Originally Posted by mcfox

Nope. Changing IP address won't make any difference.

I completely understand your reluctance to go for the reformat option. It isn't pretty when you have an enormous amount of data.

The examples I gave aren't horror stories by any means. They happen all the time, usually to people who are willing to download and run stuff that is from a dubious sources. It's the easiest way to infect a computer. Bait someone with an enticing morsel such as a game in your case, a music file, 'free' expensive software that has been cracked, a keygen, serials database or crack files for popular paid software; the list is endless.

The infected machine then starts scanning for vulnerable machines and if it finds any, will attempt to infect them. That's how zombie-pc networks are created.

I'm not having a dig at you for downloading the game, simply explaining how the general process works. It may be that you captured the nasty stuff before it could do much and you have managed to eradicate everything by editing the registry and taking care of the dll's.

Other than going for a 'clean machine', all you can do is keep an eye on your system for any strange behaviour, unexpected slow-downs or other tell-tale signals.

I didn't take you post in any negative way, all of what your saying I do know to be true. I also don't dl a lot of free software (very little in fact) but I got bitten from an unlikely source, usually this place is pretty clean and I'm still amazed a file like that even existed in their db.

I once went through 2 weeks of re-formatt/re-install due to a nasty virus hidden in an unlikely source that wouldn't initiate until I launched the program. I do know what it's like to be hit hard as I lost tons of data in the process, it sucked. I ended up re-installing the OS 4 times over two drives because I kept transferring the virus from one drive to the next without knowing it. BTW, all scans (home and online) produced no virus in the infected file (how do you like that?).

I never did fully recover from that nightmare so the moment I got anything funny on my system I took care of it right away. I feel very confident that it's gone but I'm not really taking any chances at the moment. I actually have been sleeping in the living room because when my hard drives start spinning they wake me up (believe it or not). I've enabled, disabled and changed times for my daily virus check just to ensure the disk starts spinning when it's supposed to and at no other time. I also have a software firewall, a hardware firewall and disabled active X.

Whenever I get hit with something such as this (which is very rarely) I do keep an eye on my rig. I do get spyware because my buddies always give me links to everything and I sometimes click, sometimes don't. I also do a lot of surfing online and end up on sites with all kinds of "less than professional" advertising techniques. Just take a look at many of the gaming sites, browse 10 of them and you'll get 5 instances of spyware, it's a joke. This has become common place for me and I'm used to dealing with it.

Man, I've been there too. Stuck between a rock and a hard place. Usually takes me a week to get up and running if I do a reformat of the HD.

If you know your system inside and out; msconfig, the registry, running processes, etc., then you can monitor any changes by checking them manually. If something mysteriously appears you pick it up right away and can purge it from your system. Sounds as if you are pretty much on top of that although you can never have too many resources, right?
Try here for a comprehensive listing of processes running under windows: http://www.processlibrary.com/

I'm guessing you already have Adaware and Spybot Search & Destroy already on your system. If you don't, then you should probably give them a whirl.

Am I correct in thinking you are using Internet Explorer for general surfing? Not usually a great idea except on completely trusted sites.

Have you tried Firefox? It rocks. The tabbed browsing is brilliant and something you never want to let go of once you have it, plus there are loads of extensions you can add to increase functionality.

Again I have to thank you for your help in this matter, it's been really great!

I do have Spybot, Ad-Aware, and Spyware Blaster. The three most used Run files for me are msconfig, regedit and cmd, it's like that for a reason. If I have spyware that poses a severe threat, I'll likely check out the registry at that location just to see what it is I'm dealing with. It also helps should I run into another file similar to the malicious one in my registry.

I Ctrl+Alt+Delete quite often as I do game and like to make sure there's a minimum of Ken processes running. In the few cases that I see background apps that I don't recognize, I hunt them down and nuke them. At any time I do have a minimum of 21 processes running but ATI uses a few of them as does Creative for my Audigy 2 and LWEMon.exe for my Logitech gaming devices.

I do have Firefox but I'm not the biggest of fans of the software. I usually use it for downloading files because it's more dependable than IE for some reason but I'm not a big fan of how long it can take to load images on pages that I've already visited that, I believe, should already be in it's cache. I like surfing and having images, blocks, modules to load instantly (or as close as possible) and I find IE to be better at that.

Maybe I'll spend a bit more time with Firefox and see if it grows on me. I do also have the latest version, I upgraded late last week I think.

Thanks again.