Virus/ Spyware Maybe????

AfterDawn.com

Mobile/PDA About Us Advertise here


		User name	Password

		Not registered yet? Register here. Lost your password? Click here.

Advertise at AfterDawn.com

Link to us!

Private messages

Compose a private message

List of all updated threads

Threads without replies

Search messages

Sunday 24.11.2024 / 11:41

Search AfterDawn Forums:

In English

Suomeksi

På svenska

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > virus/ spyware maybe????

Browse by topic

Forums

Forums

Start a new thread

Virus/ Spyware Maybe????

Jump to:

Posted

Message

Junior Member

29. April 2006 @ 08:08

Link to this message

Here is the log file for HijackThis and i have no idea how to read it and tell good files from bad ones. I also need some info on the "svchost". I dont know if it's good to have.

Logfile of HijackThis v1.99.1
Scan saved at 12:08:02 PM, on 4/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1144697682\ee\AOLSoftware.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\a-squared\a2guard.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\TONYPA~1\LOCALS~1\Temp\Rar$EX00.391\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.afterdawn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Miniclip - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} - C:\PROGRA~1\MINICL~1\MINICL~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CDLPObj Object - {BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} - C:\WINDOWS\DLP.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Miniclip - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} - C:\PROGRA~1\MINICL~1\MINICL~1.DLL
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\PROGRA~1\Grisoft\AVG7\avgregcl.exe /BOOT
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1144697682\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Zone Labs] c:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: svchost.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {131EB16C-BD58-443F-8151-6DFBB0DA1778} (Anark Client 3.0 ActiveX Control) - http://install.anark.com/client/version3/windows-ie/en/AMClient.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O20 - AppInit_DLLs: pushow15.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - KALiNKOsoft - C:\Program Files\KALiNKOsoft\Pinnacle Game Profiler\pinnacle_updater.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Advertisement

Senior Member

29. April 2006 @ 08:42

Link to this message

Hi

Do a search for this file, so you can get it's path

pushow15.dll

And when you have found it, upload it to virustotal
http://www.virustotal.com/

Junior Member

29. April 2006 @ 08:57

Link to this message

That file was not found!!!

This message has been edited since posting. Last time this message was edited on 29. April 2006 @ 10:41

Senior Member

29. April 2006 @ 11:23

Link to this message

So you didn't find it or does virustotal's scanner say that?

Junior Member

29. April 2006 @ 11:46

Link to this message

I didn't find one on my computer. It was scanning hidden fils and folders also, i made sure of that.

Senior Member

29. April 2006 @ 12:25

Link to this message

Download Ewido
http://www.ewido.net/en/download/
install and update, don't scan yet.

Firstly make an own folder to HijackThis for example C:\Hjt and put it there. After that disable or shutdown Winpatrol and Spybot TeaTimer.

Then open HijackThis, do a system scan only and check these:

R3 - Default URLSearchHook is missing
O2 - BHO: CDLPObj Object - {BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} - C:\WINDOWS\DLP.dll (file missing)

Close all open windows and click fix cheked.

After that restart your computer to safe mode by tapping the F8 button on boot.
http://www.pchell.com/support/safemode.shtml

There delete this file if found

C:\WINDOWS\->DLP.dll<-

After that do a full system scan with ewido and save the report.

Restart your computer back to normal mode and when in normal mode post a new HijackThis log and the report from ewido.

Junior Member

29. April 2006 @ 15:28

Link to this message

ok, below are the hjt and ewido reports. Thank you very much

Logfile of HijackThis v1.99.1
Scan saved at 7:24:35 PM, on 4/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Common Files\AOL\1144697682\ee\AOLSoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\a-squared\a2guard.exe
C:\hjt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.afterdawn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\PROGRA~1\Grisoft\AVG7\avgregcl.exe /BOOT
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1144697682\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Zone Labs] c:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {131EB16C-BD58-443F-8151-6DFBB0DA1778} (Anark Client 3.0 ActiveX Control) - http://install.anark.com/client/version3/windows-ie/en/AMClient.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O20 - AppInit_DLLs: pushow15.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - KALiNKOsoft - C:\Program Files\KALiNKOsoft\Pinnacle Game Profiler\pinnacle_updater.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 7:17:58 PM, 4/29/2006
+ Report-Checksum: 3E9B2A2

+ Scan result:

HKLM\SOFTWARE\Classes\ScreensaversInstaller.Installer -> Adware.Screensavers : Ignored
HKLM\SOFTWARE\Classes\ScreensaversInstaller.Installer\CLSID -> Adware.Screensavers : Cleaned with backup
HKLM\SOFTWARE\Classes\ScreensaversInstaller.Installer\CurVer -> Adware.Screensavers : Cleaned with backup
HKLM\SOFTWARE\Classes\ScreensaversInstaller.Installer.1 -> Adware.Screensavers : Cleaned with backup
HKLM\SOFTWARE\Classes\ScreensaversInstaller.Sinstaller -> Adware.Screensavers : Cleaned with backup
HKLM\SOFTWARE\Classes\ScreensaversInstaller.Sinstaller\CLSID -> Adware.Screensavers : Cleaned with backup
HKLM\SOFTWARE\Classes\ScreensaversInstaller.Sinstaller\CurVer -> Adware.Screensavers : Cleaned with backup
HKLM\SOFTWARE\Classes\ScreensaversInstaller.Sinstaller.1 -> Adware.Screensavers : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} -> Adware.WebDir : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScreensaversInstaller -> Adware.Screensavers : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows TaskAd -> Adware.WinTaskAd : Cleaned with backup
HKLM\SOFTWARE\Windows TaskAd -> Adware.WinTaskAd : Cleaned with backup
HKU\S-1-5-21-1547161642-839522115-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6001CDF7-6F45-471B-A203-0225615E35A7} -> Adware.Generic : Cleaned with backup
HKU\S-1-5-21-1547161642-839522115-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56F1D444-11BF-4879-A12B-79CF0177F038} -> Adware.180Solutions : Cleaned with backup
HKU\S-1-5-21-1547161642-839522115-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6001CDF7-6F45-471B-A203-0225615E35A7} -> Adware.Generic : Cleaned with backup
HKU\S-1-5-21-1547161642-839522115-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} -> Adware.WebDir : Cleaned with backup
[880] C:\WINDOWS\system32\pushow15.dll -> Hijacker.Agent.hi : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Tony Parenti\Application Data\Mozilla\Firefox\Profiles\63xw82q5.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Tony Parenti\Cookies\tony parenti@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\Limewire shared\The Sims 2 Pc Game.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Air Offensive.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Alive MP3 WAV Converter v1.6.8.2.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Apollo Versatile Burner v1.2.5.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Championship Manager 4.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Descrabblizer v1.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\FlashEnjoy Professional v4.0.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Installer2go v3.2.3.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Linx v5.02.336.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\MiLoPhoto v2.2.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Nexagon Deathmatch.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\No1 DVD Ripper v1.3.22.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Onyx Ceph v2.6.37.445.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Rune Halls of Valhalla.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Topee CD Ripper v1.2.25.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\Tweak FX v4.01.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\WinAmp 5.01 FULL.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\WinZip 8.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\My Documents\_\xzxzxzxzxzxz.exe -> Dropper.VB.lu : Cleaned with backup
C:\Documents and Settings\Tony Parenti\_\xzxzxzxzxzxz.exe -> Dropper.VB.lu : Cleaned with backup
C:\Downloads\Games- patches- acessories\simGangsterSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup
C:\Downloads\Games- patches- acessories\ToughTrucks_Setup-dm[1].exe -> Adware.Trymedia : Cleaned with backup
C:\Downloads\Programes\enlightment @ zbrush pop code 16.rar/install.exe -> Hijacker.Agent.hi : Cleaned with backup
C:\Downloads\Programes\XP Smoker 4.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Downloads\Programes\zbrush2 osx_zipped.zip/Self Extracting.exe -> Adware.Beginto : Cleaned with backup
C:\Program Files\Install Creator\Uninstal.exe -> Adware.EShoper : Cleaned with backup
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{487AAE0A-5A33-4AF9-B32E-BAAC6FCEE909}\{036BCBFE-765C-4EBC-AC00-4ECEFD2388A7}.txt/{036BCBFE-765C-4EBC-AC00-4ECEFD2388A7}.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{487AAE0A-5A33-4AF9-B32E-BAAC6FCEE909}\{39794D53-1403-463A-8E47-F13B27D5ED5F}.txt/{39794D53-1403-463A-8E47-F13B27D5ED5F}.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{487AAE0A-5A33-4AF9-B32E-BAAC6FCEE909}\{6DE6A64E-FA70-4B87-B99D-82A5111FFA0A}.txt/{6DE6A64E-FA70-4B87-B99D-82A5111FFA0A}.txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{487AAE0A-5A33-4AF9-B32E-BAAC6FCEE909}\{78D951DE-E65F-445B-A67C-F65141DDE71C}.txt/{78D951DE-E65F-445B-A67C-F65141DDE71C}.txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{487AAE0A-5A33-4AF9-B32E-BAAC6FCEE909}\{81044C63-D385-4818-86A8-9E111B4AE171}.txt/{81044C63-D385-4818-86A8-9E111B4AE171}.txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{487AAE0A-5A33-4AF9-B32E-BAAC6FCEE909}\{AB5DE713-52CB-4D50-A899-E5B926BBCCA6}.txt/{AB5DE713-52CB-4D50-A899-E5B926BBCCA6}.txt -> TrackingCookie.Overture : Cleaned with backup
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{487AAE0A-5A33-4AF9-B32E-BAAC6FCEE909}\{D10FEC1C-BBE4-4370-81BA-1503C8318A1C}.txt/{D10FEC1C-BBE4-4370-81BA-1503C8318A1C}.txt -> TrackingCookie.Overture : Cleaned with backup
C:\Program Files\minicliptoolbar\minicliptoolbar.dll -> Adware.BHO : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\3D Home Architect Design Suite Deluxe v6.0 (2006).exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\3D World Studio v5.31.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Acronis Power Utilities 2005 7.0.614.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Acronis Privacy Expert Suite 8.0.748.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Active Desktop Calendar v3.2.040118.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Adobe Photoshop CS2 9.0 FinaL.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Advanced Uninstaller Pro 2004 6.73.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Ahead DVD Ripper 1.4.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Air Offensive.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Alive MP3 WAV Converter v1.6.8.2.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Amor Photo Downloader v1.5.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Amor SWF To Video Converter v2.3.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\AnyDVD 5.9.5.3.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\AnyDVD v5.9.4.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\AoA DVD Ripper v3.93.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Apollo Versatile Burner v1.2.5.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Ashampoo Burning Studio v6.01.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Ashampoo Magic Defrag 1.11.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\ATI Tray Tools 1.0.2.685.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Autodesk 3D Studio Max 8 (2006).exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Autodesk Autocad 2007.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\AVI DivX to DVD SVCD VCD Converter v1.46.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Battlefield 1942.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Battlefield 2.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\BlazingTools Perfect Keylogger v1.6.0.0.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Blubster 2.5.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\BoomBox Radio.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Camtasia Studio 2.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Championship Manager 4.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Cheaper by the Dozen 2 (2005) DVDRip.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\ChemStat v6.1 Unicode.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\ChrisTV Professional 4.90.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Clean Disk Security v7.45.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\CloneCD 5.0.3.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\ConvertXtoDVD v2.0.0.99.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\CopyToDVD 3.0.34.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\CopyToDVD v2.4.16.267.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Descrabblizer v1.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\DeviceLock v5.73.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Donkey Kong Rumble.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Download Accelerator Plus 7.4.0.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Download Accelerator Plus 8.0.6.7.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Download Internet Download Manager 4.04..exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Duke Nukem Manhattan Project.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Easy DVD CD Burner 3.0.71.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Easy DVD CD Burner v3.0.51.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Easy Mail v3.1.34.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\EditPad Pro v5.4.6.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Elcomsoft Password Recovery Studio 2006 Retail.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Empire Earth.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Fengtao DVDFab Platinum v2.9.7.5.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\File King v2004.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\FlashEnjoy Professional v4.0.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\FlashGet v1.65.1 Full.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Focus Photoeditor 4.1.2.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\GFI LANguard Network Security Scanner.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Global DiVX Player.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Gridiron Nuleo v1.0.5 for After Effects.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Ground Control 2 Operation Exodus.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Hair DVDRip Divx 1979.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Hex Workshop 4.22.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Hex Workshop v4.20.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Hide IP v1.63.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\ICQ Lite build 1305.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\ICQ Lite.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Indiana Jones and The Fate of Atlantis.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Infernal Affairs Trilogy 2004 Chronological Edition DVD.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Installer2go v3.2.3.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Internet Cleaning Tool 1.0.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Internet Security 2006 v10.01.02.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Internet TV And Radio Player v3.4.0.0.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\IsoBuster Pro v1.8.0.4.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Jive Forums 4.2.3.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Keyboard Music v2.3.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Lego Star Wars.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\LimeWire Professional v4.11.0.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Linx v5.02.336.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Little Fish DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\McAfee Internet Security v7.0.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\McAfee Security Suite 2006.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\McAfee VirusScan Professional 2006 10.0.27.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\MemoriesOnTV Pro 3.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Microsoft Office 2007 12 (All In One).exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Microsoft office Pro plus (2007 BETA).exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Microsoft Student 2006.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Microsoft Windows XP SP3 2006.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\MiLoPhoto v2.2.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Modem Booster v5.0(Speed Up Internet Speed to 300%).exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Monopoly Deluxe.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Motor City Online.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\MSN Emoticons Installer 1.2.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\MSN Explorer 7.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\My Password Manager 1.4.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Nero Media Player v1.4.0.35b.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\NeroVision Express v3.1.0.25.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\NetCaptor v7.5.4.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Nexagon Deathmatch.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\No1 DVD Ripper v1.3.22.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Norton Internet Security 2006.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Norton SystemWorks 2006 Full.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Once Upon a Time in Mexico (2003) DVDrip.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Onyx Ceph v2.6.37.445.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Opera 8.01 Build 7642 Final.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Passwords and Keys v1.25.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Payroll 2005 v9.3.2.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\PCBoost v3.6.20.2005.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Personal Internet Phone Equipment v2.72.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Pet Sematary (1989) Xvid.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Pet Sematary DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Photo Frame Maker 2.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Photo Pos Pro v1.15.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\PicturesToExe 4.42.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\PipeFun v2.3.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\PixelGenius PhotoKit Color v2.0.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Plato DVD Ripper v4.3.3.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Pop Up Blocker Pro.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Pop-Up Stopper Professional v1.8.1000.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\PowerPoint to Flash 1.6.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\PowerPoint2DVD v2.24.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\PPN AskLog v1.4.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Privacy Inspector v1.7.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\RadLight SE 3.03.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Rails Across America.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\RegDoctor v1.58.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Revenge Of The Nerds DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\RTCW Enemy Territory.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Rune Halls of Valhalla.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Sarah Silverman Jesus is Magic LiMiTED DVDScr XviD.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Scar Face DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\SecurStar DriveCrypt Plus Pack v3.01G Retail.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Shadow Illuminator v1.0.22.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Slither Xvid.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Soldat 1.2.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Sony Vegas 6.0d build 210.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Sophos Anti-Virus 3.95.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\SpellForce 2 - Shadow Wars.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Spyware Blaster Info.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\SpyWare Nuker XT v4.6.49.1650.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Star Wraith 2.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\State of Emergency.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Super Mario XP.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Super Video Converter v1.8.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Super Video Joiner v1.9.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Super Video Splitter v1.7.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\SuperRam v5.1.2.2006.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\SureClean Professional v2.0.1000.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Surfulater v1.70.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Symantec Norton Ghost 10.0.0.8400.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\The Benchwarmers (2006) SVCD.CAM-TUBE.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\The Chronicles of Narnia DVDRip Xvid.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\The Passion of the Christ (2004) DVDrip.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\The Sims 2 University.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Throttle v6.6.20.2005.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Topee CD Ripper v1.2.25.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Total Commander XP v6.54.4.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Tristan And Isolde DVDRip XviD-NeDiVx.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Trojan Remover 6.4.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\True Crime New York City.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\TurboCAD Professional v12.0.38.3.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Tweak FX v4.01.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Ulead DVD MovieFactory v5.0.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\UltraConverter 1.9.34.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Video Converter v3.01.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\VideoCharge Express 3.5.4.17.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\VSO ConvertXToDVD 2.0.11.123.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\War of the States Gettysburg 1863.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\WeBuilder 2005.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Will Rock.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\WinAmp 5.01 FULL.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\WinAmp 5.01.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Winamp v5.21 Pro.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Windows And Internet Cleaner Pro 4.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Windows XP Gold Edition 2006.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Windows XP Live Edition 2 runs from cd.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\WinProducer DVD Edition Pro 3.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\WinZip 8.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Wordy v1.1.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Xilisoft DVD To MP4 Converter v4.0.43.0317b.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\xzxzxzxzxzxz.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\ZeallSoft FunPhotor v4.5.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\WinMX MP3\Downloads\_\Zone Alarm.exe -> Dropper.VB.lu : Cleaned with backup
C:\Program Files\winsupdater\a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\WINDOWS\sys10-932765977.exe -> Downloader.VB.tw : Cleaned with backup
C:\WINDOWS\SYSC00.exe -> Trojan.VB.tg : Cleaned with backup
C:\WINDOWS\system32\pushow15.dll -> Hijacker.Agent.hi : Cleaned with backup
C:\WINDOWS\unin101.exe -> Trojan.VB.tg : Cleaned with backup
C:\WINDOWS\uni_eh.exe -> Trojan.VB.tg : Cleaned with backup

::Report End

This message has been edited since posting. Last time this message was edited on 29. April 2006 @ 15:29

Senior Member

29. April 2006 @ 22:53

Link to this message

Fix these:

O2 - BHO: (no name) - {BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} - (no file)
O20 - AppInit_DLLs: pushow15.dll

And the log should look clean after that but please let me know if some of the lines come back to your log.

Junior Member

30. April 2006 @ 03:19

Link to this message

ok, i got an error message when I tryed to fix one of them. Should I e-mail him????

An unexpected error has occurred at procedure: modBackup_MakeBackup(sItem=O20 - AppInit_DLLs: pushow15.dll)
Error #5 - Invalid procedure call or argument

Please email me at merijn@spywareinfo.com, reporting the following:
* What you were trying to fix when the error occurred, if applicable
* How you can reproduce the error
* A complete HijackThis scan log, if possible

Windows version: Windows NT 5.01.2600
MSIE version: 6.0.2900.2180
HijackThis version: 1.99.1

This message has been copied to your clipboard.
Click OK to continue the rest of the scan.

Senior Member

30. April 2006 @ 06:15

Link to this message

Sorry for the delay
No need to send e-mail to merijn, these errors happen sometimes

Turn off the spybot's teatimer:

1) Run Spybot-S&D
2) Go to the Mode menu, and make sure "Advanced Mode" is selected
3) On the left hand side, choose Tools -> Resident
4) Uncheck "Resident TeaTimer" and OK any prompts
5) Restart your computer.
You can re-enable TeaTimer once your system is clean.

After that shutdown Winpatrol and A-squared.

Then fix these again:

O2 - BHO: (no name) - {BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} - (no file)
O20 - AppInit_DLLs: pushow15.dll

Advertisement

Junior Member

30. April 2006 @ 08:06

Link to this message

They both fixed correctly and i think the problems are gone. Thanks

Start a new thread

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > virus/ spyware maybe????

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team

© 1999-2024 by AfterDawn Ltd.