I haven't deleted anything yet because I can't reinstall any windows components that have been infected... CWShredder (new vwersion says I'm squeeky clean but I'm not eh?)

HA HA! I've been out and made a full roast dinner and it's only just finished!!!
:lol: Anyway here's what its log says:



/--------------------------------------------------------------\
| Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
| http://www.trendmicro.com |
\--------------------------------------------------------------/


2005-01-23, 15:45:40, Auto-clean mode specified.
2005-01-23, 15:45:40, Running scanner "C:\Program Files\internet security suite\sysclean\TSC.BIN"...
2005-01-23, 15:45:59, Scanner "C:\Program Files\internet security suite\sysclean\TSC.BIN" has finished running.
2005-01-23, 15:45:59, TSC Log:

Damage Cleanup Engine (DCE) 3.9(Build 1020)
Windows XP(Build 2600: )

Start time : Sun Jan 23 2005 15:45:42

Load Damage Cleanup Template (DCT) "C:\Program Files\internet security suite\sysclean\tsc.ptn" (version 487) [success]

Complete time : Sun Jan 23 2005 15:45:59
Execute pattern count(1749), Virus found count(0), Virus clean count(0), Clean failed count(0)

2005-01-23, 16:00:38, An error occurred while scanning file "C:\Documents and Settings\ebennew\NTUSER.DAT": Access is denied.
2005-01-23, 16:00:38, An error occurred while scanning file "C:\Documents and Settings\ebennew\ntuser.dat.LOG": Access is denied.
2005-01-23, 16:01:01, An error occurred while scanning file "C:\Documents and Settings\ebennew\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Access is denied.
2005-01-23, 16:01:01, An error occurred while scanning file "C:\Documents and Settings\ebennew\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Access is denied.
2005-01-23, 16:32:52, An error occurred while scanning file "C:\Documents and Settings\LocalService\NTUSER.DAT": Access is denied.
2005-01-23, 16:32:52, An error occurred while scanning file "C:\Documents and Settings\LocalService\ntuser.dat.LOG": Access is denied.
2005-01-23, 16:32:53, An error occurred while scanning file "C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Access is denied.
2005-01-23, 16:32:53, An error occurred while scanning file "C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Access is denied.
2005-01-23, 17:19:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ307969$\parport.sys": Access is denied.
2005-01-23, 17:19:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ307969$\spuninst\spuninst.exe": Access is denied.
2005-01-23, 17:19:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ307969$\spuninst\spuninst.inf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\ACRORD32.EXE-0781811F.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\AD-AWARE.EXE-2ED3360E.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\ADOBE GAMMA LOADER.EXE-1DBD7BA3.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\AGENTSVR.EXE-002E45AB.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\AUPATCH.DAT-26B17925.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\AUPDATE.EXE-2253CB60.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\AUUNZIP.DAT-0F430B30.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\AUUPDATE.DAT-1C26048B.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\BTTNSERV.EXE-156C663E.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\CCLEANER.EXE-0BCE437C.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\CLICAPI20.EXE-0884FF61.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\CPQEADM.EXE-01DAFE68.pf": Access is denied.
2005-01-23, 17:22:39, Could not set file for reading on "C:\WINDOWS\Prefetch\CPQEAKSYSTEMTRAY.EXE-02AC468C.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\CSRSS.EXE-12B63473.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\CWSHREDDER.EXE-075D6433.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\CWSHREDDER.EXE-1530D436.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\DIRECTCD.EXE-0A60B47C.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\DISREB~1.EXE-116A29FD.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\EAUSBKBD.EXE-0920B492.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\ESCNDV.EXE-2FFF20EB.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\FIREFOX.EXE-17EE503B.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\GETVLIST.EXE-3374D9AD.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\HH.EXE-2D1A70B3.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-0E1BF781.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-39DC3871.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\HPGS2WND.EXE-06AC8C27.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\HPGS2WNF.EXE-3A8D0447.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\HPW8TBX.EXE-07B56719.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\INSTALL.EXE-3AEF1D3F.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\JUSCHED.EXE-1E31B7EA.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\KAVSS.EXE-0634462E.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\Layout.ini": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\LSETUP.EXE-34E1AE91.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\LUALL.EXE-30AC8E48.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\LUCOMS~1.EXE-02DB5950.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\LUSETUP-LT.EXE-1D0507C4.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\LUSETU~1.EXE-1F968773.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\LUUPDATE.EXE-057DD85A.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\MSMSGS.EXE-2B6052DE.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\MWAV.EXE-02FBCF70.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\MWAVSCAN.COM-2F443510.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\NAVAPW32.EXE-14F0BD2A.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\NAVW32.EXE-24F56911.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\NAVW32.EXE-2F9B64D1.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\NDETECT.EXE-16E64095.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\NMAIN.EXE-2BA406E0.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\OSA9.EXE-27CD7DB8.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\OUTLOOK.EXE-3784AE71.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\PATCH.EXE-1DE617D3.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\QSERVER.EXE-22A02121.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\QTTASK.EXE-342507FB.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\REALPLAY.EXE-1BF219BD.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\RL.EXE-0EB8DE0F.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-14948BEB.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-18E3301D.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-1C320F03.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-37AF1B57.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-4743EFC7.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SETHOOK.EXE-3556B5A6.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SETREFRESH.EXE-0C1D851C.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SMTRAY.EXE-025A616B.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SNDMON.EXE-0A6C21A2.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SPYBOTSD.EXE-1344276B.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SPYWAREBLASTER.EXE-20CF1E62.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SRMCLEAN.EXE-1A445B2C.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SSTEXT3D.SCR-17B3B9DD.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\STARTEAK.EXE-02E55F96.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SYMANT~1.EXE-0325DF9A.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SYMWSC.EXE-321AAE19.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.COM-1D1BBD47.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.EXE-07354F67.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\TSC.BIN-38462285.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\TSC.EXE-2B4C0858.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\UPDATE.EXE-1E8AE159.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\VSMON.EXE-1609C098.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\WINAMPA.EXE-0536E33F.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\WINLOGON.EXE-32C57D49.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\WINPATROL.EXE-0E9A04D5.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\WINPATROLEX.EXE-29896382.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\WINWORD.EXE-29F5CB89.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\WINZIP32.EXE-335422C1.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\WKCALREM.EXE-23DFAF4B.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\WKDETECT.EXE-317B1611.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\WKSCAL.EXE-10AB18FB.pf": Access is denied.
2005-01-23, 17:22:40, Could not set file for reading on "C:\WINDOWS\Prefetch\WKSSB.EXE-01DCAEEA.pf": Access is denied.
2005-01-23, 17:22:41, Could not set file for reading on "C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf": Access is denied.
2005-01-23, 17:22:41, Could not set file for reading on "C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEF9C.pf": Access is denied.
2005-01-23, 17:22:41, Could not set file for reading on "C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf": Access is denied.
2005-01-23, 17:22:41, Could not set file for reading on "C:\WINDOWS\Prefetch\ZLCLIENT.EXE-1C550EB2.pf": Access is denied.
2005-01-23, 17:27:11, An error occurred while scanning file "C:\WINDOWS\system32\config\DEFAULT": Access is denied.
2005-01-23, 17:27:11, An error occurred while scanning file "C:\WINDOWS\system32\config\default.LOG": Access is denied.
2005-01-23, 17:27:11, An error occurred while scanning file "C:\WINDOWS\system32\config\SAM": Access is denied.
2005-01-23, 17:27:11, An error occurred while scanning file "C:\WINDOWS\system32\config\SAM.LOG": Access is denied.
2005-01-23, 17:27:12, An error occurred while scanning file "C:\WINDOWS\system32\config\SECURITY": Access is denied.
2005-01-23, 17:27:12, An error occurred while scanning file "C:\WINDOWS\system32\config\SECURITY.LOG": Access is denied.
2005-01-23, 17:27:12, An error occurred while scanning file "C:\WINDOWS\system32\config\SOFTWARE": Access is denied.
2005-01-23, 17:27:12, An error occurred while scanning file "C:\WINDOWS\system32\config\software.LOG": Access is denied.
2005-01-23, 17:27:12, An error occurred while scanning file "C:\WINDOWS\system32\config\SYSTEM": Access is denied.
2005-01-23, 17:27:12, An error occurred while scanning file "C:\WINDOWS\system32\config\system.LOG": Access is denied.
2005-01-23, 17:28:59, An error occurred while scanning file "C:\WINDOWS\Temp\ZLT03f74.TMP": Access is denied.
2005-01-23, 17:29:06, Running scanner "C:\Program Files\internet security suite\sysclean\VSCANTM.BIN"...
2005-01-23, 18:20:45, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/23/2005 17:29:10
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 365 (86521 Patterns) (2005/01/21) (236500)
Command Line: C:\Program Files\internet security suite\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Program Files\internet security suite\sysclean

C:\WINDOWS\system32\ms0b920b.dll [TROJ_HOLAX.A]
56274 files have been read.
56274 files have been checked.
41219 files have been scanned.
224346 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/23/2005 18:20:45
---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-23, 18:20:45, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/23/2005 17:29:09
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 365 (86521 Patterns) (2005/01/21) (236500)
Command Line: C:\Program Files\internet security suite\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Program Files\internet security suite\sysclean

Success Clean [ TROJ_HOLAX.A]( 1) from C:\WINDOWS\system32\ms0b920b.dll
56274 files have been read.
56274 files have been checked.
41219 files have been scanned.
224346 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/23/2005 18:20:45 51 minutes 34 seconds (3094.05 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-23, 18:20:45, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/23/2005 17:29:09
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 365 (86521 Patterns) (2005/01/21) (236500)
Command Line: C:\Program Files\internet security suite\sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Program Files\internet security suite\sysclean

56274 files have been read.
56274 files have been checked.
41219 files have been scanned.
224346 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/23/2005 18:20:45 51 minutes 34 seconds (3094.05 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2005-01-23, 18:20:45, Scanner "C:\Program Files\internet security suite\sysclean\VSCANTM.BIN" has finished running.



I'm still worried about restoring the missing bits of the affected startups now that the ms0b920b has been deleted. If I shut down my computer now will it all go pear shaped on reboot?... I'm scared...

Go raibh maith agat, dudes

Now that it's gone I think your only option is to go ahead and clean out the prefetch folder and to also do the following;

Clear out your Temporary internet files and other temp files.
Go to Start > Settings > Control Panel >Internet Options.
Under the General tab click the Delete temporary internet files,
delete all Offline content as well. Clear out Cookies.

Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all -> File > delete.

Empty/delete the entire contents of the C:\Windows\temp folder and C:\temp folder, if you have one. (Contents but not the folder itself.)

This one too if Win2K or XP.
C:\Documents and Settings\username\Local Settings\Temp\

In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to here.

Empty the Recycle Bin.

Which components do you believe to be missing?
I'm off to work now so will have to reply later in the day, unless one of our other members chips in .

Ay up Crunchie and Caperjack and any other of you public spirited nutters!

Before your last post I got very worried about simply removing the ms0b929b.dll with the antivirus... so I did a system restore to before what I did in post 12. Don't freak out! (well not yet anyway)

I checked out Caperjack's link to doxdesk and this is what got me worried, so I followed these instructions...

This hasn't presented any problems yet but I know that some of my start up programs have been altered. Mesenger still asks for access to the internet along with IE (even though I only use Firefox) and Norton Integrator. I don't know which of them to trust so I'm denying them all...

Am I going to have to uninstall and reinstall evrything on the start up list?

Go raibh maith agat! Slan!

Oh Pants!

I just reresd the bit about not doing a system restore before removing the other viruses in post 3 ...

Lads... sorry... It's late and I've spent too long trying to work this out my brains are small and smelly. I'm not gonna touch a thing till I hear from ye again..

Slan!

How about doing a restore back to a time that you consider to be when your PC was doing well? But not too far that you lose any information or programs that you may need.
Then hit msconfig for a normal startup, reboot and post another log .

This is very effective:
Run msconfig;
uncheck all the startup items
uncheck all the services
Restart
Run your anti virus software. The torjan will get defeated.
(You cant delete the torjan since it is running.)
run msconfig again and check the startup and service items which you require.

Ive never tried that ,if you do uncheck all those things how do you get to you desktop if you disable all startups and processes !

I wouldn't advise it myself. Though I have never actually tried it, or heard of it being tried.
If you can locate those files geezer, then delete them.
Me off to bed now. Back up and at it in another 7 hours .

I'm on my lunch at the minute so I can't really do much... Any way the jury seems to be out on how to get rid of this beastie...

I can't be the only one to get it can I? Can I? Please tell me I'm not the only one
:cry:

Every time I think I'm doing some thing smart, I out-stupid myself...

I'll delete all the files in the eScan log. I hope I haven't banjaxed everything by doing a system restore when some of the system restore files are infected...

G'night Crunchie. Sweet dreams... Do you guys see HJT logs when you're drifting off to sleep?

Go raibh maith agat agus slan!