alternate database for malicious registry keys

[DarthCrucias]

i am working on repairing my boss's son's computer, which has contracted the smitfraud virus. i have found a guide to repair it (http://www.pchell.com/support/smitfraud.shtml), so i am not asking for help repairing it. the only thing i need to know is this:

the hijackthis list of registries i acquired from the infected computer is not completely covered in the hijackthis online database. there are 5-10 registry entries that i have no information on. if anyone knows of another database i can use (perferably free) to crosscheck them, or if someone here could let me know (i will post them at the end of the post) i would be greatly appreciative. thank you all in advance for this service you provide.

O4 - HKCU\..\RunOnce: [SpybotDeletingB950] command /c del "C:\Program Files\GetPack\GetPack24.e xe"

O4 - HKCU\..\RunOnce: [SpybotDeletingD3461] cmd /c del "C:\Program Files\GetPack\GetPack24.e xe"O4 - HKCU\..\RunOnce: [SpybotDeletingB2371] command /c del "C:\Program Files\Mjcore\Mjcore.dll"

O4 - HKCU\..\RunOnce: [SpybotDeletingD5422] cmd /c del "C:\Program Files\Mjcore\Mjcore.dll"

O4 - HKCU\..\RunOnce: [SpybotDeletingB8839] command /c del "C:\Program Files\GetPack\trgtame.gz"

O4 - HKCU\..\RunOnce: [SpybotDeletingD5604] cmd /c del "C:\Program Files\GetPack\trgtame.gz"

O4 - HKCU\..\RunOnce: [SpybotDeletingB753] command /c del "C:\WINDOWS\system32\flxm ajpv.dll_old"

O4 - HKCU\..\RunOnce: [SpybotDeletingD4901] cmd /c del "C:\WINDOWS\system32\flxm ajpv.dll_old"

O20 - AppInit_DLLs: c:\windows\system32\ziluy uda.dll,c:\windows\system 32\yiyagefi.dll,c:\window s\sys tem32\pivetupa.dll,C:\WIN DOWS\system32\jatipife.dl l,c:\windows\system32\jay oriji .dll,ysjvgq.dll,erlwgk.dl l,njarsb.dll

O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - (no file)

O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - (no file)

O22 - SharedTaskScheduler: erajhsf8743kjrngjnf - {D5BF4552-94F1-42BD-F434-3604812C807D} - (no file)

[DarthCrucias]

bump..

[tetonbob]

Hi -

This is not a discussion area. This is a section for malware removal assistance.

If you're asking for our help in this section of the forum...

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a

Quote:

Having problems with spyware and pop-ups? First Steps

link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

After running through all the steps, you shall have a proper set of logs.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

[tetonbob]

Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help