I have had a few problems with my keyboard which i managed to solve:
http://www.pcguide.com/vb/showthread.php?p=333525#post333525

However I am afraid my computer security is compromised, firstly because that worm got in and secondly because of the black screen after desktop loads. I have NOD32 and sygate firewall and i thought it was enough. What should I do to make sure everything is in order?

I see that you already posted a HJT log in the previous thread and there does not appear to be an infection there, but there are other scans you can run to get a better idea.... Try these:

* Click here (http://support.f-secure.com/enu/home/ols.shtml) to use the F-Secure Online Scanner
Then click the Start Scanning button below.
You should get a notification (bar on top) to install the activeX. Click on it and select to install the ActiveX.
Once the ActiveX is installed, you should accept the License terms by clicking OK below to start the scan.
In case you are having problems with installing the ActiveX/starting the scan, please read here (http://support.f-secure.com/enu/home/ols-faq.shtml).
Click the Full System Scan button.
It will start to download scanner components and databases. This can take a while.
The main scan will start.
Once the scan finished scanning, click the Automatic cleaning (recommended) button
It could be possible that your firewall gives an alert - allow it, because that's a connection you establish to submit infected files to F-Secure.
The cleaning can take a while, so please be patient.
Then click the Show report button and copy and paste what's present under results in your next reply.


And AVG AntiSpyware (Ewido)...

Please download, install, and update Ewido anti-spyware (http://www.ewido.net/en/download/)



Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.

After the update finishes (the status bar at the bottom will display "Update successful")

Close ewido. Do not run it yet.


Please reboot your computer into Safe Mode. To boot into Safe Mode, please restart your computer. Tap F8 before Windows loads. Select Safe Mode on the screen that appears.


In Safe Mode, load Ewido and click on the Scanner tab at the top. Click the "Settings" tab and then change the recommended action to Quarantine and click Automatically generate report after every scan. Click back to the "Scan" tab and then click on Complete System Scan. This scan can take quite a while to run, so be prepared.

Ewido will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.

Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).

Restart back into Normal Mode.


Please post back with a copy of the Ewido log and the F-Secure log.

F-Secure report

Result: 3 malware found
Tracking Cookie (spyware)

* System (Disinfected)
* System
* System

Ewido Report (sorry for it being in portuguese)

---------------------------------------------------------
AVG Anti-Spyware - Relatório de verificação
---------------------------------------------------------

+ Criação: 16:08:25 19-02-2007

+ Resultado da verificação:



:mozilla.185:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Adbrite : Limpo.
:mozilla.186:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Adbrite : Limpo.
:mozilla.187:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Adbrite : Limpo.
C:\Documents and Settings\luis\Cookies\luis@adbrite[2].txt -> TrackingCookie.Adbrite : Limpo.
:mozilla.52:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Atdmt : Limpo.
:mozilla.378:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Clickbank : Limpo.
:mozilla.287:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Clickhype : Limpo.
:mozilla.288:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Clickhype : Limpo.
C:\Documents and Settings\luis\Cookies\luis@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Limpo.
:mozilla.68:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Euroclick : Limpo.
:mozilla.69:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Euroclick : Limpo.
:mozilla.70:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Euroclick : Limpo.
:mozilla.71:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Euroclick : Limpo.
:mozilla.78:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Falkag : Limpo.
:mozilla.79:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Falkag : Limpo.
:mozilla.80:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Falkag : Limpo.
:mozilla.81:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Falkag : Limpo.
:mozilla.82:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Falkag : Limpo.
:mozilla.17:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Fastclick : Limpo.
:mozilla.18:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Fastclick : Limpo.
:mozilla.230:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Gamershell : Limpo.
:mozilla.231:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Gamershell : Limpo.
:mozilla.232:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Gamershell : Limpo.
:mozilla.233:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Gamershell : Limpo.
:mozilla.234:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Gamershell : Limpo.
:mozilla.235:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Gamershell : Limpo.
:mozilla.236:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Gamershell : Limpo.
:mozilla.237:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Gamershell : Limpo.
:mozilla.121:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Googleadservices : Limpo.
:mozilla.13:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Googleadservices : Limpo.
:mozilla.178:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Googleadservices : Limpo.
:mozilla.270:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Googleadservices : Limpo.
:mozilla.303:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Googleadservices : Limpo.
:mozilla.83:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Hitbox : Limpo.
:mozilla.84:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Hitbox : Limpo.
:mozilla.85:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Hitbox : Limpo.
:mozilla.216:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Information : Limpo.
:mozilla.521:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Masterstats : Limpo.
:mozilla.72:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Smartadserver : Limpo.
:mozilla.73:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Smartadserver : Limpo.
:mozilla.74:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Smartadserver : Limpo.
:mozilla.255:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Tacoda : Limpo.
:mozilla.256:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Tacoda : Limpo.
:mozilla.16:C:\Documents and Settings\NetworkService\Application Data\Mozilla\Firefox\Profiles\w8kosuj4.default\coo kies.txt -> TrackingCookie.Tribalfusion : Limpo.
:mozilla.361:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Web-stat : Limpo.
:mozilla.362:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Web-stat : Limpo.
:mozilla.50:C:\Documents and Settings\luis\Application Data\Mozilla\Firefox\Profiles\3siedobs.default\coo kies.txt -> TrackingCookie.Webtrendslive : Limpo.
C:\Documents and Settings\luis\Ambiente de trabalho\DLs\Sygate Personal Firewall v5.6.3408 + Keygen.ROR\pspfb3408_Debug.exe/UD.exe -> Trojan.Pakes : Limpo com backup (em quarentena).
C:\System Volume Information\_restore{C078142B-90C4-4B47-ADDE-1A33EC50A28D}\RP174\A0056912.exe -> Trojan.Pakes : Limpo com backup (em quarentena).
C:\WINDOWS\system32\dl32_exe.vir -> Trojan.Pakes : Limpo com backup (em quarentena).


::Fim do relatório

How is your system running?? Are you having any problems that might indicate a continuing infection?? We can do more scans if needed, but it may already be clean...

I still have the black screen after the desktop loads for the first time in the day (now it happens the two first times meaning i have to reset twice). Could it be a graphics driver issue or maybe some software that was affected by the trojan?

I would certainly look in Device Manager to see if there are any clues about problems with the video and maybe try reinstalling the drivers... If it is a malware problem, it isn't clear what and it is not a symptom that I have heard of... If checking the drivers doesn't work, you might want to start a new thread in Multimedia...

I have reinstalled the video drivers and no results. The black screens also happen when i turn off the monitor for lets say an hour, then when i turn it back on, I see the image for like 1 second, then the screen goes black. Reset ...

1. Does it happen if you run in safe mode?
a. If no, it's only happening in Windows full mode, so it's related to the extras that run in full mode.
b. If yes, it's happening in both Windows environments, so it's fundamental to Windows.

2. Or, if yes to 1 above, if you run Knoppix from a Knoppix Linux Live CD (http://www.knoppix.org/)?
a. If yes here, it's a hardware/BIOS problem.
b. If no here, it's a Windows environment problem.

[222] Inbound DCE BIND to potentially vulnerable RPC DCOM interface attempt detected

I get this on my firewall, what does it mean?

No idea, but if you are really curious either Google it or try the knowledge base for your firewall...