Author Topic: possible virus (Read 39964 times)

jolie · « **on:** January 18, 2008, 01:47:53 AM »

my computer seems to be running at a snails pace
my ad ware says there is a infection but norton cant find anything
i am running at windows 2000 and i also keep getting pop ups stating that my computer may be infected
can some one please help

oldman · « **Reply #1 on:** January 18, 2008, 02:18:38 AM »

Okay we'll see what we can do.

Download SmitfraudFix (by S!Ri) to your Desktop.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Double-click SmitfraudFix.exe
Select option #1 - Search by typing 1 and press Enter
This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

IMPORTANT: Do NOT run any other options until you are asked to do so!
**If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there.

Please download Deckard's System Scanner (DSS) and save it to your Desktop.

Close all other windows before proceeding.
Double-click on dss.exe and follow the prompts.
When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

Lisandro · « **Reply #2 on:** January 18, 2008, 02:26:36 AM »

Also, download and use RogueRemover
http://www.malwarebytes.org/rogueremover.php

jolie · « **Reply #3 on:** January 18, 2008, 02:41:22 AM »

here are the results from smithfraudfix i will post the dss result next

SmitFraudFix v2.274

Scan done at 19:34:56.35, Thu 01/17/2008
Run from C:\Documents and Settings\HP\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Entriq\MediaSphere\Bin\EntriqMediaTray.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Entriq\MediaSphere\Bin\EntriqMediaServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
c:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP\FAVORI~1

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix.exe by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Rustock

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: NVIDIA nForce Networking Controller - Packet Scheduler Miniport
DNS Server Search Order: 16.92.3.242
DNS Server Search Order: 16.92.3.243
DNS Server Search Order: 16.81.3.243
DNS Server Search Order: 16.118.3.243

Description: NVIDIA nForce Networking Controller - Packet Scheduler Miniport
DNS Server Search Order: 192.168.1.254

HKLM\SYSTEM\CCS\Services\Tcpip\..\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer=16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DEA4CFB8-5F7A-4F21-813C-C050EE6BF1B8}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\..\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer=16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DEA4CFB8-5F7A-4F21-813C-C050EE6BF1B8}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\..\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer=16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DEA4CFB8-5F7A-4F21-813C-C050EE6BF1B8}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254

»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

jolie · « **Reply #4 on:** January 18, 2008, 02:53:19 AM »

Deckard's System Scanner v20071014.68
Run by HP on 2008-01-17 19:41:55
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
66: 2008-01-17 05:26:45 UTC - RP380 - System Checkpoint
65: 2008-01-17 05:26:45 UTC - RP379 - System Checkpoint
64: 2008-01-17 05:26:44 UTC - RP378 - System Checkpoint
63: 2008-01-17 05:26:44 UTC - RP377 - System Checkpoint
62: 2008-01-17 05:26:44 UTC - RP376 - Software Distribution Service 3.0

-- First Restore Point --
1: 2008-01-17 05:26:20 UTC - RP315 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-17 19:44:53
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ehome\ehmsas.exe
C:\WINDOWS\arpwrmsg.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DISCUpdMgr.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe
C:\Program Files\Entriq\MediaSphere\Bin\EntriqMediaTray.exe
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\Yahoo!\browser\ycommon.exe
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Entriq\MediaSphere\Bin\EntriqMediaServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\WINDOWS\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\HP\Desktop\dss.exe

jolie · « **Reply #5 on:** January 18, 2008, 02:54:18 AM »

here is the extra txt as attchment

jolie · « **Reply #6 on:** January 18, 2008, 02:58:53 AM »

here are the reults of the scan i was not able to post as copy n past cause it exceded the 1000 character limit
so i did as attachment

jolie · « **Reply #7 on:** January 18, 2008, 02:59:36 AM »

here is the other log extra txt

oldman · « **Reply #8 on:** January 18, 2008, 03:21:08 AM »

Hi, it will be a little hit and miss with me for the next few hours, but please do the steps and post the logs. Attachment are good. I will be back.

Do the addresses in these line look familar?

O15 - Trusted Zone: http://trymedia.com (HKLM)
O15 - Trusted Zone: https://trymedia.com (HKLM)

Download ComboFix from Here or Here to your Desktop.

Do not run it yet!

Go to add/ remove programs and uninstall these programs if present

My Web Search (Smiley Central or FWP product as applicable)
My Way Speedbar (Smiley Central or other FWP as applicable)
My Way Speedbar (AOL and Yahoo Messengers) (beta users only)
My Way Speedbar (Outlook, Outlook Express, and IncrediMail)
Search Assistant - My Way
FunWebProducts
MyWebSearch

Open hijackthis, run a system scan onl, and checkmark these lines if present.

3 - URLSearchHook: ScriptInocUI Class - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {0CB639B8-E1C8-45E4-B3B9-916440183E86} - C:\WINDOWS\system32\jkkjh.dll
3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [eSnips] "C:\Program Files\eSnips\ClientGW.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [4c3f00d2] rundll32.exe "C:\WINDOWS\system32\ycgnrboy.dll",b
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} () - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15-3.cab
O20 - Winlogon Notify: cbxvspn - C:\WINDOWS\system32\cbxvspn.dll (file missing)

Now we use combofix

Double click combofix.exe and follow the prompts.

When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall.

This will make you and your computer feel better.

There will probably be a bit more to do.

jolie · « **Reply #9 on:** January 18, 2008, 03:35:50 AM »

O15 - Trusted Zone: http://trymedia.com (HKLM)
O15 - Trusted Zone: https://trymedia.com (HKLM)

no i dont know what these are

oldman · « **Reply #10 on:** January 18, 2008, 04:31:36 AM »

A bit of a oops here.

got mixed in with the vundo/adware.

Please open HJT, click misc tools button, checkmark this line and click restore.

O4 - HKLM\..\Run: [eSnips] "C:\Program Files\eSnips\ClientGW.exe"

Please click the main button then click system scan only and checkmark

BOTH 015 LINES

click fix.

jolie · « **Reply #11 on:** January 18, 2008, 05:16:29 AM »

here are the results of the combo fix i have to do it in more than one post
ComboFix 08-01-18.4 - HP 2008-01-17 21:08:27.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.217 [GMT -6:00]
Running from: C:\Documents and Settings\HP\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\eskin\empty_bg_st.htm
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\eskin\FileManager.txt
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1163629456.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1165494485.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1166403338.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1168285302.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1169518059.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1177023581.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1182107080.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1183227700.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1184274600.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1185072663.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1186100812.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1186795821.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1187759089.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1192503565.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\SpamBlockerUtility_1194861577.log
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1003204.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1007461.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1020167.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1022703.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1043799.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1055540.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1055544.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1055568.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1055749.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1055782.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1055791.sdf

jolie · « **Reply #12 on:** January 18, 2008, 05:22:46 AM »

C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1055804.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1056012.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1056018.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1056052.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1056193.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1056196.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1057191.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1059014.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1063425.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1064075.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1065003.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1066422.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1066790.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1070584.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1104837.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1105212.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1106992.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1110046.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\112494.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1140234.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1143340.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1155423.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1158402.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\12077.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1215248.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\122092.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1227613.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1228929.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\124590.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\124816.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\12570.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1258485.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1260511.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1269746.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1271868.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1272086.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1333231.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1334743.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\137517.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1384357.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1384364.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1385373.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1385437.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1385459.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1385592.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1386121.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1386879.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1387134.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1387181.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1387238.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1391197.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1391202.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1391373.sdf

jolie · « **Reply #13 on:** January 18, 2008, 05:23:20 AM »

C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1391571.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1393314.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1393669.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1394575.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1395210.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1399269.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1400602.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1400645.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1400989.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1401983.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1402253.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1404073.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1404703.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1404710.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1405661.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1406946.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1409883.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\145716.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\147046.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\156453.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\167570.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1675865.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1678865.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1692522.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\177685.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1840276.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\184307.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\187725.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\189000.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\190423.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1914684.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\193017.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1938735.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\196233.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\197173.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\197447.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1979249.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\202082.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\203217.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\208186.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2106317.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2195082.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2208948.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\221540.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2278937.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\228121.sdf

jolie · « **Reply #14 on:** January 18, 2008, 05:23:48 AM »

C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2336680.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2353292.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\249493.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\25012.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\250252.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2531422.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\253629.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\256867.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2602724.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2643193.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2697919.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2822823.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2884321.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2884323.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2884484.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2885061.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\289651.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2899595.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2899618.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2899625.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2899627.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2901962.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2903515.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2903518.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2999748.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\303754.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\315066.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\317499.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\32639.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3265332.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3270186.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\330424.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3328600.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3340762.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3346130.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3383115.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3421532.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3425831.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3429068.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3442551.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3444066.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3469510.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3474142.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3478070.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3481346.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\351210.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\358982.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\360608.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3696057.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3696136.sdf
C:\Documents and Settings\Guest\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3699090.sdf

Author Topic: possible virus (Read 39964 times)

jolie

possible virus

oldman

Re: possible virus

Lisandro

Re: possible virus

jolie

Re: possible virus

jolie

Re: possible virus

jolie

Re: possible virus

jolie

Re: possible virus

jolie

Re: possible virus

oldman

Re: possible virus

jolie

Re: possible virus

oldman

Re: possible virus

jolie

Re: possible virus

jolie

Re: possible virus

jolie

Re: possible virus

jolie

Re: possible virus