HELP ME!!!!

Hi and welcome
Please follow the steps Here for downloading and installing Hijackthis

Would like for you to also post the following along with the HJT log please
Please click this link to download Silent Runners.
* Save it to the desktop.
* Run Silent Runner's by doubleclicking the "Silent Runners" icon on your desktop.
* You will see a text file appear on the desktop - it's not done yet, just let it run (it won't appear to be doing anything!)
* Once you receive the prompt "All Done!", double-click on the new text file on the desktop and copy that entire log and paste it here.

*NOTE* If you receive any warning message about scripts, please choose to allow the script to run.

sheo_mac, you have at the very least a variant of the L2M/Lop infection. I recommend you follow Don77's instructions.

When you have done so, just navigate back to this thread, click the "Post a reply" button - - at the bottom left of the page, paste your logs (HJT and SilentRunners) into the dialog box, then click the "Submit" button below the dialog box.

You may find it convenient to click "Turn on email updates" at the bottom right of the page; doing so will cause a notification to be sent to the address you used at the time of registering with A2K whenever a reply is made to this thread.

Be patient; the helpers here all are volunteers; someone will get to your help request as quickly as practical. Among the members here, apart from myself, Don77, Craven deKere, and Monger have pretty good track records and may be considered reliable advisors in this area. Its not a bad idea to click a member's username to bring up a summary of that member's posting history before deciding to follow through with any suggestions made. Your call.

i tried to delete a few things myself by using the advice on http://aumha.org/a/hjttutor.php , but the toolbar still has not gone!!
here is the hijack this log....

Logfile of HijackThis v1.99.1
Scan saved at 18:22:43, on 28/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\SHONA\LOCALS~1\Temp\Temporary Directory 4 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: MSEvents Object - {9068A414-3AF9-4F79-AF1C-E6EA415BAF52} - C:\WINDOWS\Fonts\psinfo.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dvd media open cdrom] C:\Documents and Settings\All Users\Application Data\eggs mfcd dvd media\fragbike.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O20 - Winlogon Notify: psinfo - C:\WINDOWS\Fonts\psinfo.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe



the silent runners thing is just a huge text document! :-s
sorry im not too good with computers

OH IS THIS IT????


"Silent Runners.vbs", revision 41, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"Yahoo! Pager" = ""C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet" ["Yahoo! Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"TkBellExe" = ""C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."]
"dvd media open cdrom" = "C:\Documents and Settings\All Users\Application Data\eggs mfcd dvd media\fragbike.exe" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = "SSVHelper Class" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
{9068A414-3AF9-4F79-AF1C-E6EA415BAF52}\(Default) = "MSEvents Object" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\Fonts\psinfo.dll" [null data]
{9ECB9560-04F9-4bbc-943D-298DDF1699E1}\(Default) = "Web assistant"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll" ["Symantec Corporation"]
{BDF3E430-B101-42AD-A544-FADC6B084872}\(Default) = "NAV Helper"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{DEE12703-6333-4D4E-8F34-738C4DCC2E04}" = "RecordNow! SendToExt"
-> {CLSID}\InProcServer32\(Default) = "C:\Apps\RecordNow\shlext.dll" [null data]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! psinfo\DLLName = "C:\WINDOWS\Fonts\psinfo.dll" [null data]

HKLM\Software\Classes\PROTOCOLS\Filter\
INFECTION WARNING! text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\Firefox Wallpaper.bmp"


Startup items in "SHONA" & "All Users" startup folders:
-------------------------------------------------------

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"BlueSoleil" -> shortcut to: "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" ["IVT Corporation"]


Enabled Scheduled Tasks:
------------------------

"A2B40FF2914B878A" -> launches: "c:\docume~1\julie\applic~1\rulepl~1\Fourfastdent.exe" [null data]
"A4A75A0191A0D519" -> launches: "c:\docume~1\bernie\applic~1\rulepl~1\Fourfastdent.exe" [null data]
"A99E6B889181E2CC" -> launches: "c:\docume~1\shona\applic~1\rulepl~1\Fourfastdent.exe" [file not found]
"AB5AF48D91C16AD1" -> launches: "c:\docume~1\shona\applic~1\rulepl~1\Fourfastdent.exe" [file not found]
"Norton AntiVirus - Scan my computer" -> launches: "C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe /task:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"" ["Symantec Corporation"]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 21
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" = "Norton AntiVirus" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" = "Web assistant" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll" ["Symantec Corporation"]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" = "Norton AntiVirus" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" = "Web assistant"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll" ["Symantec Corporation"]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" = "Norton AntiVirus"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]

Explorer Bars

HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
{FE54FA40-D68C-11D2-98FA-00C0F0318AFE}\ = "Real.com" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Shdocvw.dll" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Miscellaneous IE Hijack Points
------------------------------

C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")

Added lines (compared with English-language version):
[Strings]: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm

Missing lines (compared with English-language version):
[Strings]: 1 line


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

AOL Connectivity Service, AOL ACS, "C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe" ["America Online, Inc."]
BlueSoleil Hid Service, BlueSoleil Hid Service, "C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe" [null data]
Norton AntiVirus Auto Protect Service, navapsvc, ""C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"" ["Symantec Corporation"]
SAVScan, SAVScan, "C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe" ["Symantec Corporation"]
SmartLinkService, SLService, "slserv.exe" [" "]
Symantec Event Manager, ccEvtMgr, ""C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"" ["Symantec Corporation"]
Symantec Network Drivers Service, SNDSrvc, "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" ["Symantec Corporation"]
Symantec Network Proxy, ccProxy, ""C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"" ["Symantec Corporation"]
Symantec Settings Manager, ccSetMgr, ""C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"" ["Symantec Corporation"]


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
EPSON V6 2KMonitor\Driver = "EBPMON24.DLL" ["SEIKO EPSON CORPORATION"]
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]


----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer "No" at the first message box.
---------- (total run time: 71 seconds, including 18 seconds for message boxes)

HJT should be installed to a dedicated folder of its own either in your Programs folder or directly on your root drive or boot partition, not a Desktop or other temporary folder or directory. If you have already installed HiJackThis, be certain its in its own folder and not a temporary or desktop folder (to place HJT in its own folder, open Windows Explorer - Windows key+E - locate and select your root drive or partition, the drive or partition on which Windows is installed - typically "C:\", and open that folder, right-clicking anywhere in that folder's blank space, select "New">"Folder", name the new folder "HJT", then download and extract, or if you already have the latest version somewhere else move, HJT into that folder). When running HiJackThis to scan or fix things, please run it from its own permanent, properly placed folder, WITH NO OTHER BROWSERS, WINDOWS, FILESHARING, MEDIA PLAYERS, EMAIL, OR MESSAGING APPLICATIONS OPEN OR RUNNING.

Done that, here is the log...


Logfile of HijackThis v1.99.1
Scan saved at 19:00:37, on 28/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: MSEvents Object - {9068A414-3AF9-4F79-AF1C-E6EA415BAF52} - C:\WINDOWS\Fonts\psinfo.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dvd media open cdrom] C:\Documents and Settings\All Users\Application Data\eggs mfcd dvd media\fragbike.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O20 - Winlogon Notify: psinfo - C:\WINDOWS\Fonts\psinfo.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

Cool - thanks. Don't mean to rag on you - hope I didn't seem mean. Hope also this doesn't seem mean; please be patient and let Don77 work you through this ... at the moment, I'm doing a buncha other stuff, and Don77 has already tackled this one; I don't wanna muddy the waters any. I'll check back to see how things are going as soon as I'm able. Thanks again for your cooperation and for your understanding.

no problem

Hope Don can fix it!!

Please help me don77!!!

Be patient, he'll be along as soon as he's able. I have every confidence he'll resolve your issue in perfectly acceptable manner and as quickly as possible.

sorry! its just i have to go out now so i wont be able 2 reply to anything until i get back. not be long though, bye!

Hmmm Vundo as well


Lets work through this first, This will not remove the tool bar but we will get that soon as we clean Vundo off the computer first

Please print these instructions out for use in Safe Mode.

Please download VundoFix.exe to your desktop.

• Double-click VundoFix.exe to extract the files
  
• This will create a VundoFix folder on your desktop.
  
• After the files are extracted, please reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.
  
• Once in safe mode open the VundoFix folder and doubleclick on KillVundo.bat
  
• You will first be presented with a warning.
  It should look like this
  [quote]VundoFix V2.15 by Atri
  By using VundoFix you agree that you are doing so at your own risk
  Press enter to continue....
  
  [/quote]
  
• At this point press enter one time.
  
• Next you will see:
  [quote]Please Type in the filepath as instructed by the forum staff
  and then press enter:[/quote]
  
• At this point please type the following file path (make sure to enter it exactly as below!):
  [b] C:\WINDOWS\Fonts\psinfo.dll [/b]
  
  
• Press Enter to continue with the fix.
  
• Next you will see:
  [quote]Please type in the second filepath as instructed by the forum
  staff then press enter: [/quote]
  
• At this point please type the following file path (make sure to enter it exactly as below!):
  [b] C:\WINDOWS\Fonts\ofnisp.*[/b]
  
  
• Press Enter to continue with the fix.
  
• The fix will run then HijackThis will open, if it does not open automatically please open it manually.
  
• In HiJackThis, please place a check next to the following items and click FIX CHECKED:
  [b] O2 - BHO: MSEvents Object - {9068A414-3AF9-4F79-AF1C-E6EA415BAF52} - C:\WINDOWS\Fonts\psinfo.dll O20 - Winlogon Notify: psinfo - C:\WINDOWS\Fonts\psinfo.dll [/b]
  
  
• After you have fixed these items, close Hijackthis.
  
• Press enter to exit the program then manually reboot your computer.
  
• Once your machine reboots please continue with the instructions below.
  

Download and install CleanUp!

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):

• Empty Recycle Bins
  
• Delete Cookies
  
• Delete Prefetch files
  
• Cleanup! All Users
  

Click OK
Press the CleanUp! button to start the program.

It may ask you to reboot at the end, click NO.

Then, please run this online virus scan: ActiveScan

Copy the results of the ActiveScan and paste them here along with a new HiJackThis log and the vundofix.txt file from the vundofix folder into this topic.

ACTIVE SCAN....



Incident Status Location

Spyware:spyware/cydoor Not desinfected C:\WINDOWS\SYSTEM32\cd_clint.dll
Spyware:spyware/new.net Not desinfected C:\WINDOWS\NDNuninstall6_98.exe
Spyware:application/bestoffer Not desinfected C:\WINDOWS\smdat32m.sys
Adware:adware/toprebates Not desinfected C:\PROGRAM FILES\WebRebates4
Adware:adware/webhancer Not desinfected C:\PROGRAM FILES\whInstall
Spyware:spyware/searchcentrix Not desinfected Windows Registry
Virus:Trj/ConHook.A Disinfected C:\1.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\All Users\Application Data\databurnhopebin\Ace Tool.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\All Users\Application Data\eggs mfcd dvd media\fragbike.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\All Users\Application Data\eggs mfcd dvd media\Gram Free.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\bccehpeh.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\bikebiasdalebody.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\booccgqr.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\divjseji.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\dlkdqoor.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\ecdywqfr.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\edaixpby.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\ekcqflrc.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\exebgykm.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\fbiydzfa.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\fekibmah.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\Fourfastdent.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\fqzywobm.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\gbhwzcjr.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\hmaifben.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\hyplgswo.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\ibgnojxg.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\isqctjtr.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\jnaizjpa.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\jogeukhj.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\kkzzxtoq.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\kmmkogfv.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\kzbsacom.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\lttlesdx.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\mbndnokv.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\muhyzlbw.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\nnkhnkwc.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\nrbyvimd.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\ntjpqvpl.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\Option dupe internet.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\ovondtwp.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\papvofjd.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\pdkutliy.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\pwzcnpvt.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\qnbntyag.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\qnlyxnif.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\qqrxueyq.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\rgwytxpd.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\tbmnlpwv.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\usumfvdj.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\uwozuvvt.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\uxhabcfl.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\vhdwiqix.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\vnmerjja.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\wnkkgbqn.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\wseoiyim.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\xebrmlap.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\xptefrbc.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\ydlhlvdp.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\yefpdplq.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\ynufafay.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\ypenkudj.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\yygnkwfk.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\zfcuxqlf.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\rule plan lies\zshilxae.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\BERNIE\Application Data\timelist\pure extra.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\bikebiasdalebody.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\dwwmrsem.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\dynajafa.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\eqrqobwu.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\Fourfastdent.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\fvzjstra.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\ngauwyuc.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\ngvsyuat.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\ocgkmpqc.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\Option dupe internet.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\oyojcmek.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\qenvtjkr.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\skcarjju.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\vkoeulhk.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\wvdgdueg.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\yotqfhly.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\rule plan lies\znrooxal.exe
Adware:Adware/Lop Not desinfected C:\Documents and Settings\JULIE\Application Data\timelist\pure extra.exe
Adware:Adware/IST.ISTBar Not desinfected C:\Documents and Settings\SHONA\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-3c936701-772110ae.zip[InstallerApplet.class]
Adware:Adware/IST.ISTBar Not desinfected C:\Documents and Settings\SHONA\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-42e185e8.zip[InstallerApplet.class]
Adware:Adware/Lop Not desinfected C:\Documents and Settings\SHONA\Local Settings\Temporary Internet Files\Content.IE5\8TY78DER\newpass2[1].htm
Adware:Adware/WebHancer Not desinfected C:\Program Files\whInstall\whAgent.inf
Adware:Adware/WebHancer Not desinfected C:\Program Files\whInstall\whInstaller.ini
Spyware:Spyware/New.net Not desinfected C:\WINDOWS\NDNuninstall6_98.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\321 Studios GamesXCopy 1.0.8 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\3D Slot Car Racing Game 1.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\3D Studio Max 6 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ABBYY FineReader Pro 7.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\acdsee 7.0.61 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ACDSee PowerPack 7.0.43 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ACDSee v7.0 Powerpack 7.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Ad-aware Pro Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Ad-aware Professional.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Ad-aware.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe Acrobat Reader crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe Acrobat Reader.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe After Effects PRO v6.5 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe Golive v6.0 Keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe Illustrator v10.0 Time Limit Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe ImageReady v1.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe PageMaker v7.0 Keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe Photoshop 7 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe Photoshop all.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe Photoshop CS 8 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe Photoshop CS crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adobe Serial Generator v2.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Adult Tetris 2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Age of Empires II The Age of Kings NO CD crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Age Of Mythology - The Titans no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Age Of Mythology no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Agnitum Outpost Firewall 2.5.369 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Ahead Nero Burning 6.6.0.3 Ultra Edition keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\AlbumWrap Extractor v1.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\AlbumWrap.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Alcohol 120% v1.9.2 build 1705 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Alias Acclaim crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\All Macromedia Products Keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\All-in-One Secretmaker.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Anti-Trojan 4.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\AnyDVD 3.9.2.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\AnyDVD 4.0.4.1 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\AOL Instant Messenger (AIM).exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\AquaZone Desktop Garden 1.0.1.1 full crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Ares Galaxy.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Ares Lite.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Ashampoo WinOptimizer Platinum Suite 2 2.01.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Avant Browser.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Babylon Pro 5.0.0 (r78) crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Babylon Pro 5.0.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\babylon-pro 5.0.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Backyard Baseball 2003 no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Backyard Wrestling 2 - There Goes the Neighborhood Eidos Interactive crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Battlefield 1942 no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Battlefield Vietnam EA Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Battlefield Vietnam Multiplayer Online Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Besieger DreamCatcher Interactive crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\BitComet.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\BitSpirit 1.2.0 RC3.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Blindwrite Suite 4.5.3 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Blinx 2 - Masters of Time & Space Microsoft crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Blitzkrieg - Burning Horizon CDV Software GmbH crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Call of Duty Activision crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Call Of Duty no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CCALG - Credit Card Generator.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CD to MP3 Freeware 1.5.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Chicken Invaders 2 2.60.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\City of Heroes NCsoft crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Civilization III crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Classic NES Series - The Legend of Zelda GBA Nintendo crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Clone DVD 2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneCD 2.x Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneCD 3.x Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneCD 5.0.2.2 crackcrack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneCD 5.0.4.5 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneCD All Version KeyGen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneDVD 2.1.0.2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneDVD 2.5.4.3 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneDVD v1.x crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneDVD v3.0.25 Retail crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneDVD2 v2.4.3.5 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneDVD2 v2.4.5.4 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CloneDVD2 v2.5.3.3 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Command & Conquer - Generals no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Command & Conquer - Generals Zero Hour EA Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Command & Conquer - Generals Zero Hour no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Cool Edit 2000 1.1.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CopyToDVD 3.0.3 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Corel Draw Graphics Suite 12.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Counter-Strike Condition Zero Keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Crusader Kings Paradox Entertainment crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Cubase Audio XT 3.X crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CWShredder 2.12.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\CyberLink PowerDVD v6.0 Deluxe7 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dark Age Of Camelot - Trials Of Atlantis no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dark Matter - The Baryon Proj crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\dBpowerAmp Music Converter.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\DC++ 0.668.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Deus Ex Invisible War NO CD Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\DFX Audio Enhancement 2.0.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Diablo 2 no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dialupass 2.43 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\DivX Player (with DivX Codec).exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\DivX Player Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\dMSN mercury messenger 1.7.0.6.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Doom 3 Activision crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Doom 3 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Doom 3 NO CD Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Doom 3 SDK keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dope Wars Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Download Accelerator Plus 7.3.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Download Accelerator Plus V7.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Download Accelerator Plus v7.2 Premium crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Download Accelerator Plus.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dr Divx Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dr.Divx 1.0.6 Build 105 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dragon Ball Z - Budokai 3 Atari crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dragon Ball Z - Supersonic Warriors GBA Atari crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dragon Warrior VIII Square Enix crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\DRIV3R Atari crack.exe

Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dr Divx Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dr.Divx 1.0.6 Build 105 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dragon Ball Z - Budokai 3 Atari crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dragon Ball Z - Supersonic Warriors GBA Atari crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dragon Warrior VIII Square Enix crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\DRIV3R Atari crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Drug Wars - Underworld 1.3.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dungeon Lords DreamCatcher Interactive crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Dungeon Siege no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\DVD Decrypter 3.5.1.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\DVD Region-Free 5.5 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\DVD Shrink 3.2.0.15.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\DVDXCopy Platinum 4.0.3.8 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Easy CD-DA Extractor 7.1.3.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Easy CD-DA Extractor 7.13.2 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\eIMAGE Recovery 3.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\eMule 0.44b.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\eMule.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Enter the Matrix Atari crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ESPN NFL 2K5 Sega crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Exe Icon Changer 3.753.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\F.E.A.R. VU Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Fable Microsoft crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Far Cry Ubisoft crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Fifa 2005 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Final Fantasy VII - Advent Children PSP Square Enix crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Final Fantasy XI - Square Enix USA no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Final Fantasy XII Square Enix crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Fire Emblem - Seima no Kouseki GBA Nintendo crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\FlashFXP 2 RC2 Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\FlashFXP All Version KeyGen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\FlashFXP v1.4.1 Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\FlashFXP v1.4.3 Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\FlashFXP v2.0 Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\FlashFXP v2.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\FlashFXP v2.2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\FlashGet.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Forgotten Realms - Demon Stone Atari crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Forgotten Realms - Demon Stone crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Free Internet TV 3.2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Freedom Force no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Front Mission 4 Square Enix crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\FrontPage XP 2002 Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\FTP Server Serv-U 5.1 Coporate Edition crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Full Spectrum Warrior THQ crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Geist GC Nintendo crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\GetRight 5.2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Goblin Commander - Unleash the Horde Jaleco Entertainment crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Gran Turismo 4 SCEA crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Grand Theft Auto - San Andreas Rockstar Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Grand Theft Auto 3 no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Grand Theft Auto III no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Grand Theft Auto San Andreas NO CD crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Grand Theft Auto Vice City NO CD crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Grokster.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\GTA crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Gunbound Trainer.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\GX Transcoder 2.10.2350 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Half-Life 2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Half-Life 2 Keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Half-Life 2 NO CD Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Half-Life 2 VU Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Halo - Combat Evolved - Microsoft no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Halo 2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Harry Potter and the Prisoner of Azkaban Adventure EA Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Harry Potter and the Sorcerers Stone no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\HeadStrong WebClicker 2.56.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Heroes of Might and Magic IV no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Hidden and Dangerous 2 NO CD Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\HijackThis.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Icewind Dale 2 no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ICQ 4.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ICQ Pro 2003b.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ImageSlurp 2.43.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\iMesh.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Internet Download Manager 4.03.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Internet Download Manager v4.02 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\IsoBuster Professional v1.7.0.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Jedi Academy NO CD Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\JetAudio Basic.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Joint Operations - Typhoon Rising NovaLogic crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Juiced Acclaim crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\K-Lite Codec Pack v2.31 Full crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\K-Lite Mega Codec Pack 1.13 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Kaspersky Anti-Hacker v1.7 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Kazaa Download Accelerator Pro.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Kazaa Download Manager 3.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\KaZaA Lite Plus 1.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Kingdom Hearts II Square Enix crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Knights Apprentice Memoricks Adventures Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\LimeWire (International).exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\LimeWire Download Manager 4.2.6.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\LimeWire server scanner.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\LimeWire.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Longhorn Transformation Pack 8.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\LostGoggles.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\LOTR NO CD Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia ColdFusion MX crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Contribute v2.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Director 8 Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Dreamweaver 4.0 Patch.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Dreamweaver MX 2004 7.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Dreamweaver MX v6.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Dreamweaver UltraDev 4.0 Patch.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Fireworks 4.0 Patch.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Flash 5 Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Flash All Versions keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Flash MX v6.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia Flash SWF-Unprotect v2.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Macromedia FreeHand v10 Loader.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Madden NFL 2003 no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Madden NFL 2005 EA crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Mafia no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MagicScore maestro 3.5 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Malice Mud Duck Productions crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Mario Pinball Land GBA Puzzle Nintendo crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Mario Tennis GC Nintendo crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Matrix Screensaver.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Max Payne 2 Fall Of Max Payne no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Max Payne 2 NO CD Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Max Payne 2 The Fall of Max Payne NO CD crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MaxPayne 2 The Fall Of Max Payne Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\McAfee VirusScan 9.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\McFarlanes Evil Prophecy Konami crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Medal Of Honor - Allied Assault BreakThrough no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Medal Of Honor - Allied Assault no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Medal of Honor Pacific Assault EA Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Medal of Honor- Allied Assault no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Medieval - Total War no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Mega Man Anniversary Collection GC Capcom crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Metal Gear Acid PSP Konami crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Metal Gear Solid 3 - Snake Eater Konami crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Microsoft Flight Simulator 2004 - A Century Of Flight no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Microsoft Office 2000 Regmaker.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Microsoft Office XP Activation Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Microsoft Office XP Activation Killer.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Microsoft Office XP Professional Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Microsoft Office XP Professional Serial.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Microsoft Office XP Universal Activator v1.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Microsoft Windows Media Player.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Microsoft Windows Xp Profesional Sp 2 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Microsoft Windows XP Professional ( Corp key ) keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Midnight Club 3 - DUB Edition Rockstar Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\mirc 6.1x reg entries.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\mIRC 6.X crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Monopoly 3 ISO crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Monopoly 3 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Morpheus.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Mortal Kombat 4 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Mozilla Firefox.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MP3 Doctor 5.11.15 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\mp3DirectCut 1.38 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MS Office XP Activation Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MS Zoo Tycoon no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MSN advert remover.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MSN Messenger (Windows XP).exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MSN Toolbar advert remover.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MSN Toolbar.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MusicMatch Jukebox Plus 9.00 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MVP Baseball 2004 EA crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\MyIE2.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\NBA Live 2003 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\NBA Live 2004 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\NCAA Football 2005 EA crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Need For Speed 5 - no cd.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Need for Speed Hot Pursuit 2 CD KeyGenerator.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Need for speed underground - nocd.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Need for Speed Underground 2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Need for Speed Underground 2 Electronic Arts crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Need for Speed Underground 2 NO CD crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Need for Speed Underground Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Need for Speed Underground NO CD crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Need for Speed4 - NOCD.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\NeedforspeedUnderground-nocd.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Nero 6 Ultra Edition 6.6.0.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Nero 6 Ultra Edition Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Nero 6 Ultra Edition KeyGen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Nero 6 Ultra Edition.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\NERO 6.6.0.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Nero 6.6.0.3 Ultra crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Nero Burning Rom 6.6.0.3 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Nero Burning Rom Reloaded 6.6.0.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Nero Burning ROM v6.x crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Nero Reloaded 6.6.0.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Nero Ultra Edition 6.6.0.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\NetPumper Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\NetPumper.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Ninja Gaiden Tecmo crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\NOD32 Antivirus 2.12.1 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Norman Virus Control 5.70 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\norton 2005 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Norton AntiSpam 2004 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Norton AntiVirus 2004 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Norton AntiVirus 2004 Professional activation keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Norton AntiVirus 2004 Professional Edition keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\norton antivirus 2005 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\norton internet security 2005 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Norton Personal Firewall 2005 retail crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\nVidia nTune 2005 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Office 2003 Pro crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Onimusha 3 - Demon Siege Adventure Capcom crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Paris Hilton Sex-E Screensaver 1.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Partition Magic 8.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\PhotoShop CS 8.0 & ImageReady CS 8.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\PhotoShop CS v8.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\PINNACLE STUDIO PLUS V9.3 crack.exe
Virus:W32/Gaobot.CKM.wo

Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\PINNACLE STUDIO PLUS V9.3 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Plus! Media Center Edition crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Pocket Tanks 1.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\PornSnatcher 2.31.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\PowerDVD v5.9 Deluxe crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Psi-Ops - The Mindgate Conspiracy Midway crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Purge Jihad Freeform Interactive LLC crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Quake 3 - The Arena NO CD Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\QuickTime.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\RealPlayer crack (keygen).exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\RealPlayer Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\RealPlayer.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Red Dead Revolver Rockstar Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\RegClean 4.1a.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\RegCleaner 4.30.780.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Registry Mechanic 3.0 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Registry Mechanic Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Registry Mechanic.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Resident Evil 4 GC Adventure Capcom crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Rise of Nations - Thrones & Patriots Microsoft crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Risk II 1.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\RM to MP3 Converter 1.21.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\RoboForm crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\RoboForm.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Roller Coaster Tycoon no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Rollercoaster Tycoon 3 3 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\RollerCoaster Tycoon NO CD Crack (Including Attractions Pack).exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\RYL crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Second Life Linden Lab crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Serials 2000 v7.1 Plus (build 06.16.04) keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\SeXstazy 3.0.2.11.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Shadow Ops - Red Mercury Atari crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ShellShock - Nam 67 Eidos Interactive crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Shockwave Player.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Silent Storm - Sentinels _No Company crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Sim City 4 - Rush Hour no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Sim City 4 Deluxe no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Sim Theme Park World no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Sims 2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Singles - Flirt Up Your Life Eidos Interactive crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Sniff-em 1.12.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Snood Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Snood.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Snowblind Eidos Interactive crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Soldat 1.1.4.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Soldier of Fortune II- Double Helix no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\SolSuite 2004 - Solitaire Card Games Suite Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\SolSuite 2004 - Solitaire Card Games Suite.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Sonic the Hedgehog 3 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Spider-Man 2 Activision crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Spider-Man 2 GC Activision crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Sponge Bob Square Pants - Operation Krabby Patty no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Spy Sweeper 3.2 147 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Spybot - Search & Destroy.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\SpyHunter Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\SpyHunter.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Spyware doctor 2.1 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Spyware Doctor 2.1.0.254 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Spyware Doctor Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Spyware Doctor V3 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Spyware Doctor v3.0.0.288 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Spyware Doctor.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\SpywareBlaster.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Star Wars - Jedi Knight - Jedi Academy no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Star Wars - Knights of the Old Republic LucasArts crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Star Wars Galactic Battlegrounds- Clone Campaigns no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Star Wars Jedi Knight II - Jedi Outcast no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Star Wars Jedi Knight II- Jedi Outcast no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Star Wars Knights of the Old Republic II - The Sith Lords LucasArts crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Starcraft - Battlechest no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Strip Poker 2004 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Super dvd Creator 7.5 7.5 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Sygate Personal Firewall PRO v5.5 Build 2577 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Symantec Ghost 8.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Symatec System Center V9.0.0.338 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\System Mechanic 5.0c.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Chronicles of Riddick - Escape From Butcher Bay VU Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Elder Scrolls III - Morrowind Game of the Year Edition Bethesda Softworks crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Legend of Zelda (working title) GC Nintendo crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Legend of Zelda - Four Swords Adventures GC Nintendo crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Legend of Zelda - The Minish Cap GBA Nintendo crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Lord of the Rings - The Battle for Middle-Earth crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The lord of the rings the battle for middle earth crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Lord of the Rings The Battle for Middle-earth EA Games crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Lord of the Rings The Return of The King crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims - Hot Date Expansion Pack no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims - Makin Magic Expansion Pack no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims - Superstar Expansion Pack no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims - Unleashed Expansion Pack no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims - Vacation Expansion Pack no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims 2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims Clock 1.0.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims Deluxe no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims Double Deluxe no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Sims- Vacation no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Suffering Encore Software Inc. crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\The Suffering Midway crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Thief - Deadly Shadows Eidos Interactive crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Tiger Woods PGA Tour 2004 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Tom Clancy's Splinter Cell Pandora Tomorrow crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Tom Clancys Ghost Recon - Desert Siege no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Tom Clancys Splinter Cell Pandora Tomorrow Ubisoft crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Tom Clancys Splinter Cell Ubisoft crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Tony Hawks Underground crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Total Commander v6.03a PowerPack 25 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Trillian crasher.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Trillian Pro v3.0.950 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Trillian.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Tweak-XP Pro 4.0.2 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Unreal Tournament 2003 no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Unreal Tournament 2004 Atari crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Unreal Tournament 2004 crack (keygen).exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Unreal Tournament 2004 Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Unreal Tournament 2004 NO CD crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Vampire - The Masquerade - Bloodlines Activision crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\VirtualLab Data Recovery crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\VirtualLab Data Recovery.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Virtuosa Phoenix Edition Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Warcraft III - Reign Of Chaos no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Warez P2P.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WebRoot Spy Sweeper 3.5.0.189 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Webroot Spy Sweeper Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Webroot Spy Sweeper.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WebSite Watcher v4.02 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Winace 2.x Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Winamp 5.03 Full crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Winamp Full.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\windows server 2003 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Windows Server 2003 SP1 Build 1039-2l crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Windows XP Activation Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Windows XP home edition Activation.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Windows XP Pro 64-bit crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Windows XP Professional crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Windows XP SP2 KeyGen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinDVD Platinum 5.0.26.23 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinMX.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinRAR 3.30 Corporate Ed crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinRAR 3.x Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinRAR All KeyGen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinRAR crack (keygen).exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinRAR v3.20 Final keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinRAR v3.30 Final keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinRAR v3.41 Final keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinRAR.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinZip 9.x Crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinZip All KeyGen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinZip All Versions keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Winzip keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinZip Self-Extractor v2.2 keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinZip Self-Extractor v2.2 Patch.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinZip v8.0 Keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinZIP v9.0 Keygen.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinZip v9.0 Registration.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WinZip.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\World of Warcraft Blizzard Entertainment crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Worms Armageddon NO CD crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WWE Day of Reckoning GC THQ crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\WWE SmackDown! vs. Raw THQ crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\XBOX X-Fer Ripper and Transfer.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\XP Slipstreamer v1.0 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Yahoo Messenger.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Yoshinoya Success crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ZeroSpyware Lite.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ZipGenius.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Zone Alarm Security Suite 5.5.062 crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ZoneAlarm crack (keygen).exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\ZoneAlarm.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Zoo Tycoon - Complete Collection no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Zoo Tycoon no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Zoo Tycoon- Dinosaur Digs no cd crack.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\msview\Zoo Tycoon.exe
Virus:W32/Gaobot.CKM.worm Disinfected C:\WINDOWS\system32\svcnet.exe

NEW HIJACK THIS....


Logfile of HijackThis v1.99.1
Scan saved at 00:54:59, on 29/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: MSEvents Object - {9068A414-3AF9-4F79-AF1C-E6EA415BAF52} - C:\WINDOWS\Fonts\psinfo.dll (file missing)
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dvd media open cdrom] C:\Documents and Settings\All Users\Application Data\eggs mfcd dvd media\fragbike.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O20 - Winlogon Notify: psinfo - C:\WINDOWS\Fonts\psinfo.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

VundoFix V2.15 by Atri
--------------------------------------------------------------------------------------

Listing files contained in the vundofix folder.
--------------------------------------------------------------------------------------

iMesh 5.lnk
iTunes.lnk
killvundo.bat
LimeWire 4.9.4.lnk
Mozilla Firefox.lnk
n-Track Studio.lnk
process.exe
ReadMe.txt
Shortcut to killvundo.lnk
Silent Runners.vbs
Spybot - Search & Destroy.lnk
Startup Programs (SHEONA) 2005-12-28 18.26.44.txt
Unused Desktop Items
vundo.reg
VundoFix
VundoFix.exe
vundofix.txt
Windows Media Player.lnk

--------------------------------------------------------------------------------------

Filepaths entered
--------------------------------------------------------------------------------------

The filepath entered was C:\WINDOWS\Fonts\psinfo.dll

The second filepath entered was C:\WINDOWS\Fonts\ofnisp.*

--------------------------------------------------------------------------------------

Log from Process
--------------------------------------------------------------------------------------


Killing PID 132 'smss.exe'

Error, Cannot find a process with an image name of explorer.exe


Killing PID 212 'winlogon.exe'
--------------------------------------------------------------------------------------

C:\WINDOWS\Fonts\psinfo.dll Deleted sucessfully.
C:\WINDOWS\Fonts\ofnisp.* Deleted sucessfully.

Fixing Registry
--------------------------------------------------------------------------------------

Wow!! what on earth are all of those "crack" things!?!?! i only have one game on my computer!!! Must have downloaded with something i have downloaded!

Thats quite a mess you have there

Please restart HJT put a check next to the following, close all open windows and click "Fix Checked"

O2 - BHO: MSEvents Object - {9068A414-3AF9-4F79-AF1C-E6EA415BAF52} - C:\WINDOWS\Fonts\psinfo.dll (file missing)
O4 - HKLM\..\Run: [dvd media open cdrom] C:\Documents and Settings\All Users\Application Data\eggs mfcd dvd media\fragbike.exe
O20 - Winlogon Notify: psinfo - C:\WINDOWS\Fonts\psinfo.dll (file missing)



Next Reboot into SAFE MODE
Search for and delete the Folders highlighted in Blue Files highlighted in BOLD

C:\WINDOWS\system32\msview\
C:\WINDOWS\NDNuninstall6_98.exe
C:\Program Files\whInstall\
C:\Documents and Settings\JULIE\Application Data\timelist\
C:\Documents and Settings\All Users\Application Data\eggs mfcd dvd media\
C:\Documents and Settings\All Users\Application Data\databurnhopebin\
C:\PROGRAM FILES\WebRebates4\
C:\WINDOWS\smdat32m.sys
C:\WINDOWS\SYSTEM32\cd_clint.dll


While still in safe mode run Cleanup!
settings should be all set from earlier,
when it asks you to reboot click yes

Restart your computer,


Run another scan with Active and post the log back from it please along with a fresh HJT log, I would like to see an uninstall list as well please

• Start HijackThis
  
• Click on the Config button
  
• Click on the Misc Tools button
  
• Click on the Open Uninstall Manager button.
  
• You can click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad into this topic please,