Jump to content


Photo

PC crashes while surfing using Firefox


  • This topic is locked This topic is locked
14 replies to this topic

#1 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 22 June 2007 - 03:44 AM

Hi there!

About a month and a half my girl infected me :D with a Kingston flash, and since than I'm getting a blue screen while surfing using Firefox, but only (i think it's only) when few or more tabs are opened and in loading process. It wasn't the case before with multiple tabs...

I get that message PAGE_FAULT_IN_NON_PAGED... I'm sure you know the rest, but I've never managed to find the same error on other forums.

I've found few trojans with AVG and deleted them. They were in Start menu>All Programs>Startup and I think they were Empty.pif and Windows.pif (not sure for windows, but the first one was Empty.pif). The Kingston flash is formated and clean, but even after scanning with Spybot and AVG and Ad-Aware, that say there is no threats, I keep getting that blue screen when multiple tabs are opened.

(Sorry for my English)

OK, so here's my HijackThis log:

------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 10:28:57, on 22.06.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\Program Files\PeerWeb DC++\PeerWeb DC++.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

-----------------------------------------------------------

ok, that's it, I hope that it is what you asked for in:
"If you're not posting a HijackThis log, please tell us what version of Windows or other OS you use. "

ZoneAlarm is shut down (as I'm typing, as well as AVG free edition)

I will be very grateful if you could help me.

---------------------------------------------------
And here is a ComboFix log:
-------------------------------
ComboFix 07-06-18.2 - C:\Documents and Settings\Kifele\My Documents\My Received Files\ComboFix.exe
"Kifele" - 2007-06-22 9:54:45 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2007-05-22 to 2007-06-22 )))))))))))))))))))))))))))))))


2007-06-22 09:53 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-05-26 16:25 <DIR> d-------- C:\DOCUME~1\Kifele\APPLIC~1\Simply Super Software
2007-05-26 16:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Simply Super Software
2007-05-24 09:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-22 07:56:06 -------- d-----w C:\DOCUME~1\Kifele\APPLIC~1\Free Download Manager
2007-06-22 07:44:44 -------- d-----w C:\Program Files\PeerWeb DC++
2007-06-21 20:53:03 24 ----a-w C:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-00000006-00001102-00000002-80651102}.dat
2007-06-21 20:53:03 24 ----a-w C:\WINDOWS\system32\DVCState-{00000000-00000000-00000006-00001102-00000002-80651102}.dat
2007-06-21 18:22:13 -------- d-----w C:\Program Files\eMule
2007-06-21 18:22:13 -------- d-----w C:\DOCUME~1\Kifele\APPLIC~1\uTorrent
2007-06-10 12:21:04 -------- d-----w C:\Program Files\Google
2007-05-31 08:49:52 -------- d-----w C:\Program Files\Soulseek-Test
2007-05-29 18:42:04 -------- d-----w C:\Program Files\Totalcmd
2007-05-26 09:58:56 -------- d-----w C:\Program Files\CursorXP
2007-05-10 08:44:47 2,243,260 ---ha-w C:\WINDOWS\system32\spython.bin
2007-05-09 22:15:28 -------- d-----w C:\DOCUME~1\Kifele\APPLIC~1\iolo
2007-05-09 19:47:41 1,024 ----a-w C:\WINDOWS\system32\pdf2word.DAT
2007-05-09 19:47:03 -------- d-----w C:\Program Files\PDF2Word v1.4
2007-05-02 07:09:57 4 ----a-w C:\WINDOWS\win32t4.dll
2007-05-02 06:08:04 4,096 ----a-w C:\WINDOWS\d3dx.dat


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 01:04]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll [2006-07-26 03:17]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar1.dll []
{C08DF07A-3E49-4E25-9AB0-D3882835F153}=C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll [2001-08-10 15:23]
{CC59E0F9-7E43-44FA-9FAA-8377850BF205}=C:\Program Files\Free Download Manager\iefdmcks.dll [2006-08-20 19:55]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 09:50 C:\WINDOWS\LOGI_MWX.EXE]
"ioloDelayModule"="C:\Program Files\iolo\System Mechanic Professional 6\delay.exe" [2005-06-08 14:31]
"nwiz"="nwiz.exe" [2004-10-29 17:50 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2004-10-29 17:50 C:\WINDOWS\system32\nvmctray.dll]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 11:56 C:\WINDOWS\system32\CTHELPER.EXE]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe" [2006-12-20 18:47]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2005-02-04 22:12]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:56]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSaveSettings"=0 (0x0)
"NoSMConfigurePrograms"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"NoStartBanner"=01000000


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bceae76e-7b9c-11db-bb75-0014f8bebd49}]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bceae76f-7b9c-11db-bb75-0014f8bebd49}]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c61235ec-f87e-11db-bbca-f0da717f9a6f}]
Auto\command- AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e


**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-22 09:58:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-22 10:01:15

--- E O F ---
==============================

Thnx, bye! :wave:

#2 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 22 June 2007 - 03:48 AM

And this is the Firefox version I use:

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4

#3 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 22 June 2007 - 03:53 AM

OH, and now I see IE on my Desktop?! I didn't put it there!

And it's not a shortcut. When I rightclick>Properties on it, it shows that "Internet Properties" with 7 tabs General, Security, Privacy...

Oh, no...

#4 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 22 June 2007 - 11:03 AM

This is the last message from blue screen, few hours ago:

--------------------------
Technical info:

***STOP: 0x00000050 (0xF8656000, 0x00000001, 0xBF835991, 0x00000000)

Win32k.sys - Address BF835991 base at BF800000, Dates temp 43446a58

----------------------------------

What are the exact names of that "caching or shadowing" that they suggest to turn off in BIOS?

There are few of them in - Advanced BIOS features, and this is how they are set at my PC:

Internal cache - WriteBack
System BIOS Cacheable - Enabled
C000, 32k Shadow - Disabled
----------------------------

I hope this info will help (?)

Bye, once again!

#5 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 22 June 2007 - 11:17 AM

...and this is the Error signature, after restarting PC:

Error signature:
BCCode : 10000050 BCP1 : F8656000 BCP2 : 00000001 BCP3 : BF835991
BCP4 : 00000000 OSVer : 5_1_2600 SP : 2_0 Product : 256_1

I'll wait now with posting further info, to avoid being spammer :)

#6 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 22 June 2007 - 01:43 PM

IT HAPPENED AGAIN!

Only ONE page was opened in Firefox.

Error signature:
BCCode : 10000050 BCP1 : F29CE000 BCP2 : 00000001 BCP3 : BF835991
BCP4 : 00000000 OSVer : 5_1_2600 SP : 2_0 Product : 256_1

----------------------------

Technical info (from Blue screen)

***STOP: 0x00000050 (0xF29CE000, 0x00000001, 0xBF835991, 0x00000000)

base at BF800000, Date Stamp 43446a58

-----------------------

#7 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 24 June 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#8 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 26 June 2007 - 05:35 AM

Here's the Kaspersky online scan log:
-----------------------------------
KASPERSKY ONLINE SCANNER REPORT
2007-06-25 22:04
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 25/06/2007
Kaspersky Anti-Virus database records: 353199
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
Scan Statistics
Total number of scanned objects 80218
Number of viruses found 3
Number of infected objects 31
Number of suspicious objects 0
Duration of the scan process 02:10:53

Infected Object Name Virus Name Last Action
C:\ComboFix.txt.bat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Kifele\Application Data\Mozilla\Firefox\Profiles\r7h6wo5b.default\cert8.db Object is locked skipped
C:\Documents and Settings\Kifele\Application Data\Mozilla\Firefox\Profiles\r7h6wo5b.default\history.dat Object is locked skipped
C:\Documents and Settings\Kifele\Application Data\Mozilla\Firefox\Profiles\r7h6wo5b.default\key3.db Object is locked skipped
C:\Documents and Settings\Kifele\Application Data\Mozilla\Firefox\Profiles\r7h6wo5b.default\parent.lock Object is locked skipped
C:\Documents and Settings\Kifele\Application Data\Mozilla\Firefox\Profiles\r7h6wo5b.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Kifele\Application Data\Mozilla\Firefox\Profiles\r7h6wo5b.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Kifele\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Kifele\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Kifele\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Kifele\Local Settings\Application Data\Mozilla\Firefox\Profiles\r7h6wo5b.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Kifele\Local Settings\Application Data\Mozilla\Firefox\Profiles\r7h6wo5b.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Kifele\Local Settings\Application Data\Mozilla\Firefox\Profiles\r7h6wo5b.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Kifele\Local Settings\Application Data\Mozilla\Firefox\Profiles\r7h6wo5b.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Kifele\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Kifele\Local Settings\Temp\Free Download Manager\tic80.tmp Object is locked skipped
C:\Documents and Settings\Kifele\Local Settings\Temp\~DF333D.tmp Object is locked skipped
C:\Documents and Settings\Kifele\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Kifele\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Kifele\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\AMD2000.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\temp\ZLT05d05.TMP Object is locked skipped
C:\WINDOWS\temp\ZLT05d08.TMP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\111886.exe/WISE0014.BIN Infected: Trojan-Downloader.Win32.Small.bke skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\111886.exe WiseSFX: infected - 1 skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\111886.exe WiseSFX Dropper: infected - 1 skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe/WISE0018.BIN Infected: Trojan-Downloader.Win32.Small.bke skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe/WISE0019.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe/WISE0020.BIN/stream/data0007 Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe/WISE0020.BIN/stream/data0008 Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe/WISE0020.BIN/stream Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe/WISE0020.BIN Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe WiseSFX: infected - 6 skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe WiseSFX Dropper: infected - 6 skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe/WISE0018.BIN Infected: Trojan-Downloader.Win32.Small.bke skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe/WISE0019.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe/WISE0020.BIN/stream/data0007 Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe/WISE0020.BIN/stream/data0008 Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe/WISE0020.BIN/stream Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe/WISE0020.BIN Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe WiseSFX: infected - 6 skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe WiseSFX Dropper: infected - 6 skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe/WISE0015.BIN Infected: Trojan-Downloader.Win32.Small.bke skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe WiseSFX: infected - 2 skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe WiseSFX Dropper: infected - 2 skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe/WISE0017.BIN Infected: Trojan-Downloader.Win32.Small.bke skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe/WISE0018.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe/WISE0019.BIN/stream/data0007 Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe/WISE0019.BIN/stream/data0008 Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe/WISE0019.BIN/stream Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe/WISE0019.BIN Infected: not-a-virus:AdWare.Win32.ActivShopper.a skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe WiseSFX: infected - 6 skipped
E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe WiseSFX Dropper: infected - 6 skipped
Scan process completed.
=======================

Edited by svchost, 26 June 2007 - 05:50 AM.


#9 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 26 June 2007 - 05:52 AM

And this is the BitDefender online scan log:
--------------------------------


BitDefender Online Scanner







Scan report generated at: Tue, Jun 26, 2007 - 00:23:10









Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;















Statistics

Time


01:28:08

Files


281353

Folders


7553

Boot Sectors


4

Archives


15164

Packed Files


11906







Results

Identified Viruses


5

Infected Files


12

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


12







Engines Info

Virus Definitions


571397

Engine build


AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Scan plugins


14

Archive plugins


38

Unpack plugins


6

E-mail plugins


6

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\IndexPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\IndexPage.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\IndexPage.htm=>(JAVASCRIPT 2)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\IndexPage.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\SubPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\SubPage.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\SubPage.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\Thumbnail.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\Thumbnail.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\Thumbnail.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\Thumbnail.htm=>(JAVASCRIPT 4)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Horizontal Slideshow\Thumbnail.htm=>(JAVASCRIPT 5)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple\Caption.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple\IndexPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple\SubPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple\Thumbnail.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\Caption.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\FrameSet.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\FrameSet.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\FrameSet.htm=>(JAVASCRIPT 2)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\FrameSet.htm=>(IFRAME)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\FrameSet.htm=>(IFRAME)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\FrameSet.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\images\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\images\ds_bot.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\images\ds_bot_corner.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\images\ds_bot_lt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\images\ds_rt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\images\ds_top_rt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\images\galleryStyle.css


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\images\spacer.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\images\Thumbs.db


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\IndexPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\IndexPage.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\SubPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\SubPage.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\SubPage.htm=>(JAVASCRIPT 2)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\SubPage.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Horizontal Thumbnails\Thumbnail.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\Caption.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\arrow_next.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\arrow_prev.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\arrow_up.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\ds.psd


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\ds_bot.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\ds_bot_corner.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\ds_bot_lt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\ds_rt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\ds_top_rt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\galleryStyle.css


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\spacer.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\Thumbs.db


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\wh_bot.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\wh_bot_corner.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\wh_bot_lt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\wh_rt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\images\wh_top_rt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\IndexPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\SubPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\SubPage.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\SubPage.htm=>(JAVASCRIPT 2)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\SubPage.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Thumbnail Table\Thumbnail.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\Caption.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\FrameSet.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\FrameSet.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\FrameSet.htm=>(IFRAME)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\FrameSet.htm=>(IFRAME)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\images\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\images\ds_bot.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\images\ds_bot_corner.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\images\ds_bot_lt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\images\ds_rt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\images\ds_top_rt.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\images\galleryStyle.css


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\images\spacer.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\images\Thumbs.db


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\IndexPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\SubPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\SubPage.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\SubPage.htm=>(JAVASCRIPT 2)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\SubPage.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Simple - Vertical Thumbnails\Thumbnail.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\Caption.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\arrow_next.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\arrow_prev.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\dotted_horiz.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\dotted_vert.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\ds_bot.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\galleryStyle.css


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\home.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\left.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\right.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\spacer.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\Thumbs.db


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\images\up.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\IndexPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\IndexPage.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\IndexPage.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\SubPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\SubPage.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\SubPage.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\SubPage.htm=>(JAVASCRIPT 4)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table - Minimal\Thumbnail.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\Caption.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\background.jpg


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\galleryStyle.css


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\home.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\innerBL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\innerBR.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\innerTL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\innerTR.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\next.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\outerBL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\outerBR.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\outerTL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\outerTR.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\previous.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\slideEdgeE.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\slideEdgeN.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\slideEdgeNE.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\slideEdgeNW.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\slideEdgeS.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\slideEdgeSE.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\slideEdgeSW.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\slideEdgeW.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\images\spacer.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\IndexPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\SubPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 1\Thumbnail.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\Caption.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\background.jpg


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\galleryStyle.css


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\home.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\innerB.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\innerBL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\innerBR.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\innerL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\innerR.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\innerT.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\innerTL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\innerTR.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\next.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\outerB.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\outerBL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\outerBR.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\outerCorner.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\outerL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\outerR.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\outerT.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\outerTL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\outerTR.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\previous.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\slideEdgeE.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\slideEdgeL.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\slideEdgeN.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\slideEdgeNE.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\slideEdgeNW.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\slideEdgeS.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\slideEdgeSE.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\slideEdgeSW.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\slideEdgeW.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\images\spacer.gif


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\IndexPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\SubPage.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Web Photo Gallery\Table 2\Thumbnail.htm


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Workspaces\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Workspaces\Automation


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Workspaces\Basic


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Workspaces\Color and Tonal Correction


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Workspaces\Image Analysis


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Workspaces\Painting and Retouching


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Workspaces\Printing and Proofing


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Workspaces\Web Design


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Workspaces\What's New in CS2


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Workspaces\Working with Type


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\ZoomView\


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\ZoomView\Plain.zvt


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\ZoomView\Plain.zvt=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\ZoomView\Plain.zvt=>(JAVASCRIPT 2)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\ZoomView\Plain.zvt=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\ZoomView\With Instructions.zvt


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\ZoomView\With Instructions.zvt=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\ZoomView\With Instructions.zvt=>(JAVASCRIPT 2)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\ZoomView\With Instructions.zvt=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\PSArt.dll


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\PSViews.dll


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\regsresen_US.dll


Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Required\


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20FirstTime.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20FirstTime.htm=>(JAVASCRIPT 3)=>(JAVASCRIPT 2)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20FirstTime.htm=>(JAVASCRIPT 7)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20FirstTime.htm=>(JAVASCRIPT 7)=>(JAVASCRIPT 2)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20MsgBox.htm


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20MsgBox.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20MsgBox.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20NewNoSearch.htm


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20NewNoSearch.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20NewNoSearch.htm=>(JAVASCRIPT 11)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20ProxyAuth.htm


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20ProxyAuth.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20ProxyAuth.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20ProxyAuth.htm=>(JAVASCRIPT 4)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20ProxyAuth.htm=>(JAVASCRIPT 5)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20ProxyAuth.htm=>(JAVASCRIPT 6)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20ProxyAuth.htm=>(JAVASCRIPT 9)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20SearchTips.htm


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20SearchTips.htm=>(JAVASCRIPT 1)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\st20SearchTips.htm=>(JAVASCRIPT 3)


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\stylesheets\


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\stylesheets\nStockPhoto.css


Clean

C:\Program Files\Adobe\Adobe Stock Photos\Template\stylesheets\StockPhoto.css


Clean

C:\Program Files\Adobe\Adobe Stock Photos\xmpir.dll


Clean

C:\Program Files\Adobe\Adobe Utilities\


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\ExtendScript Toolkit.exe


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\ExtendScript.dll


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\msvcp71.dll


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\msvcr71.dll


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Plug-Ins\


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Plug-Ins\printinglib.dll


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\01startup.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\02shutdown.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\04window.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\05menus.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\10debugger.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\11bridgetalk.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\12document.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\17prefs.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\31stackPane.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\32consolePane.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\33scriptsPane.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\34VariablesPane.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\35breakpointsPane.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\51print.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\60prefsDialog.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\61findReplaceDialog.jsx


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\en_US.dat


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\en_US.dat=>(unicode)


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\extendscript-en_US.dat


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\Required\extendscript-en_US.dat=>(unicode)


Clean

C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\ScCore.dll


Clean

C:\Program Files\Adobe\camera_raw.mov


Clean

C:\Program Files\Adobe\image_warp.mov


Clean

C:\Program Files\Adobe\Reader 8.0\


Clean

C:\Program Files\Adobe\Reader 8.0\Esl\


Clean

C:\Program Files\Adobe\Reader 8.0\Esl\AiodLite.dll


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\ACE.dll


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\Acrofx32.dll


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.dll


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRdIF.dll


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\AdobeLinguistic.dll


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\AdobeUpdateCheck.exe


Clean

C:\Program Files\Adobe\Reader 8.0\Reader\AdobeUpdater.dll


Clean

C:\WINDOWS\system32\C2MP\Uninst.exe


Infected with: Trojan.Downloader.Zlob.NI

C:\WINDOWS\system32\C2MP\Uninst.exe


Disinfection failed

C:\WINDOWS\system32\C2MP\Uninst.exe


Deleted

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\111886.exe=>wise0015


Infected with: Trojan.Downloader.Small.BKE

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\111886.exe=>wise0015


Disinfection failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\111886.exe=>wise0015


Deleted

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\111886.exe


Update failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe=>wise0019


Infected with: Trojan.Downloader.Small.BKE

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe=>wise0019


Disinfection failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe=>wise0019


Deleted

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe


Update failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe=>wise0020


Detected with: Application.Adware.NewDotNet.B.Dropper

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe=>wise0020


Deleted

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\113658.exe


Update failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe=>wise0019


Infected with: Trojan.Downloader.Small.BKE

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe=>wise0019


Disinfection failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe=>wise0019


Deleted

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe


Update failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe=>wise0020


Detected with: Application.Adware.NewDotNet.B.Dropper

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe=>wise0020


Deleted

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\116927.exe


Update failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe=>wise0016


Infected with: Trojan.Downloader.Small.BKE

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe=>wise0016


Disinfection failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe=>wise0016


Deleted

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe


Update failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe=>wise0017


Detected with: Application.Adware.NewDotNet.B.Dropper

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe=>wise0017


Deleted

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\117062.exe


Update failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe=>wise0018


Infected with: Trojan.Downloader.Small.BKE

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe=>wise0018


Disinfection failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe=>wise0018


Deleted

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe


Update failed

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe=>wise0019


Detected with: Application.Adware.NewDotNet.B.Dropper

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe=>wise0019


Deleted

E:\Install\Desktop\Themes & Visual Styles\Visual Styles\118802.exe


Update failed

E:\Install\Animation\Magic SWF2Gif 1.35(converting swf to avi with movie clips)\S2G135_CRK.exe


Infected with: Trojan.Keygen.Q

E:\Install\Animation\Magic SWF2Gif 1.35(converting swf to avi with movie clips)\S2G135_CRK.exe


Disinfection failed

E:\Install\Animation\Magic SWF2Gif 1.35(converting swf to avi with movie clips)\S2G135_CRK.exe


Deleted

E:\Install\DivX\Cole2k Media Codec Pack v6.0.7 Standard\Cole2k Media Codec Pack v6.0.7 Standard.exe


Infected with: Trojan.Downloader.Zlob.NI

E:\Install\DivX\Cole2k Media Codec Pack v6.0.7 Standard\Cole2k Media Codec Pack v6.0.7 Standard.exe


Disinfection failed

E:\Install\DivX\Cole2k Media Codec Pack v6.0.7 Standard\Cole2k Media Codec Pack v6.0.7 Standard.exe


Deleted
=========================================

#10 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 27 June 2007 - 07:50 AM

And this is AVG Anti-Spyware report:
-----------
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 22:15 2007-06-26

+ Scan result:



C:\Program Files\TEXTware\QUICKfind\PlugIns\IEHelp.dll -> Adware.BHO : Ignored.
E:\Install\Dictionary\Oxford - ADVANCED LEARNER'S Dictionary\setup\view\IEHelp.dll -> Adware.BHO : Ignored.
E:\Install\Music\Winamp2\Plugins\WOW Thing Crack.exe -> Backdoor.Theef.111 : Ignored.
E:\Install\System\Typing\TypingMaster_2002_v6[1].20_English.zip/tmaster_crk.exe -> Trojan.Small : Ignored.
E:\Install\WinXP - Install\Windows XP SP1\Tutorial Windows XP SP1\- Info\Files\XPKey.exe -> Trojan.Small.edz : Ignored.
E:\Install\WinXP - Install\Windows XP SP1\Tutorial Windows XP SP1\Crack\XP-key-changer_1.zip/XPKey.exe -> Trojan.Small.edz : Ignored.
E:\Install\WinXP - Install\Windows XP SP1\Tutorial Windows XP SP1\Crack\XP-key-changer_2.rar/XP.CD.Key.Changer\XPKey.exe -> Trojan.Small.edz : Ignored.


::Report end
=========

OK, and now I'm gonna give you a buzz!

:-)

#11 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 27 June 2007 - 08:11 AM

What does this mean:

"E:\Install\Animation\Magic SWF2Gif 1.35(converting swf to avi with movie clips)\S2G135_CRK.exe


Deleted"

I hope that BitDefender did NOT really deleted it.... Or I'm wrong?

#12 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 12 July 2007 - 07:35 AM

Hi,

Sorry for this long delay. Not sure If I can help you but in the event that you still need help please submit a fresh HijackThis log. I will see what I can do.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#13 svchost

svchost

    Member

  • Full Member
  • Pip
  • 11 posts

Posted 21 July 2007 - 01:52 PM

Hi! I wasn't home for some time... From time to time I see that Blue Screen...

OK, here's fresh HijackThis log, as you asked...

==========================
Logfile of HijackThis v1.99.1
Scan saved at 20:49, on 2007-07-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Temp\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

==================================

Thnx, bye!

#14 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 21 July 2007 - 03:31 PM

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

Disable AVG Anti-Spyware (formerly ewido):

Please disable AVG Anti-Spyware, as it may interfere with the fix.
  • Open AVG Anti-Spyware by double-clicking the multi-colored box emblazoned with an ‘S’ in the system tray.
  • In the Resident Shield section, toggle the AVG Anti-Spyware active protection ‘off’ by clicking Change state which will then change the protection status to 'inactive'.
  • If you are instructed to reboot at any time during your cleanup, AVG Anti-Spyware will prompt you as to whether you would like to Restart the Resident Shield.
  • Reply ‘no’ and set it to ‘inactive’ for the duration of your cleanup.

Once your log is clean you can re-enable Ewido.

Please change the location of HijackThis.exe.
Create a new folder in your C: Drive
Name it C:\HJT or HijackThis and move the HijackThis.exe file in it.
It's best for this tool NOT TO be located in your Desktop or in a TEMP folder.
This way you can undo any changes if something goes wrong and will prevent the tool placing shortcuts on your Desktop.

Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)


Click on Fix Checked when finished and exit HijackThis.

Restart the computer normally to reset the registry.


Download Combofix to your desktop.
Doubleclick combofix.exe
Follow the prompts.
Don't click on the window while the fix is running, because that will cause your system to hang.

When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply together with a new hijackthislog.

Do NOT post the ComboFix-quarantined-files.txt - unless I ask you to.

p.s. next time you get a Blue Sceen, please copy and paste the message back here for me to see.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#15 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 02 August 2007 - 09:50 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button