Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on! (RESOLVED)

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on! (RESOLVED)

Reply
Page 1 of 3 1 23
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #1 (permalink)  
Old 06-05-2006, 09:21 PM
Lloyd's Avatar
Junior Member
New Recruit
  
Join Date: Apr 2006
Posts: 44
Lloyd Is a beginner here at D-A-L
Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on! (RESOLVED)
Hello again,
Thank you again for helping me with my computer. But now im at my sisters computer after I told her how you helped me at my girls house, and oh boy!!!! Her's is MESSED UP!! I couldnt even get on the internet to get here without first going into safe mode and running a couple of hackthis sessions 5 to be exact, I also ran 1 kasperspy and 1 ewido. but i will list those in new post after i tell you what i did first. . And even typing this to you is still very hard because there are constant pop-ups that are hard to close down like this url right here ___http://www.ad-w-a-r-e.com/cgi-bin/PopupV2A?type=masked&region=homes/newhouseregion.rgn&flash=homes/newHouse.swf&keyword=homes___.I ran in safe mode hackthis once to see if there was anything immediately recognizable to me that i could delete. and saved 4 log files, the first one is before any changes the 2nd log is just to see what actually deleted on the 1st fix. then i saw that some that i recognized didn't delete so i checked them off again and tried to delete them and saved another log file being the 3rd. Then i tried running the smitfraud or smitrem and the atf cleaner then i ran a hijackthis to see if anything had dissapeared and saved another being the 4th, to get them, off all while in safe mode.. Now I go out of safe mode and I run ewido and tried to delete them and saved a log file of that. After which I run the kaspersky online and save that log file and a new hijackthis being the 5th hijack log so that now I can update you on whats on the computer right now, but 1st im going to post the very 1st hijackthis log to show you what i came into on this computer then i will post the rest of the log files in their chronological order so that you may best help me and everyone is able to understand what all these logs are, but here it goes the 1st hijack this:

Logfile of HijackThis v1.99.1
Scan saved at 11:12:40 AM, on 5/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Desktop\new hack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system32\nccqf.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,xwiuqkw. exe
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\system32\jkhhf.dll
O2 - BHO: RieMon Class - {70F6A776-579A-4C95-BA88-134253907752} - C:\WINDOWS\system32\irsmpqen.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB57.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [keyboard] C:\\keyboard17.exe
O4 - HKLM\..\Run: [mousepad] C:\\mousepad17.exe
O4 - HKLM\..\Run: [newname] C:\\newname17.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [sys0260036125-4] C:\WINDOWS\sys0260036125-4.exe
O4 - HKLM\..\Run: [w00d223e.dll] RUNDLL32.EXE w00d223e.dll,I2 000a3e2d000d223e
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\system32\rwinkqaf.exe FI002
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [Aqamq] C:\Program Files\Plodhv\Dlhkurz.exe
O4 - HKLM\..\Run: [pntgmc] C:\WINDOWS\system32\pntgmc.exe
O4 - HKLM\..\Run: [guarnset] C:\WINDOWS\system32\guarnset.exe
O4 - HKLM\..\Run: [dugjvc] C:\WINDOWS\system32\dugjvc.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [irssyncd] C:\WINDOWS\system32\irssyncd.exe
O4 - HKCU\..\Run: [CAS2] "C:\Program Files\System Files\System.exe"
O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\rwinkqaf.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll (file missing)
O9 - Extra button: Verizon Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sd...ad/tgctlcm.cab
O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ThereInstallHel per.2.0.2106.0.dll
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} (elitectl.DemoCtl) - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.traffic-advance.net/1054722.exe
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seek...d63afe00899bbe
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/35/...l/gtdownde.cab
O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} - http://deposito.hostance.net/dialer/3953-23.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{083C83DF-C207-41C0-A7D9-83983AE0F785}: NameServer = 85.255.116.38,85.255.112.95
O17 - HKLM\System\CCS\Services\Tcpip\..\{39EA928E-1E5F-425B-BC55-456303C67DB7}: NameServer = 85.255.116.38,85.255.112.95
O17 - HKLM\System\CCS\Services\Tcpip\..\{846C01AB-6A40-4A5E-A2BE-B10CA2D03381}: NameServer = 85.255.116.38,85.255.112.95
O17 - HKLM\System\CS1\Services\Tcpip\..\{083C83DF-C207-41C0-A7D9-83983AE0F785}: NameServer = 85.255.116.38,85.255.112.95
O17 - HKLM\System\CS2\Services\Tcpip\..\{083C83DF-C207-41C0-A7D9-83983AE0F785}: NameServer = 85.255.116.38,85.255.112.95
O17 - HKLM\System\CS3\Services\Tcpip\..\{083C83DF-C207-41C0-A7D9-83983AE0F785}: NameServer = 85.255.116.38,85.255.112.95
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: URL - C:\WINDOWS\system32\enn8l15u1.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\Q2Vl\command.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe

Thank you again for taking the time to review my problems. I appriciate very much what this site is about and what it does for us less fortunate in knowledge. And im positive my sister will be very appriciative when she 's all done with getting these viruses off her computer!
Once again thank you very much, I will now post the rest of the log files in chronological order and then tell you the last two which are the hackthis and kaspersky that are the most recent and ask you what i should do from there. Thank you....!!!
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 06-05-2006, 09:28 PM
Lloyd's Avatar
Junior Member
New Recruit
  
Join Date: Apr 2006
Posts: 44
Lloyd Is a beginner here at D-A-L
Re: HelpPlease!!!Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on!
Ok here goes Hackthis logfile 2 the clean after the first fix:

Logfile of HijackThis v1.99.1
Scan saved at 11:23:42 AM, on 5/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Desktop\new hack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system32\nccqf.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,xwiuqkw. exe
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\system32\jkhhf.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [keyboard] C:\\keyboard17.exe
O4 - HKLM\..\Run: [mousepad] C:\\mousepad17.exe
O4 - HKLM\..\Run: [newname] C:\\newname17.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [sys0260036125-4] C:\WINDOWS\sys0260036125-4.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [CAS2] "C:\Program Files\System Files\System.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O9 - Extra button: Verizon Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sd...ad/tgctlcm.cab
O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ThereInstallHel per.2.0.2106.0.dll
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: URL - C:\WINDOWS\system32\enn8l15u1.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\Q2Vl\command.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe

and the next after i noticed that it didn't delete a few things. :

Logfile of HijackThis v1.99.1
Scan saved at 11:28:29 AM, on 5/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\Administrator\Desktop\new hack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\system32\jkhhf.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [keyboard] C:\\keyboard17.exe
O4 - HKLM\..\Run: [mousepad] C:\\mousepad17.exe
O4 - HKLM\..\Run: [newname] C:\\newname17.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [CAS2] "C:\Program Files\System Files\System.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O9 - Extra button: Verizon Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sd...ad/tgctlcm.cab
O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ThereInstallHel per.2.0.2106.0.dll
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: URL - C:\WINDOWS\system32\enn8l15u1.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\Q2Vl\command.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 06-05-2006, 09:36 PM
Lloyd's Avatar
Junior Member
New Recruit
  
Join Date: Apr 2006
Posts: 44
Lloyd Is a beginner here at D-A-L
Re: HelpPlease!!!Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on!
Then I ran the other programs like atf cleaner and smitfraud and smitrem and then i ran the ewido progam and saved a log file so here it goes:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:42:27 PM, 5/6/2006
+ Report-Checksum: 9E13A9EC

+ Scan result:

HKLM\SOFTWARE\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Classes\AppID\{4F5E5D72-C915-4f3b-908B-527D064B0FAA} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware\CLSID -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware\CurVer -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware.1 -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider\CLSID -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider\CurVer -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider.1 -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog\CLSID -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog\CurVer -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog.1 -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC} -> Adware.Generic : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{6001CDF7-6F45-471b-A203-0225615E35A7} -> Adware.Generic : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{C5AF2622-8C75-4dfb-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{EF130E77-0A34-4365-BFB7-218FD3DDCD5F} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Classes\Interface\{02946FD1-2D99-46E6-A790-3A089714EDD9} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Classes\TypeLib\{7EACF70B-302F-4049-AC68-2D62EB43E473} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Netstat -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\AMeOpt -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\DyFuCA -> Adware.MoneyTree : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Optimizer -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Kapabout -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Rotue -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned without backup
HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned without backup
HKLM\SOFTWARE\SysProtect -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\webhancer -> Adware.WebHancer : Cleaned without backup
HKLM\SOFTWARE\webhancer\CC -> Adware.WebHancer : Cleaned without backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Ext\Stats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Ext\ Stats\{55BE9F0D-6CAF-4C3E-B125-5A13A8C9D0EC} -> Adware.Generic : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Ext\ Stats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Poli cies\AMeOpt -> Adware.InternetOptimizer : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\SysProtect -> Adware.SysProtect : Cleaned without backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
[1588] VM_009B0000 -> Downloader.Agent.uj : Error during cleaning
[1184] VM_003E0000 -> Downloader.Agent.uj : Error during cleaning
[1348] VM_00A70000 -> Downloader.Agent.uj : Error during cleaning
[1392] VM_00B70000 -> Downloader.Agent.uj : Error during cleaning
[1144] VM_009A0000 -> Downloader.Agent.uj : Error during cleaning
[992] VM_00BF0000 -> Downloader.Agent.uj : Error during cleaning
[2080] VM_009A0000 -> Downloader.Agent.uj : Error during cleaning
[2152] VM_003A0000 -> Downloader.Agent.uj : Error during cleaning
[2172] VM_01190000 -> Downloader.Agent.uj : Error during cleaning
[2208] C:\Program Files\outlook\outlook.exe -> Worm.VB.dw : Cleaned without backup
[2256] VM_00330000 -> Downloader.Agent.uj : Error during cleaning
[2372] C:\mousepad17.exe -> Downloader.VB.aci : Cleaned without backup
[2440] C:\Program Files\Internet Optimizer\optimize.exe -> Downloader.Dyfuca.ei : Cleaned without backup
[2484] C:\WINDOWS\SYSC00.exe -> Trojan.VB.tg : Cleaned without backup
[2520] C:\Program Files\winupdates\winupdates.exe -> Worm.VB.an : Cleaned without backup
[3004] VM_00A50000 -> Downloader.Agent.uj : Error during cleaning
[3080] VM_009B0000 -> Downloader.Agent.uj : Error during cleaning
[3368] VM_009B0000 -> Downloader.Agent.uj : Error during cleaning
C:\ac2_0003.exe -> Downloader.Small.cpu : Cleaned without backup
C:\dist13.exe -> Downloader.Agent.aaf : Cleaned without backup
C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\Cache\ 71F545FEd01 -> Trojan.Fakealert : Cleaned without backup
:mozilla.13:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.14:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.15:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.16:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Doubleclick : Cleaned without backup
:mozilla.20:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.22:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.23:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.24:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.25:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.26:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.27:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.29:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.30:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.31:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.34:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.51:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.54:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Atdmt : Cleaned without backup
:mozilla.60:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.61:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.62:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.63:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.64:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.65:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.66:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.67:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.68:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.69:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.82:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Paycounter : Cleaned without backup
:mozilla.92:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.93:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.94:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.95:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.96:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.97:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.98:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.130:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.131:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.134:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Tribalfusion : Cleaned without backup
:mozilla.143:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Cpvfeed : Cleaned without backup
:mozilla.146:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.147:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.148:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.149:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.150:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.151:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.152:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.153:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.155:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.160:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Questionmarket : Cleaned without backup
:mozilla.161:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Questionmarket : Cleaned without backup
:mozilla.162:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Bluestreak : Cleaned without backup
:mozilla.168:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Adserver : Cleaned without backup
:mozilla.169:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Adserver : Cleaned without backup
:mozilla.175:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.176:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.184:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Mediaplex : Cleaned without backup
:mozilla.189:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.190:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.191:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.192:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.193:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.194:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.198:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Valueclick : Cleaned without backup
:mozilla.199:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Valueclick : Cleaned without backup
:mozilla.200:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.201:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.206:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Com : Cleaned without backup
:mozilla.207:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Com : Cleaned without backup
:mozilla.208:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Com : Cleaned without backup
:mozilla.209:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Zedo : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@adver tising[1].txt -> TrackingCookie.Advertising : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@cpvfe ed[1].txt -> TrackingCookie.Cpvfeed : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@doubl eclick[1].txt -> TrackingCookie.Doubleclick : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@stats 1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@zedo[1].txt -> TrackingCookie.Zedo : Cleaned without backup
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112031-305.dll -> Adware.SafeSurfing : Cleaned without backup
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112032-695.dll -> Adware.Mirar : Cleaned without backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\CT9F2V8J\WinFixer2006FreeInstall[1].cab/UWFX6_0001_N69M1503NetInstaller.exe -> Trojan.Fakealert : Cleaned without backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\PX72U6MM\installerwnus[1].exe -> Downloader.Qoologic.at : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@c.goclick[1].txt -> TrackingCookie.Goclick : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@server.iad.li veperson[2].txt -> TrackingCookie.Liveperson : Cleaned without backup
C:\drsmartload1.exe -> Downloader.VB.aad : Cleaned without backup
C:\drsmartload45a.exe -> Downloader.Adload.aw : Cleaned without backup
C:\drsmartload46a.exe -> Downloader.Adload.aw : Cleaned without backup
C:\ForeThought.exe -> Adware.MDH : Cleaned without backup
C:\Installer.exe -> Adware.Look2Me : Cleaned without backup
C:\installerwnus.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\keyboard16.exe -> Downloader.VB.zg : Cleaned without backup
C:\keyboard17.exe -> Downloader.VB.aci : Cleaned without backup
C:\LottoFun.exe -> Dropper.Agent.hl : Cleaned without backup
C:\mousepad16.exe -> Trojan.VB.ali : Cleaned without backup
C:\mousepad17.exe -> Downloader.VB.aci : Cleaned without backup
C:\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Cleaned without backup
C:\newname16.exe -> Downloader.VB.vr : Cleaned without backup
C:\newname17.exe -> Downloader.VB.aci : Cleaned without backup
C:\NNSCAA638.EXE -> Adware.NewDotNet : Cleaned without backup
C:\Program Files\Cas2Stub\cas2stub.exe -> Downloader.Agent.aaf : Cleaned without backup
C:\Program Files\Internet Optimizer -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Internet Optimizer\optimize.exe -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Internet Optimizer\update -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Internet Optimizer\update\rogue.exe -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Network Monitor\netmon.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Cleaned without backup
C:\Program Files\outlook\outlook.exe -> Worm.VB.dw : Cleaned without backup
C:\Program Files\outlook\p.zip/Setup.exe -> Worm.VB.dw : Cleaned without backup
C:\Program Files\outlook\v.tmp -> Worm.VB.dw : Cleaned without backup
C:\Program Files\Plodhv\Dlhkurz.exe -> Trojan.Small.cy : Cleaned without backup
C:\Program Files\System Files\plugin.dll -> Adware.CASClient : Cleaned without backup
C:\Program Files\System Files\System.exe -> Adware.CASClient : Cleaned without backup
C:\Program Files\Windows Plus\auxe.exe -> Downloader.Small.ajc : Cleaned without backup
C:\Program Files\Windows Plus\hove.dll -> Downloader.Small.ctp : Cleaned without backup
C:\Program Files\winupdates\a.tmp -> Worm.VB.an : Cleaned without backup
C:\Program Files\winupdates\a.zip/Setup.exe -> Worm.VB.an : Cleaned without backup
C:\Program Files\winupdates\winupdates.exe -> Worm.VB.an : Cleaned without backup
C:\SS1001.exe -> Dropper.Small.qn : Cleaned without backup
C:\stub_113_4_0_4_0.exe -> Downloader.TSUpdate.o : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP24\A0006018.exe -> Adware.Trymedia : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP28\A0007279.exe -> Not-A-Virus.Downloader.Win32.DigStream : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP37\A0012161.exe -> Trojan.Fakealert : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP38\A0012513.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP42\A0014945.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP43\A0015973.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP53\A0024969.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0029238.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031217.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031241.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031242.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031243.exe -> Adware.ZenoSearch : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031244.exe -> Adware.ZenoSearch : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031247.exe -> Trojan.LowZones.am : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031295.dll -> Adware.SideFind : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031326.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031327.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031328.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033786.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033787.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033788.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033834.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033835.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033836.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033908.exe -> Adware.Trymedia : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP61\A0039870.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP61\A0040936.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP67\A0042035.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP67\A0042036.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP67\A0042037.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042296.exe -> Downloader.VB.tw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042297.exe -> Downloader.VB.tw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042298.exe -> Adware.Enbrow : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042299.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042300.dll -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042311.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042333.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042336.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042337.dll -> Adware.SideFind : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042338.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042348.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042393.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042404.exe -> Worm.VB.an : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042410.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042426.dll -> Adware.Surfside : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042427.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042445.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043436.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043455.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0044455.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0044477.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0045455.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0045470.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046461.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046475.exe -> Hijacker.VB.ij : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046476.exe -> Downloader.VB.nw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046477.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0047455.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0047460.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048462.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048478.dll -> Downloader.Small.ctp : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048479.exe -> Hijacker.Agent.gp : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048480.exe -> Downloader.Small.ajc : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0049468.exe -> Adware.Adstart : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0049471.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0050459.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051464.exe -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051465.exe -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051477.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051485.dll -> Adware.Softomate : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051486.dll -> Adware.Softomate : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051489.exe -> Adware.Surfside : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051491.exe -> Downloader.TSUpdate.n : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051492.exe -> Downloader.TSUpdate.p : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051493.exe -> Downloader.TSUpdate.l : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051494.exe -> Downloader.TSUpdate.f : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051495.dll -> Adware.TargetServer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051502.dll -> Downloader.Dyfuca.dt : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051504.exe -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051505.dll -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051506.exe -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051511.dll -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051512.dll -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051513.exe -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051514.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051518.dll -> Downloader.Dyfuca : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051519.dll -> Adware.PurityScan : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051520.exe -> Adware.PurityScan : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051521.exe -> Downloader.PurityScan.be : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051552.exe -> Worm.VB.an : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051554.exe -> Worm.VB.an : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051557.dll -> Downloader.Agent.agw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051558.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051559.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051560.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051561.dll -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051563.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051564.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051565.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051579.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051585.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051590.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051606.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051608.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051613.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051650.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051657.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051659.dll -> Adware.Mirar : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051663.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051669.dll -> Adware.Look2Me : Cleaned without backup
C:\visfx500.exe -> Dropper.Agent.aie : Cleaned without backup
C:\WHCC2.exe/whAgent.exe -> Adware.WebHancer : Cleaned without backup
C:\WINDOWS\876057.exe -> Adware.Mirar : Cleaned without backup
C:\WINDOWS\ac2_0002.exe -> Downloader.Small.cpu : Cleaned without backup
C:\WINDOWS\DH.dll -> Hijacker.Small.jf : Cleaned without backup
C:\WINDOWS\DH.dll_ -> Hijacker.Small.jf : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\1054722.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\3953-23.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\ClientAX.dll -> Adware.180Solutions : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\3953-23.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\elite.ocx -> Adware.MediaMotor : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWFX6_0001_N69M1503NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.10\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.10\USYP_0001_N76M2004NetInstaller.e xe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.11\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.11\USYP_0001_N76M2004NetInstaller.e xe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.12\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.12\USYP_0001_N76M2004NetInstaller.e xe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.13\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.14\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.15\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.16\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.17\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.18\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.19\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\3953-23.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWFX6_0001_N69M1503NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.20\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.21\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.22\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.23\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.24\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.6\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.6\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.7\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.7\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.8\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.8\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.9\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.9\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\elite.ocx -> Adware.MediaMotor : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\USYP_0001_N69M1703NetInstaller.exe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\USYP_0001_N76M2004NetInstaller.exe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N68M2301NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N69M1503NetInstaller.exe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\elitemediapop.exe -> Trojan.LowZones.am : Cleaned without backup
C:\WINDOWS\eliteunstall.exe -> Adware.EliteMedia : Cleaned without backup
C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned without backup
C:\WINDOWS\installerwnus.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\WINDOWS\keyboard15.exe -> Downloader.Adload.ay : Cleaned without backup
C:\WINDOWS\keyboard16.exe -> Downloader.VB.zg : Cleaned without backup
C:\WINDOWS\keyboard17.exe -> Downloader.VB.aci : Cleaned without backup
C:\WINDOWS\mousepad15.exe -> Hijacker.VB.mo : Cleaned without backup
C:\WINDOWS\mousepad16.exe -> Trojan.VB.ali : Cleaned without backup
C:\WINDOWS\mousepad17.exe -> Downloader.VB.aci : Cleaned without backup
C:\WINDOWS\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Cleaned without backup
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned without backup
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned without backup
C:\WINDOWS\newname15.exe -> Downloader.Adload.ay : Cleaned without backup
C:\WINDOWS\newname16.exe -> Downloader.VB.vr : Cleaned without backup
C:\WINDOWS\newname17.exe -> Downloader.VB.aci : Cleaned without backup
C:\WINDOWS\pf79.exe -> Downloader.Dyfuca.ei : Cleaned without backup
C:\WINDOWS\Q2Vl\asappsrv.dll -> Adware.CommAd : Cleaned without backup
C:\WINDOWS\Q2Vl\command.exe -> Adware.CommAd : Cleaned without backup
C:\WINDOWS\qoojfey.exe -> Hijacker.VB.ij : Cleaned without backup
C:\WINDOWS\SS1001.exe -> Dropper.Small.qn : Cleaned without backup
C:\WINDOWS\stub_113_4_0_4_0.exe -> Downloader.TSUpdate.o : Cleaned without backup
C:\WINDOWS\sys0260036125-4.exe -> Adware.Enbrow : Cleaned without backup
C:\WINDOWS\SYSC00.exe -> Trojan.VB.tg : Cleaned without backup
C:\WINDOWS\system32\ad.html -> Hijacker.Agent.e : Cleaned without backup
C:\WINDOWS\system32\aza6l7ds1.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\M3I9EVGL\AppWrap[1].exe -> Adware.AdURL : Cleaned without backup
C:\WINDOWS\system32\copbk32.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dEd8thk.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dflayx.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dugjv.dll -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dugjvc.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dugjvd.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dugjvf.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dwcpmon.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dwdsregt.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\explorer.exe -> Downloader.Small.cts : Cleaned without backup
C:\WINDOWS\system32\fplm0331e.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\hfiwyck.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hhiteaj.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hiijyba.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hjiteel.sys -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hqidyfc.vxd -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hr0605dse.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\hrifygf.dll -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\ikmpagnt.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\irismon.dll -> Adware.SafeSurfing : Cleaned without backup
C:\WINDOWS\system32\irssyncd.exe -> Adware.SafeSurfing : Cleaned without backup
C:\WINDOWS\system32\kedlt.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\kt0sl7d71.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\l2l6lc3s1f.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\lv0o09d3e.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\mv6ml9j11.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\mwinpqaf.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\nkshrui.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\nseE.dll -> Adware.EZula : Cleaned without backup
C:\WINDOWS\system32\pfofmap.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\pjdsregp.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\pntgm.dll -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\pntgmc.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\pntgmd.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\pntgmf.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\q0rqla951d.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\q4860elsehq60.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\r2p8lc7u1f.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\rwinkqaf.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\ssqpo.dll -> Adware.Virtumonde : Cleaned without backup
C:\WINDOWS\system32\s_install_ID8.exe -> Downloader.Small.aav : Cleaned without backup
C:\WINDOWS\system32\unpack.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\w00d223e.dll -> Downloader.Agent.ahv : Cleaned without backup
C:\WINDOWS\system32\w0e3bfd5.dll -> Downloader.Agent.ahv : Cleaned without backup
C:\WINDOWS\system32\weadmoe.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\WinDmy.dll -> Adware.Mirar : Cleaned without backup
C:\WINDOWS\system32\winlog.exe -> Backdoor.Rbot : Cleaned without backup
C:\WINDOWS\system32\WinNB57.dll -> Adware.Mirar : Cleaned without backup
C:\WINDOWS\temp\bw2.com -> Adware.AdURL : Cleaned without backup
C:\WINDOWS\unin101.exe -> Trojan.VB.tg : Cleaned without backup
C:\WINDOWS\uni_eh.exe -> Trojan.VB.tg : Cleaned without backup
C:\WINDOWS\unwn.exe -> Trojan.Qoologic : Cleaned without backup
C:\WINDOWS\visfx500.exe -> Dropper.Agent.aie : Cleaned without backup
C:\WINDOWS\wallpap.exe -> Hijacker.Agent.gp : Cleaned without backup
C:\WINDOWS\wnu_179.exe -> Trojan.Qoologic : Cleaned without backup
C:\WINDOWS\ZIFI002.exe -> Adware.ZenoSearch : Cleaned without backup
C:\ZICORN004.exe -> Adware.ZenoSearch : Cleaned without backup


::Report End
After which I ran the Kaspersky online and did thre reports. . the kaspersky and 2 hijackthis logs; 1 to see what was on the computer left and one right before i began to type in to so the log would be the most up to date.

So here is the Kaspersky:
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, May 06, 2006 2:00:47 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 6/05/2006
Kaspersky Anti-Virus database records: 192114
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 43029
Number of viruses found: 68
Number of infected objects: 234
Number of suspicious objects: 0
Duration of the scan process: 00:29:24

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112031-788.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112642-759.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-113055-239.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\nsw4.tmp\KillProcDLL.dll Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Documents and Settings\Administrator\mc-110-12-0000137.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.p skipped
C:\Documents and Settings\Administrator\mc-110-12-0000137.exe NSIS: infected - 1 skipped
C:\mc-110-12-0000137.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.p skipped
C:\mc-110-12-0000137.exe NSIS: infected - 1 skipped
C:\Program Files\RGB\GalleryPlayer_small.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\Program Files\Windows\WinUpdate.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Program Files\Windows\WinUpdate.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\Program Files\Windows\WinUpdate.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\Program Files\Windows\WinUpdate.exe NSIS: infected - 3 skipped
C:\sk02.exe/data0002 Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\sk02.exe NSIS: infected - 1 skipped
C:\SnowballWarsInstaller.exe/data0006 Infected: Trojan-Downloader.Win32.PurityScan.cf skipped
C:\SnowballWarsInstaller.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi/ESPNInst/WISE0010.BIN/WISE0008.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi/ESPNInst/WISE0010.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi/ESPNInst Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi Embedded: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi/ESPNInst/WISE0010.BIN/WISE0008.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi/ESPNInst/WISE0010.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi/ESPNInst Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi Embedded: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE/WISE0010.BIN/WISE0008.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE/WISE0010.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE WiseSFX: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE WiseSFX Dropper: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI/ESPNInst/WISE0010.BIN/WISE0008.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI/ESPNInst/WISE0010.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI/ESPNInst Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI Embedded: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP43\A0017002.exe/data0003 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP43\A0017002.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033810.exe/data0003 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033810.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033960.exe/data0007 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033960.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033962.exe/data0003 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033962.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042307.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042332.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042332.exe/stream Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042332.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042347.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe NSIS: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042356.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042356.exe/stream Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042356.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042392.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe NSIS: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042441.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043447.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe NSIS: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043477.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043477.exe/stream Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043477.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0044470.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0045469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046470.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0047471.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048470.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0049469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0050469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051461.exe Infected: Trojan-Downloader.Win32.Dyfuca.ez skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051462.exe Infected: Trojan-Downloader.Win32.Dyfuca.ez skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051490.exe/InpB/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051490.exe/InpB Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051490.exe CAB: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051522.exe/data0002 Infected: Trojan.Win32.Scapur.k skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051522.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051604.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051678.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051684.exe Infected: P2P-Worm.Win32.VB.dw skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051685.exe Infected: Trojan-Downloader.Win32.Dyfuca.ei skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051686.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051687.exe Infected: Worm.Win32.VB.an skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051688.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051689.exe Infected: Trojan-Downloader.Win32.Agent.aaf skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051690.dll Infected: not-a-virus:AdWare.Win32.SafeSurfing.z skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051691.dll Infected: not-a-virus:AdWare.Win32.Mirar.e skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051692.exe Infected: Trojan-Downloader.Win32.VB.aad skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051693.exe Infected: Trojan-Downloader.Win32.Adload.az skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051694.exe Infected: Trojan-Downloader.Win32.Adload.az skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051695.exe Infected: not-a-virus:AdWare.Win32.MDH.e skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051696.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051697.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051698.exe Infected: Trojan-Downloader.Win32.VB.zg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051699.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051700.exe Infected: Trojan-Dropper.Win32.Agent.hl skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051701.exe Infected: Trojan.Win32.VB.ali skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051702.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051703.exe Infected: Trojan-Downloader.Win32.VB.vr skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051704.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051705.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051706.exe Infected: Trojan-Downloader.Win32.Agent.aaf skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051707.exe Infected: Trojan.Win32.Small.cy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051708.exe Infected: Trojan.Win32.Small.cy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051709.exe Infected: not-a-virus:AdWare.Win32.CASClient.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051710.exe Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051711.dll Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051712.exe Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051713.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051714.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe RarSFX: infected - 5 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051716.exe Infected: not-a-virus:AdWare.Win32.Mirar.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051717.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051718.dll Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051719.exe Infected: Trojan.Win32.LowZones.am skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051721.exe Infected: Trojan-Downloader.Win32.Adload.ay skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051722.exe Infected: Trojan-Downloader.Win32.VB.zg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051723.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051724.exe Infected: Trojan-Clicker.Win32.VB.mo skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051725.exe Infected: Trojan.Win32.VB.ali skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051726.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051727.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051728.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051729.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051730.exe Infected: Trojan-Downloader.Win32.Adload.ay skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051731.exe Infected: Trojan-Downloader.Win32.VB.vr skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051732.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051733.exe Infected: Trojan-Downloader.Win32.Dyfuca.ei skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051734.dll Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051735.exe Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051736.exe Infected: Trojan-Clicker.Win32.VB.ij skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051737.exe Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051738.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051740.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051741.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051742.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051743.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051744.dll Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051745.exe Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051746.exe Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051747.exe Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051748.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051749.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051750.exe Infected: Trojan-Downloader.Win32.Small.cts skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051751.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051752.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051753.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051754.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051755.sys Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051756.vxd Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051757.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051758.dll Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051759.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051760.dll Infected: not-a-virus:AdWare.Win32.SafeSurfing.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051761.exe Infected: not-a-virus:AdWare.Win32.SafeSurfing.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051762.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051763.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051764.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051765.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051766.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051768.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051769.dll Infected: not-a-virus:AdWare.Win32.EZula.bn skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051770.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051771.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051772.dll Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051773.exe Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051774.exe Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051775.exe Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051776.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051777.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051778.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051780.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051781.exe Infected: Trojan-Downloader.Win32.Small.aav skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051782.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051783.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051784.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051785.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051786.dll Infected: not-a-virus:AdWare.Win32.Mirar.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051787.exe Infected: Backdoor.Win32.EggDrop.v skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051788.dll Infected: not-a-virus:AdWare.Win32.Mirar.b skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051789.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051790.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051791.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051792.exe Infected: Trojan-Clicker.Win32.Agent.gp skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051793.exe Infected: Trojan-Downloader.Win32.Qoologic.c skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051794.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051795.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051797.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051798.exe Infected: not-a-virus:Monitor.Win32.NetMon.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051799.dll Infected: not-a-virus:AdWare.Win32.CASClient.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051801.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051808.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051812.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051819.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\VSL02.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\VSL02.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\VSL02.exe NSIS: infected - 2 skipped
C:\WINDOWS\DHU.exe/data0001 Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\WINDOWS\DHU.exe NSIS: infected - 1 skipped
C:\WINDOWS\icont.exe Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\WINDOWS\justin2a.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\WINDOWS\justin2a.exe/stream Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\WINDOWS\justin2a.exe NSIS: infected - 2 skipped
C:\WINDOWS\pf78.exe/data0002 Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\WINDOWS\pf78.exe/data0003 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe/data0006 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe/data0007 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe NSIS: infected - 4 skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\M3I9EVGL\AppWrap[1].exe Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0004 Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0008 Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\WINDOWS\system32\install_id6.exe/stream Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\WINDOWS\system32\install_id6.exe NSIS: infected - 5 skipped
C:\WINDOWS\system32\jkhhf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\WINDOWS\system32\mc-110-12-0000137.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.p skipped
C:\WINDOWS\system32\mc-110-12-0000137.exe NSIS: infected - 1 skipped
C:\WINDOWS\temp\bw2.com Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\WINDOWS\WPRE.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\WINDOWS\WPRE.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\WINDOWS\WPRE.exe NSIS: infected - 2 skipped
C:\WINDOWS\YOINSI.exe/data0002 Infected: Trojan.Win32.Scapur.k skipped
C:\WINDOWS\YOINSI.exe NSIS: infected - 1 skipped

Scan process completed.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 06-05-2006, 09:37 PM
Lloyd's Avatar
Junior Member
New Recruit
  
Join Date: Apr 2006
Posts: 44
Lloyd Is a beginner here at D-A-L
Re: HelpPlease!!!Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on!
Then I ran the other programs like atf cleaner and smitfraud and smitrem and then i ran the ewido progam and saved a log file so here it goes:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:42:27 PM, 5/6/2006
+ Report-Checksum: 9E13A9EC

+ Scan result:

HKLM\SOFTWARE\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Classes\AppID\{4F5E5D72-C915-4f3b-908B-527D064B0FAA} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware\CLSID -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware\CurVer -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware.1 -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider\CLSID -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider\CurVer -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider.1 -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog\CLSID -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog\CurVer -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog.1 -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC} -> Adware.Generic : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{6001CDF7-6F45-471b-A203-0225615E35A7} -> Adware.Generic : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{C5AF2622-8C75-4dfb-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{EF130E77-0A34-4365-BFB7-218FD3DDCD5F} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Classes\Interface\{02946FD1-2D99-46E6-A790-3A089714EDD9} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Classes\TypeLib\{7EACF70B-302F-4049-AC68-2D62EB43E473} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Netstat -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\AMeOpt -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\DyFuCA -> Adware.MoneyTree : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Optimizer -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Kapabout -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Rotue -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned without backup
HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned without backup
HKLM\SOFTWARE\SysProtect -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\webhancer -> Adware.WebHancer : Cleaned without backup
HKLM\SOFTWARE\webhancer\CC -> Adware.WebHancer : Cleaned without backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Ext\Stats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Ext\ Stats\{55BE9F0D-6CAF-4C3E-B125-5A13A8C9D0EC} -> Adware.Generic : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Ext\ Stats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Poli cies\AMeOpt -> Adware.InternetOptimizer : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\SysProtect -> Adware.SysProtect : Cleaned without backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
[1588] VM_009B0000 -> Downloader.Agent.uj : Error during cleaning
[1184] VM_003E0000 -> Downloader.Agent.uj : Error during cleaning
[1348] VM_00A70000 -> Downloader.Agent.uj : Error during cleaning
[1392] VM_00B70000 -> Downloader.Agent.uj : Error during cleaning
[1144] VM_009A0000 -> Downloader.Agent.uj : Error during cleaning
[992] VM_00BF0000 -> Downloader.Agent.uj : Error during cleaning
[2080] VM_009A0000 -> Downloader.Agent.uj : Error during cleaning
[2152] VM_003A0000 -> Downloader.Agent.uj : Error during cleaning
[2172] VM_01190000 -> Downloader.Agent.uj : Error during cleaning
[2208] C:\Program Files\outlook\outlook.exe -> Worm.VB.dw : Cleaned without backup
[2256] VM_00330000 -> Downloader.Agent.uj : Error during cleaning
[2372] C:\mousepad17.exe -> Downloader.VB.aci : Cleaned without backup
[2440] C:\Program Files\Internet Optimizer\optimize.exe -> Downloader.Dyfuca.ei : Cleaned without backup
[2484] C:\WINDOWS\SYSC00.exe -> Trojan.VB.tg : Cleaned without backup
[2520] C:\Program Files\winupdates\winupdates.exe -> Worm.VB.an : Cleaned without backup
[3004] VM_00A50000 -> Downloader.Agent.uj : Error during cleaning
[3080] VM_009B0000 -> Downloader.Agent.uj : Error during cleaning
[3368] VM_009B0000 -> Downloader.Agent.uj : Error during cleaning
C:\ac2_0003.exe -> Downloader.Small.cpu : Cleaned without backup
C:\dist13.exe -> Downloader.Agent.aaf : Cleaned without backup
C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\Cache\ 71F545FEd01 -> Trojan.Fakealert : Cleaned without backup
:mozilla.13:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.14:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.15:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.16:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Doubleclick : Cleaned without backup
:mozilla.20:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.22:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.23:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.24:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.25:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.26:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.27:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.29:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.30:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.31:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.34:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.51:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.54:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Atdmt : Cleaned without backup
:mozilla.60:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.61:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.62:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.63:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.64:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.65:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.66:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.67:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.68:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.69:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.82:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Paycounter : Cleaned without backup
:mozilla.92:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.93:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.94:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.95:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.96:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.97:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.98:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.130:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.131:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.134:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Tribalfusion : Cleaned without backup
:mozilla.143:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Cpvfeed : Cleaned without backup
:mozilla.146:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.147:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.148:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.149:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.150:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.151:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.152:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.153:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.155:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.160:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Questionmarket : Cleaned without backup
:mozilla.161:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Questionmarket : Cleaned without backup
:mozilla.162:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Bluestreak : Cleaned without backup
:mozilla.168:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Adserver : Cleaned without backup
:mozilla.169:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Adserver : Cleaned without backup
:mozilla.175:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.176:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.184:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Mediaplex : Cleaned without backup
:mozilla.189:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.190:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.191:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.192:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.193:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.194:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.198:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Valueclick : Cleaned without backup
:mozilla.199:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Valueclick : Cleaned without backup
:mozilla.200:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.201:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.206:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Com : Cleaned without backup
:mozilla.207:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Com : Cleaned without backup
:mozilla.208:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Com : Cleaned without backup
:mozilla.209:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Zedo : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@adver tising[1].txt -> TrackingCookie.Advertising : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@cpvfe ed[1].txt -> TrackingCookie.Cpvfeed : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@doubl eclick[1].txt -> TrackingCookie.Doubleclick : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@stats 1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@zedo[1].txt -> TrackingCookie.Zedo : Cleaned without backup
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112031-305.dll -> Adware.SafeSurfing : Cleaned without backup
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112032-695.dll -> Adware.Mirar : Cleaned without backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\CT9F2V8J\WinFixer2006FreeInstall[1].cab/UWFX6_0001_N69M1503NetInstaller.exe -> Trojan.Fakealert : Cleaned without backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\PX72U6MM\installerwnus[1].exe -> Downloader.Qoologic.at : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@c.goclick[1].txt -> TrackingCookie.Goclick : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@server.iad.li veperson[2].txt -> TrackingCookie.Liveperson : Cleaned without backup
C:\drsmartload1.exe -> Downloader.VB.aad : Cleaned without backup
C:\drsmartload45a.exe -> Downloader.Adload.aw : Cleaned without backup
C:\drsmartload46a.exe -> Downloader.Adload.aw : Cleaned without backup
C:\ForeThought.exe -> Adware.MDH : Cleaned without backup
C:\Installer.exe -> Adware.Look2Me : Cleaned without backup
C:\installerwnus.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\keyboard16.exe -> Downloader.VB.zg : Cleaned without backup
C:\keyboard17.exe -> Downloader.VB.aci : Cleaned without backup
C:\LottoFun.exe -> Dropper.Agent.hl : Cleaned without backup
C:\mousepad16.exe -> Trojan.VB.ali : Cleaned without backup
C:\mousepad17.exe -> Downloader.VB.aci : Cleaned without backup
C:\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Cleaned without backup
C:\newname16.exe -> Downloader.VB.vr : Cleaned without backup
C:\newname17.exe -> Downloader.VB.aci : Cleaned without backup
C:\NNSCAA638.EXE -> Adware.NewDotNet : Cleaned without backup
C:\Program Files\Cas2Stub\cas2stub.exe -> Downloader.Agent.aaf : Cleaned without backup
C:\Program Files\Internet Optimizer -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Internet Optimizer\optimize.exe -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Internet Optimizer\update -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Internet Optimizer\update\rogue.exe -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Network Monitor\netmon.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Cleaned without backup
C:\Program Files\outlook\outlook.exe -> Worm.VB.dw : Cleaned without backup
C:\Program Files\outlook\p.zip/Setup.exe -> Worm.VB.dw : Cleaned without backup
C:\Program Files\outlook\v.tmp -> Worm.VB.dw : Cleaned without backup
C:\Program Files\Plodhv\Dlhkurz.exe -> Trojan.Small.cy : Cleaned without backup
C:\Program Files\System Files\plugin.dll -> Adware.CASClient : Cleaned without backup
C:\Program Files\System Files\System.exe -> Adware.CASClient : Cleaned without backup
C:\Program Files\Windows Plus\auxe.exe -> Downloader.Small.ajc : Cleaned without backup
C:\Program Files\Windows Plus\hove.dll -> Downloader.Small.ctp : Cleaned without backup
C:\Program Files\winupdates\a.tmp -> Worm.VB.an : Cleaned without backup
C:\Program Files\winupdates\a.zip/Setup.exe -> Worm.VB.an : Cleaned without backup
C:\Program Files\winupdates\winupdates.exe -> Worm.VB.an : Cleaned without backup
C:\SS1001.exe -> Dropper.Small.qn : Cleaned without backup
C:\stub_113_4_0_4_0.exe -> Downloader.TSUpdate.o : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP24\A0006018.exe -> Adware.Trymedia : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP28\A0007279.exe -> Not-A-Virus.Downloader.Win32.DigStream : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP37\A0012161.exe -> Trojan.Fakealert : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP38\A0012513.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP42\A0014945.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP43\A0015973.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP53\A0024969.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0029238.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031217.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031241.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031242.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031243.exe -> Adware.ZenoSearch : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031244.exe -> Adware.ZenoSearch : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031247.exe -> Trojan.LowZones.am : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031295.dll -> Adware.SideFind : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031326.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031327.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031328.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033786.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033787.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033788.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033834.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033835.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033836.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033908.exe -> Adware.Trymedia : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP61\A0039870.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP61\A0040936.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP67\A0042035.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP67\A0042036.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP67\A0042037.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042296.exe -> Downloader.VB.tw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042297.exe -> Downloader.VB.tw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042298.exe -> Adware.Enbrow : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042299.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042300.dll -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042311.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042333.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042336.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042337.dll -> Adware.SideFind : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042338.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042348.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042393.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042404.exe -> Worm.VB.an : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042410.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042426.dll -> Adware.Surfside : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042427.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042445.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043436.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043455.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0044455.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0044477.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0045455.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0045470.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046461.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046475.exe -> Hijacker.VB.ij : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046476.exe -> Downloader.VB.nw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046477.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0047455.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0047460.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048462.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048478.dll -> Downloader.Small.ctp : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048479.exe -> Hijacker.Agent.gp : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048480.exe -> Downloader.Small.ajc : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0049468.exe -> Adware.Adstart : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0049471.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0050459.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051464.exe -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051465.exe -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051477.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051485.dll -> Adware.Softomate : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051486.dll -> Adware.Softomate : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051489.exe -> Adware.Surfside : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051491.exe -> Downloader.TSUpdate.n : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051492.exe -> Downloader.TSUpdate.p : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051493.exe -> Downloader.TSUpdate.l : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051494.exe -> Downloader.TSUpdate.f : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051495.dll -> Adware.TargetServer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051502.dll -> Downloader.Dyfuca.dt : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051504.exe -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051505.dll -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051506.exe -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051511.dll -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051512.dll -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051513.exe -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051514.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051518.dll -> Downloader.Dyfuca : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051519.dll -> Adware.PurityScan : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051520.exe -> Adware.PurityScan : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051521.exe -> Downloader.PurityScan.be : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051552.exe -> Worm.VB.an : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051554.exe -> Worm.VB.an : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051557.dll -> Downloader.Agent.agw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051558.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051559.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051560.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051561.dll -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051563.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051564.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051565.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051579.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051585.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051590.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051606.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051608.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051613.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051650.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051657.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051659.dll -> Adware.Mirar : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051663.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051669.dll -> Adware.Look2Me : Cleaned without backup
C:\visfx500.exe -> Dropper.Agent.aie : Cleaned without backup
C:\WHCC2.exe/whAgent.exe -> Adware.WebHancer : Cleaned without backup
C:\WINDOWS\876057.exe -> Adware.Mirar : Cleaned without backup
C:\WINDOWS\ac2_0002.exe -> Downloader.Small.cpu : Cleaned without backup
C:\WINDOWS\DH.dll -> Hijacker.Small.jf : Cleaned without backup
C:\WINDOWS\DH.dll_ -> Hijacker.Small.jf : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\1054722.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\3953-23.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\ClientAX.dll -> Adware.180Solutions : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\3953-23.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\elite.ocx -> Adware.MediaMotor : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWFX6_0001_N69M1503NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.10\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.10\USYP_0001_N76M2004NetInstaller.e xe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.11\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.11\USYP_0001_N76M2004NetInstaller.e xe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.12\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.12\USYP_0001_N76M2004NetInstaller.e xe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.13\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.14\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.15\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.16\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.17\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.18\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.19\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\3953-23.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWFX6_0001_N69M1503NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.20\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.21\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.22\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.23\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.24\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.6\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.6\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.7\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.7\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.8\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.8\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.9\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.9\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\elite.ocx -> Adware.MediaMotor : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\USYP_0001_N69M1703NetInstaller.exe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\USYP_0001_N76M2004NetInstaller.exe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N68M2301NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N69M1503NetInstaller.exe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\elitemediapop.exe -> Trojan.LowZones.am : Cleaned without backup
C:\WINDOWS\eliteunstall.exe -> Adware.EliteMedia : Cleaned without backup
C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned without backup
C:\WINDOWS\installerwnus.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\WINDOWS\keyboard15.exe -> Downloader.Adload.ay : Cleaned without backup
C:\WINDOWS\keyboard16.exe -> Downloader.VB.zg : Cleaned without backup
C:\WINDOWS\keyboard17.exe -> Downloader.VB.aci : Cleaned without backup
C:\WINDOWS\mousepad15.exe -> Hijacker.VB.mo : Cleaned without backup
C:\WINDOWS\mousepad16.exe -> Trojan.VB.ali : Cleaned without backup
C:\WINDOWS\mousepad17.exe -> Downloader.VB.aci : Cleaned without backup
C:\WINDOWS\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Cleaned without backup
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned without backup
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned without backup
C:\WINDOWS\newname15.exe -> Downloader.Adload.ay : Cleaned without backup
C:\WINDOWS\newname16.exe -> Downloader.VB.vr : Cleaned without backup
C:\WINDOWS\newname17.exe -> Downloader.VB.aci : Cleaned without backup
C:\WINDOWS\pf79.exe -> Downloader.Dyfuca.ei : Cleaned without backup
C:\WINDOWS\Q2Vl\asappsrv.dll -> Adware.CommAd : Cleaned without backup
C:\WINDOWS\Q2Vl\command.exe -> Adware.CommAd : Cleaned without backup
C:\WINDOWS\qoojfey.exe -> Hijacker.VB.ij : Cleaned without backup
C:\WINDOWS\SS1001.exe -> Dropper.Small.qn : Cleaned without backup
C:\WINDOWS\stub_113_4_0_4_0.exe -> Downloader.TSUpdate.o : Cleaned without backup
C:\WINDOWS\sys0260036125-4.exe -> Adware.Enbrow : Cleaned without backup
C:\WINDOWS\SYSC00.exe -> Trojan.VB.tg : Cleaned without backup
C:\WINDOWS\system32\ad.html -> Hijacker.Agent.e : Cleaned without backup
C:\WINDOWS\system32\aza6l7ds1.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\M3I9EVGL\AppWrap[1].exe -> Adware.AdURL : Cleaned without backup
C:\WINDOWS\system32\copbk32.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dEd8thk.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dflayx.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dugjv.dll -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dugjvc.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dugjvd.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dugjvf.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dwcpmon.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dwdsregt.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\explorer.exe -> Downloader.Small.cts : Cleaned without backup
C:\WINDOWS\system32\fplm0331e.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\hfiwyck.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hhiteaj.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hiijyba.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hjiteel.sys -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hqidyfc.vxd -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hr0605dse.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\hrifygf.dll -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\ikmpagnt.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\irismon.dll -> Adware.SafeSurfing : Cleaned without backup
C:\WINDOWS\system32\irssyncd.exe -> Adware.SafeSurfing : Cleaned without backup
C:\WINDOWS\system32\kedlt.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\kt0sl7d71.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\l2l6lc3s1f.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\lv0o09d3e.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\mv6ml9j11.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\mwinpqaf.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\nkshrui.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\nseE.dll -> Adware.EZula : Cleaned without backup
C:\WINDOWS\system32\pfofmap.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\pjdsregp.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\pntgm.dll -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\pntgmc.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\pntgmd.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\pntgmf.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\q0rqla951d.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\q4860elsehq60.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\r2p8lc7u1f.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\rwinkqaf.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\ssqpo.dll -> Adware.Virtumonde : Cleaned without backup
C:\WINDOWS\system32\s_install_ID8.exe -> Downloader.Small.aav : Cleaned without backup
C:\WINDOWS\system32\unpack.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\w00d223e.dll -> Downloader.Agent.ahv : Cleaned without backup
C:\WINDOWS\system32\w0e3bfd5.dll -> Downloader.Agent.ahv : Cleaned without backup
C:\WINDOWS\system32\weadmoe.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\WinDmy.dll -> Adware.Mirar : Cleaned without backup
C:\WINDOWS\system32\winlog.exe -> Backdoor.Rbot : Cleaned without backup
C:\WINDOWS\system32\WinNB57.dll -> Adware.Mirar : Cleaned without backup
C:\WINDOWS\temp\bw2.com -> Adware.AdURL : Cleaned without backup
C:\WINDOWS\unin101.exe -> Trojan.VB.tg : Cleaned without backup
C:\WINDOWS\uni_eh.exe -> Trojan.VB.tg : Cleaned without backup
C:\WINDOWS\unwn.exe -> Trojan.Qoologic : Cleaned without backup
C:\WINDOWS\visfx500.exe -> Dropper.Agent.aie : Cleaned without backup
C:\WINDOWS\wallpap.exe -> Hijacker.Agent.gp : Cleaned without backup
C:\WINDOWS\wnu_179.exe -> Trojan.Qoologic : Cleaned without backup
C:\WINDOWS\ZIFI002.exe -> Adware.ZenoSearch : Cleaned without backup
C:\ZICORN004.exe -> Adware.ZenoSearch : Cleaned without backup


::Report End
After which I ran the Kaspersky online and did thre reports. . the kaspersky and 2 hijackthis logs; 1 to see what was on the computer left and one right before i began to type in to so the log would be the most up to date.

So here is the Kaspersky:
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, May 06, 2006 2:00:47 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 6/05/2006
Kaspersky Anti-Virus database records: 192114
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 43029
Number of viruses found: 68
Number of infected objects: 234
Number of suspicious objects: 0
Duration of the scan process: 00:29:24

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112031-788.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112642-759.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-113055-239.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\nsw4.tmp\KillProcDLL.dll Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Documents and Settings\Administrator\mc-110-12-0000137.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.p skipped
C:\Documents and Settings\Administrator\mc-110-12-0000137.exe NSIS: infected - 1 skipped
C:\mc-110-12-0000137.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.p skipped
C:\mc-110-12-0000137.exe NSIS: infected - 1 skipped
C:\Program Files\RGB\GalleryPlayer_small.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\Program Files\Windows\WinUpdate.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Program Files\Windows\WinUpdate.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\Program Files\Windows\WinUpdate.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\Program Files\Windows\WinUpdate.exe NSIS: infected - 3 skipped
C:\sk02.exe/data0002 Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\sk02.exe NSIS: infected - 1 skipped
C:\SnowballWarsInstaller.exe/data0006 Infected: Trojan-Downloader.Win32.PurityScan.cf skipped
C:\SnowballWarsInstaller.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi/ESPNInst/WISE0010.BIN/WISE0008.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi/ESPNInst/WISE0010.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi/ESPNInst Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi Embedded: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi/ESPNInst/WISE0010.BIN/WISE0008.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi/ESPNInst/WISE0010.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi/ESPNInst Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi Embedded: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE/WISE0010.BIN/WISE0008.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE/WISE0010.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE WiseSFX: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE WiseSFX Dropper: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI/ESPNInst/WISE0010.BIN/WISE0008.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI/ESPNInst/WISE0010.BIN Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI/ESPNInst Infected: not-a-virusownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI Embedded: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP43\A0017002.exe/data0003 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP43\A0017002.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033810.exe/data0003 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033810.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033960.exe/data0007 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033960.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033962.exe/data0003 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033962.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042307.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042332.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042332.exe/stream Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042332.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042347.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe NSIS: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042356.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042356.exe/stream Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042356.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042392.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe NSIS: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042441.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043447.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe NSIS: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043477.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043477.exe/stream Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043477.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0044470.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0045469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046470.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0047471.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048470.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0049469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0050469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051461.exe Infected: Trojan-Downloader.Win32.Dyfuca.ez skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051462.exe Infected: Trojan-Downloader.Win32.Dyfuca.ez skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051490.exe/InpB/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051490.exe/InpB Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051490.exe CAB: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051522.exe/data0002 Infected: Trojan.Win32.Scapur.k skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051522.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051604.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051678.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051684.exe Infected: P2P-Worm.Win32.VB.dw skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051685.exe Infected: Trojan-Downloader.Win32.Dyfuca.ei skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051686.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051687.exe Infected: Worm.Win32.VB.an skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051688.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051689.exe Infected: Trojan-Downloader.Win32.Agent.aaf skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051690.dll Infected: not-a-virus:AdWare.Win32.SafeSurfing.z skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051691.dll Infected: not-a-virus:AdWare.Win32.Mirar.e skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051692.exe Infected: Trojan-Downloader.Win32.VB.aad skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051693.exe Infected: Trojan-Downloader.Win32.Adload.az skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051694.exe Infected: Trojan-Downloader.Win32.Adload.az skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051695.exe Infected: not-a-virus:AdWare.Win32.MDH.e skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051696.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051697.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051698.exe Infected: Trojan-Downloader.Win32.VB.zg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051699.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051700.exe Infected: Trojan-Dropper.Win32.Agent.hl skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051701.exe Infected: Trojan.Win32.VB.ali skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051702.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051703.exe Infected: Trojan-Downloader.Win32.VB.vr skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051704.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051705.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051706.exe Infected: Trojan-Downloader.Win32.Agent.aaf skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051707.exe Infected: Trojan.Win32.Small.cy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051708.exe Infected: Trojan.Win32.Small.cy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051709.exe Infected: not-a-virus:AdWare.Win32.CASClient.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051710.exe Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051711.dll Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051712.exe Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051713.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051714.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe RarSFX: infected - 5 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051716.exe Infected: not-a-virus:AdWare.Win32.Mirar.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051717.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051718.dll Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051719.exe Infected: Trojan.Win32.LowZones.am skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051721.exe Infected: Trojan-Downloader.Win32.Adload.ay skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051722.exe Infected: Trojan-Downloader.Win32.VB.zg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051723.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051724.exe Infected: Trojan-Clicker.Win32.VB.mo skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051725.exe Infected: Trojan.Win32.VB.ali skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051726.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051727.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051728.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051729.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051730.exe Infected: Trojan-Downloader.Win32.Adload.ay skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051731.exe Infected: Trojan-Downloader.Win32.VB.vr skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051732.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051733.exe Infected: Trojan-Downloader.Win32.Dyfuca.ei skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051734.dll Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051735.exe Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051736.exe Infected: Trojan-Clicker.Win32.VB.ij skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051737.exe Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051738.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051740.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051741.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051742.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051743.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051744.dll Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051745.exe Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051746.exe Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051747.exe Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051748.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051749.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051750.exe Infected: Trojan-Downloader.Win32.Small.cts skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051751.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051752.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051753.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051754.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051755.sys Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051756.vxd Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051757.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051758.dll Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051759.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051760.dll Infected: not-a-virus:AdWare.Win32.SafeSurfing.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051761.exe Infected: not-a-virus:AdWare.Win32.SafeSurfing.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051762.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051763.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051764.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051765.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051766.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051768.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051769.dll Infected: not-a-virus:AdWare.Win32.EZula.bn skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051770.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051771.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051772.dll Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051773.exe Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051774.exe Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051775.exe Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051776.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051777.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051778.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051780.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051781.exe Infected: Trojan-Downloader.Win32.Small.aav skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051782.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051783.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051784.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051785.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051786.dll Infected: not-a-virus:AdWare.Win32.Mirar.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051787.exe Infected: Backdoor.Win32.EggDrop.v skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051788.dll Infected: not-a-virus:AdWare.Win32.Mirar.b skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051789.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051790.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051791.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051792.exe Infected: Trojan-Clicker.Win32.Agent.gp skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051793.exe Infected: Trojan-Downloader.Win32.Qoologic.c skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051794.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051795.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051797.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051798.exe Infected: not-a-virus:Monitor.Win32.NetMon.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051799.dll Infected: not-a-virus:AdWare.Win32.CASClient.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051801.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051808.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051812.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051819.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\VSL02.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\VSL02.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\VSL02.exe NSIS: infected - 2 skipped
C:\WINDOWS\DHU.exe/data0001 Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\WINDOWS\DHU.exe NSIS: infected - 1 skipped
C:\WINDOWS\icont.exe Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\WINDOWS\justin2a.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\WINDOWS\justin2a.exe/stream Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\WINDOWS\justin2a.exe NSIS: infected - 2 skipped
C:\WINDOWS\pf78.exe/data0002 Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\WINDOWS\pf78.exe/data0003 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe/data0006 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe/data0007 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe NSIS: infected - 4 skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\M3I9EVGL\AppWrap[1].exe Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0004 Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0008 Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\WINDOWS\system32\install_id6.exe/stream Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\WINDOWS\system32\install_id6.exe NSIS: infected - 5 skipped
C:\WINDOWS\system32\jkhhf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\WINDOWS\system32\mc-110-12-0000137.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.p skipped
C:\WINDOWS\system32\mc-110-12-0000137.exe NSIS: infected - 1 skipped
C:\WINDOWS\temp\bw2.com Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\WINDOWS\WPRE.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\WINDOWS\WPRE.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\WINDOWS\WPRE.exe NSIS: infected - 2 skipped
C:\WINDOWS\YOINSI.exe/data0002 Infected: Trojan.Win32.Scapur.k skipped
C:\WINDOWS\YOINSI.exe NSIS: infected - 1 skipped

Scan process completed.
. . .
. . .
. . .
and thehackthis:

Logfile of HijackThis v1.99.1
Scan saved at 2:23:31 PM, on 5/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\NI.USYP_0001_N7 6M2004\setup.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrator\Desktop\new hack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\system32\jkhhf.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [NI.USYP_0001_N76M2004] "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USYP_0001_N76M2004NetInstaller.ex e" -nag
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O9 - Extra button: Verizon Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sd...ad/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ThereInstallHel per.2.0.2106.0.dll
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll
O20 - Winlogon Notify: MCD - C:\WINDOWS\system32\l02slaf71d2.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 06-05-2006, 09:43 PM
Lloyd's Avatar
Junior Member
New Recruit
  
Join Date: Apr 2006
Posts: 44
Lloyd Is a beginner here at D-A-L
Re: HelpPlease!!!Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on!
And now the very last updated hackthis log file. . . so now the i can ask where do i go from here? can you help this computer out or is it already to far beyond repair?.:

Logfile of HijackThis v1.99.1
Scan saved at 2:33:21 PM, on 5/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\Documents and Settings\Administrator\Desktop\new hack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\system32\jkhhf.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O9 - Extra button: Verizon Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sd...ad/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: ShellCompatibility - C:\WINDOWS\system32\l02slaf71d2.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

Thank you very much for viewing and taking the time to read this because i know it can get cumbersome and confusing with all of the log files, to me anyways. Thank you again and have a beautiful day to all.

Please let me know exactly what i should do as if i was starting all over again and didn't know how to use any of the programs so that i don't forget to turn certain things off or something small like that. Thank you once again.
Last edited by Lloyd; 06-05-2006 at 09:46 PM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 06-05-2006, 10:00 PM
VopThis's Avatar
Senior Member (Canada)
  
Join Date: Nov 2005
Posts: 3,439
VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!
Re: HelpPlease!!!Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on!
Looks fixable - it will take at least three (3) tools and possibly several other steps.







Please download the latest version of Look2Me-Remover.exe to your desktop.
http://www.atribune.org/ccount/click.php?id=7

* Close all windows before continuing.
* Double-click Look2Me-Remover.exe to run it.
* Put a check next to Run this program as a task.
* You will receive a message saying Look2Me-Remover will close and re-open in approximately 10 seconds. Click OK
* When Look2Me-Remover re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.
* Once it's done scanning, click the Remove L2M button.
* You will receive a Done Scanning message, click OK.
* When completed, you will receive this message: Done removing infected files! Look2Me-Remover will now shutdown your computer, click OK.
* Your computer will then shutdown.
* Turn your computer back on.
* Please post the contents of C:\Look2Me-Remover.txt.

If you receive a message from your firewall about this program accessing the Internet please allow it.



If you receive a runtime error '339' please download MSWINSCK.OCX from the link below and place it in your C:\Windows\System32 Directory.
http://www.ascentive.com/support/new...b/MSWINSCK.OCX






NEXT:

Please download VundoFix.exe to your desktop.

http://www.atribune.org/ccount/click.php?id=4

Double-click VundoFix.exe to run it.

Click the Scan for Vundo button.

Once it's done scanning, click the Remove Vundo button.

You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.

Please post the contents of C:\vundofix.txt and a new HiJackThis log.
__________________
Vincent P

MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis LOG __V2.0.2 _|

__
ASAP: promoting a high standard and quality of security support no matter where you seek help.

Quote:
SAFER SURFING TOOLS (IE/FF **FREE** browser addons):
Linkscanner + WOT (Web of Trust) + SiteAdvisor (suggest at least two but not necessarily all)
Quote:
Tell me and I forget; show me and I remember; involve me and I understand.
There are no foolish questions, the only thing foolish is not asking if you're unsure of something.
Never ASSUME any detail because it can make an ASS out of U and ME... (ASS/U/ME ).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 06-05-2006, 10:48 PM
Lloyd's Avatar
Junior Member
New Recruit
  
Join Date: Apr 2006
Posts: 44
Lloyd Is a beginner here at D-A-L
Re: HelpPlease!!!Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on!
Ok reading now will do. And will post results in a few.
Thanx again for being so efficient and timely.
Thank you. have a good break or rest. . .
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 06-05-2006, 11:49 PM
Lloyd's Avatar
Junior Member
New Recruit
  
Join Date: Apr 2006
Posts: 44
Lloyd Is a beginner here at D-A-L
Re: HelpPlease!!!Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on!
Ok here we go,
The Vundo then the hijack. . .:


VundoFix V4.2.73

Running as SYSTEM
from c:\windows\system32\VundoFix.exe

Checking Java version...

Java version is 1.5.0.6

Scan started at 6:17:11 PM 5/6/2006

Listing files found while scanning....

C:\WINDOWS\system32\jkhhf.dll
C:\WINDOWS\system32\fhhkj.ini
C:\WINDOWS\system32\fhhkj.bak1
C:\WINDOWS\system32\fhhkj.bak2
C:\WINDOWS\system32\fhhkj.ini2
C:\WINDOWS\system32\fhhkj.tmp

C:\WINDOWS\system32\fhhkj.bak1
C:\WINDOWS\system32\fhhkj.bak2
C:\WINDOWS\system32\fhhkj.tmp
C:\WINDOWS\system32\fhhkj.ini
C:\WINDOWS\system32\fhhkj.ini2
C:\WINDOWS\system32\jkhhf.dll
C:\WINDOWS\system32\fhhkj.ini2
C:\WINDOWS\system32\fhhkj.bak2
C:\WINDOWS\system32\fhhkj.tmp
C:\WINDOWS\system32\fhhkj.ini
C:\WINDOWS\system32\fhhkj.ini2
C:\WINDOWS\system32\jkhhf.dll
Attempting to delete C:\WINDOWS\system32\jkhhf.dll
C:\WINDOWS\system32\jkhhf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fhhkj.ini
C:\WINDOWS\system32\fhhkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\fhhkj.bak1
C:\WINDOWS\system32\fhhkj.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\fhhkj.bak2
C:\WINDOWS\system32\fhhkj.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\fhhkj.ini2
C:\WINDOWS\system32\fhhkj.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\fhhkj.tmp
C:\WINDOWS\system32\fhhkj.tmp Has been deleted!

Performing Repairs to the registry.
Done!
...
. . .
...
Logfile of HijackThis v1.99.1
Scan saved at 6:19:01 PM, on 5/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Movie Maker\WMM2FILT.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Administrator\Desktop\new hack\HijackThis.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O9 - Extra button: Verizon Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sd...ad/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe


didn't know if you wanted me to select run as task for the vundo as well but i did so let me know if that would've effected the results and i'll do it again without the run as task checked off. but it seems like all went fine.
I had opened the task manager at the start up to see if any familiar virus files were loading up and there was one thing in there(dunno if it is a virus) that i was looking at and wondered what it was, called "userinit.exe" or something similar, it dissappears shortly after. but i was wondering what it was because when the computer was acting up before i would open the task at the startup and end process on that file and the popups for sysprotection thing that installs itself wouldn't come up or at least it would delay it from coming up at the startup as it was. but when i was looking just now, i still saw that file but there was no sysprotect popup virus that came on this time yet . . . But i was just wondering what that was and how it was not letting the virus come up when i ended its process before, but its still in the task manager now, making me think that that has nothing to do with the viruses at all. Anyway if you know what that is. . . I dont know. . .


But the computer seems to be running fine for now. . . no pop-ups have come up or any self installing system protections or anything ill put in a quick post if it does.

Thank you again for all of your wonderful help.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 07-05-2006, 02:29 AM
VopThis's Avatar
Senior Member (Canada)
  
Join Date: Nov 2005
Posts: 3,439
VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!
Re: HelpPlease!!!Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on!
1. Ewido already downloaded.


2. Please download Brute Force Uninstaller to your desktop.
  • Right click the BFU folder on your desktop, and choose Extract All
  • Click "Next"
  • In the box to choose where to extract the files to,
  • Click "Browse"
  • Click on the + sign next to "My Computer"
  • Click on "Local Disk (C or whatever your primary drive is
  • Click "Make New Folder"
  • Type in BFU
  • Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".

3. RIGHT-CLICK HERE and choose "Save As" (in IE it's "Save Target As") in order to download Alcra PLUS Remover.
Save it in the same folder you made earlier (c:\BFU).

Do not do anything with these yet!

Reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping F8 until a menu appears. Highlight Safe Mode and hit enter.

4. Once in Safe Mode, Open Ewido:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido anti-malware.

5. Then, please go to Start > My Computer and navigate to the C:\BFU folder.
  • Start the Brute Force Uninstaller by doubleclicking BFU.exe
  • In the scriptline to execute field type or paste c:\bfu\alcanshorty.bfu
  • Press Execute and let it do it’s job. (You ought to see a progress bar if you did this correctly.)
  • Wait for the complete script execution box to pop up and press OK.
  • Press exit to terminate the BFU program.

Reboot into normal windows and post the contents of Ewido text report that you saved and a new HiJackThis log (after items below).




Fix the following item in HijackThis, if still present:

O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll



Delete FILE in SAFE MODE, if necessary:

C:\Program Files\System Files\plugin.dll
__________________
Vincent P

MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis LOG __V2.0.2 _|

__
ASAP: promoting a high standard and quality of security support no matter where you seek help.

Quote:
SAFER SURFING TOOLS (IE/FF **FREE** browser addons):
Linkscanner + WOT (Web of Trust) + SiteAdvisor (suggest at least two but not necessarily all)
Quote:
Tell me and I forget; show me and I remember; involve me and I understand.
There are no foolish questions, the only thing foolish is not asking if you're unsure of something.
Never ASSUME any detail because it can make an ASS out of U and ME... (ASS/U/ME ).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 07-05-2006, 04:02 AM
Lloyd's Avatar
Junior Member
New Recruit
  
Join Date: Apr 2006
Posts: 44
Lloyd Is a beginner here at D-A-L
Re: HelpPlease!!!Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on!
Ok will do. Thanx.
There hasn't been any popups and i've been sitting online for like 45min. but there was one thing that i also noticed but im not gona try doing it until right now actually, so that if it is a virus i can run these programs. but it was that i couldnt add/remove (uninstal) a program called "DH" it was just freezing up the computer. but i didn't know if it was a virus or a corrupted program. BUt im gonna try to do that now then i'll let you know what happened , then i'll run the ewido and BFU.

Thanx again
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply
Page 1 of 3 1 23

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
[Resolved]Pls help me with this hijackthis log (adware generic 4 problem) ganghao Spyware, Adware, Viruses and HijackThis Logs 11 19-05-2009 07:00 AM
hijack log / generic downloader.x problem peeeet Spyware, Adware, Viruses and HijackThis Logs 5 02-03-2009 10:01 PM
HELP!! My Pc is infected w/ adlogix browser hijacker(RESOLVED) stussyboy99 Spyware, Adware, Viruses and HijackThis Logs 27 12-06-2006 10:20 PM
Help remove Adlogix--My Hijack this Log thonee Spyware, Adware, Viruses and HijackThis Logs 7 16-05-2005 04:40 PM
Can't get rid of Adlogix Broweser Hijacker - Hijack This Log oscara Spyware, Adware, Viruses and HijackThis Logs 1 24-03-2005 04:21 PM


All times are GMT +1. The time now is 02:35 PM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav