560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2006-08-23 15:12 -------- d-------- C:\Program Files\Mozilla Firefox
2006-08-22 23:26 -------- d-------- C:\Program Files\NokiaFREE Unlock Codes Calculator
2006-08-11 23:11 -------- d-------- C:\Program Files\HP
2006-08-11 23:11 -------- d-------- C:\Program Files\Hewlett-Packard
2006-07-27 08:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-21 03:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
2006-07-15 01:03 -------- d-------- C:\Program Files\123 Flash Compressor
2006-07-12 02:17 -------- d-------- C:\Program Files\LimeWire
2006-07-11 22:51 230403 --a------ C:\WINDOWS\tpopup.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PivotSoftware"="\"C:\\Program Files\\WinPortrait\\wpctrl.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"HP Software Update"="\"C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd.exe\""
"HPDJ Taskbar Utility"="C:\\windows\\system32\\spool\\drivers\\w32x86\\3\\hpztsb09.exe"
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"DeviceDiscovery"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpotdd01.exe"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="C:\\Program Files\\WinPortrait\\rypene.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,e8,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="C:\\Program Files\\Common Files\\pomylyka.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ea,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,e1,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="ewido shell guard"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Gamma Loader.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma Loader.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma Loader"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Bluetooth.lnk"
"backup"="C:\\WINDOWS\\pss\\Bluetooth.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\IOGEAR\\BLUETO~1\\BTTray.exe "
"item"="Bluetooth"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^forteManager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\forteManager.lnk"
"backup"="C:\\WINDOWS\\pss\\forteManager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\PORTRA~1\\FORTEM~1\\DTHtml.exe -startup_folder"
"item"="forteManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HotSync Manager.lnk"
"backup"="C:\\WINDOWS\\pss\\HotSync Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\palmOne\\Hotsync.exe -logon"
"item"="HotSync Manager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~2\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^palmOne Registration.lnk]
"path"="C:\\Documents and Settings\\Rob\\Start Menu\\Programs\\Startup\\palmOne Registration.lnk"
"backup"="C:\\WINDOWS\\pss\\palmOne Registration.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\palmOne\\register.exe /remind /language=EN /PRNM=\"palmOne\""
"item"="palmOne Registration"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ATI Launchpad]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ATI Scheduler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ATISched"
"hkey"="HKCU"
"command"="C:\\Program Files\\ATI Multimedia\\main\\ATISched.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDMCon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="bdmcon"
"hkey"="HKLM"
"command"="c:\\PROGRA~1\\softwin\\BITDEF~1\\bdmcon.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDNewsAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="bdnagent"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdnagent.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDOESRV]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="bdoesrv"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDSwitchAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="bdswitch"
"hkey"="HKLM"
"command"="\"C:\\progra~1\\softwin\\bitdef~1\\bdswitch.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NMBgMonitor"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BluetoothAuthenticationAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="rundll32"
"hkey"="HKLM"
"command"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\CTHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CTHELPER"
"hkey"="HKLM"
"command"="CTHELPER.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Disk Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Disk_Monitor"
"hkey"="HKLM"
"command"="C:\\Program Files\\Generic\\6-in-1 USB Card Reader Driver v1.8b\\Disk_Monitor.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Google Desktop Search]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleDesktop"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MegaPanel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HSTrans"
"hkey"="HKLM"
"command"="C:\\Program Files\\ACNielsen\\Homescan Internet Transporter\\HSTrans.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NWEReboot]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\services]
"XCOMM"=dword:00000002
"VSSERV"=dword:00000002
"RDSessMgr"=dword:00000003
"RasMan"=dword:00000003
"RasAuto"=dword:00000003
"IDriverT"=dword:00000003
"ewido security suite control"=dword:00000002
"bdss"=dword:00000002
"wuauserv"=dword:00000002
"Macromedia Licensing Service"=dword:00000003
"LIVESRV"=dword:00000002



Contents of the 'Scheduled Tasks' folder
C:\windows\tasks\HP DArC Task #Hewlett-Packard#deskjet5600#MY3883J1HC79.job

Completion time: Tue 09/05/2006 21:41:39.46
ComboFix.txt

#11 kairis

kairis

  • Members
  • 327 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:06:57 PM

Posted 06 September 2006 - 01:55 AM

Hello sloooowpc, thanks for the logs.
Could you post a fresh Hijackthis log. Thanks.

#12 sloooowpc

sloooowpc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 06 September 2006 - 10:11 PM

Logfile of HijackThis v1.99.1
Scan saved at 10:09:02 PM, on 9/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\netsecurity.exe
C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Portrait Displays\forteManager\dtsrvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\windows\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\WinPortrait\floater.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\wuauclt.exe
C:\Documents and Settings\Rob\My Documents\hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32\WgaLogon.dll
O23 - Service: .NETSecurity - Unknown owner - C:\windows\system32\netsecurity.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Portrait Displays\forteManager\dtsrvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe

#13 kairis

kairis

  • Members
  • 327 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:06:57 PM

Posted 07 September 2006 - 01:47 AM

Hi sloooowpc, thanks for the logs.
Go ahead and uninstall Ewido if you wish, and delete Brute Force Uninstaller & alcanshorty.bfu.

You have still some crap there...
So, lets continue.

We need to Ewido Guard Realtime Monitor as it may interfere with the fixes that we need to make.
1. Open Ewido by double-clicking the yellow icon in the system tray.
2. In the 'Your security status' section, toggle the Ewido Guard realtime protection 'off' by clicking 'active' which will then change the protection status to 'inactive'.
3. When you reboot, Ewido will prompt you to "Restart the guard?".
4. Reply 'no' and set it to 'inactive' for the duration of your cleanup.
5. Don't forget to restart Ewido Guard Realtime Monitor when your computer is clean.

Step 1:
Please download SmitfraudFix
Extract the content (a folder named SmitfraudFix) to your Desktop.
Open the SmitfraudFix folder and double-click smitfraudfix.cmd

Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool";
it is not a virus, but a program used to stop system processes.
Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.


Step 2:
Please download , extract it to your desktop. KILLBOX
Note: In the event you already have Killbox, this is a new version that I need you to download.
Save it to your desktop.
Double-click on Killbox.exe to run it.
Put a tick by Standard File Kill.
In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time:

C:\WINDOWS\system32\nss5.dll
C:\WINDOWS\srvnodrxba.exe
C:\WINDOWS\system32\ieserv.exe
C:\WINDOWS\Eim03.exe
C:\WINDOWS\system32\winpfg32.sys
C:\WINDOWS\system32\uqje4ddf.dll
C:\WINDOWS\srvzzvfcwn.exe
C:\WINDOWS\srvwoqgzlz.exe
C:\WINDOWS\system32\uqje4ddf.sys
C:\WINDOWS\RDFX4.exe

Click on the button that has the red circle with the X in the middle after you enter each file.
It will ask for confimation to delete the file.
Click Yes.
Continue with that procedure until you have pasted all of these in the "Paste Full Path of File to Delete" box.
Killbox may tell you that one or more files do not exist.
If that happens, just continue on with all the files. Be sure you don't miss any.
Exit the Killbox.
If your computer does not restart automatically, please restart it manually.
After rebooting, open up Killbox again. Click File -> Logs -> Actions History Log
Post this log in your next reply.

Step 3:
In your next reply, please include the following logs: Fresh Hijackthis, Killbox txt and Smitfraud report. Thanks.

#14 sloooowpc

sloooowpc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 08 September 2006 - 12:31 AM

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\SAM\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="C:\\Program Files\\WinPortrait\\rypene.html"
"SubscribedURL"=""
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="C:\\Program Files\\Common Files\\pomylyka.html"
"SubscribedURL"=""
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

#15 sloooowpc

sloooowpc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 08 September 2006 - 12:37 AM

Pocket Killbox version 2.0.0.648
Running on Windows XP as Rob(Administrator)
was started @ Friday, May 19, 2006, 12:02 AM

# 1 [Delete on Reboot]
Path = C:\WINDOWS\System32\irssyncd.exe


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 12:07:10 AM
Killbox Closed(Exit) @ 12:07:30 AM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as Sam(Administrator)
was started @ Friday, September 08, 2006, 12:22 AM

# 1 [Files to Delete]
Path = C:\WINDOWS\system32\nss5.dll
*This file does not seem to exist

# 2 [Files to Delete]
Path = C:\WINDOWS\srvnodrxba.exe
*File Was Deleted

# 3 [Files to Delete]
Path = C:\WINDOWS\system32\ieserv.exe
*File Was Deleted

# 4 [Files to Delete]
Path = C:\WINDOWS\Eim03.exe
*File Was Deleted

# 5 [Files to Delete]
Path = C:\WINDOWS\system32\winpfg32.sys
*File Was Deleted

# 6 [Files to Delete]
Path = C:\WINDOWS\system32\uqje4ddf.dll
*File Was Deleted

# 7 [Files to Delete]
Path = C:\WINDOWS\srvzzvfcwn.exe
*File Was Deleted

# 8 [Files to Delete]
Path = C:\WINDOWS\srvwoqgzlz.exe
*File Was Deleted

# 9 [Files to Delete]
Path = C:\WINDOWS\system32\uqje4ddf.sys
*File Was Deleted

# 10 [Files to Delete]
Path = C:\WINDOWS\RDFX4.exe




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users