Viruses, Spyware and other Nasties RSS Viruses, Spyware and other Nasties RSS

inet20099 Problem - Fixed, THANKS

Reply

Join Date: Jan 2006
Posts: 3
Reputation: Dwy3r688 is an unknown quantity at this point 
Solved Threads: 0
Dwy3r688 Dwy3r688 is offline Offline
Newbie Poster

inet20099 Problem - Fixed, THANKS

 
0
  #1
Feb 4th, 2006
the inet 20099 problem i have has been fixed, thank you to whoever helped me out. Turns out i had about 40 different trojans and worms (check out the ewido logs, its almost scary)

Here is my new HJT:

Logfile of HijackThis v1.99.1
Scan saved at 1:54:48 PM, on 2/4/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\aol\ACS\AOLacsd.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1127848208\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1127848208\ee\AOLServiceHost.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\wuauclt.exe
c:\program files\common files\aol\1127848208\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1127848208\ee\AOLServiceHost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Spyware Tools\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [ConMgr.exe] "C:\Program Files\EarthLink 5.0\conmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127848208\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) - http://esupport.aol.com/help/acp2/en...ach_core_1.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdq/downloads/sysinfo.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdq/downloads/msxml4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../Installer.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{793B2A71-4B5E-4238-B190-2E659995CB23}: NameServer = 205.188.146.145
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\aol\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\aol\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

Here is my spy sweeper log:
********
11:51 AM: | Start of Session, Saturday, February 04, 2006 |
11:51 AM: Spy Sweeper started
11:51 AM: Sweep initiated using definitions version 611
11:52 AM: Starting Memory Sweep
11:53 AM: Memory Sweep Complete, Elapsed Time: 00:01:29
11:53 AM: Starting Registry Sweep
11:53 AM: Found Adware: blazefind
11:53 AM: HKLM\software\microsoft\windows\ || infamous (ID = 104517)
11:53 AM: Found Adware: purityscan
11:53 AM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\mediaticketsinstaller.ocx (ID = 139077)
11:53 AM: Found Adware: screensavers
11:53 AM: HKCR\clsid\{722d2939-a14a-41a9-9eac-ab8f4e295819}\ (14 subtraces) (ID = 140550)
11:53 AM: HKCR\clsid\{88d758a3-d33b-45fd-91e3-67749b4057fa}\ (14 subtraces) (ID = 140551)
11:53 AM: HKCR\interface\{760aca60-79c3-4875-9d19-b14a5b3fea77}\ (8 subtraces) (ID = 140552)
11:53 AM: HKCR\interface\{883ea659-ed80-46f9-9ed2-83327f67789f}\ (8 subtraces) (ID = 140553)
11:53 AM: HKCR\interface\{b64c73d7-459e-4816-91f9-1348f8e36984}\ (8 subtraces) (ID = 140554)
11:53 AM: HKLM\software\classes\clsid\{722d2939-a14a-41a9-9eac-ab8f4e295819}\ (14 subtraces) (ID = 140555)
11:53 AM: HKLM\software\classes\clsid\{88d758a3-d33b-45fd-91e3-67749b4057fa}\ (14 subtraces) (ID = 140556)
11:53 AM: HKLM\software\classes\interface\{760aca60-79c3-4875-9d19-b14a5b3fea77}\ (8 subtraces) (ID = 140557)
11:53 AM: HKLM\software\classes\interface\{883ea659-ed80-46f9-9ed2-83327f67789f}\ (8 subtraces) (ID = 140558)
11:53 AM: HKLM\software\classes\interface\{b64c73d7-459e-4816-91f9-1348f8e36984}\ (8 subtraces) (ID = 140559)
11:53 AM: HKLM\software\classes\screensaversinstaller.installer.1\ (3 subtraces) (ID = 140560)
11:53 AM: HKLM\software\classes\screensaversinstaller.installer\ (5 subtraces) (ID = 140561)
11:53 AM: HKLM\software\classes\screensaversinstaller.sinstaller.1\ (3 subtraces) (ID = 140562)
11:53 AM: HKLM\software\classes\screensaversinstaller.sinstaller.1\clsid\ (1 subtraces) (ID = 140563)
11:53 AM: HKLM\software\classes\screensaversinstaller.sinstaller\ (5 subtraces) (ID = 140564)
11:53 AM: HKLM\software\classes\typelib\{0ab5b0d8-2b74-4c1c-8fa4-e52550b8b45b}\ (9 subtraces) (ID = 140565)
11:53 AM: HKLM\software\screensavers.com\ (14 subtraces) (ID = 140569)
11:53 AM: HKCR\screensaversinstaller.installer.1\ (3 subtraces) (ID = 140570)
11:53 AM: HKCR\screensaversinstaller.installer\ (5 subtraces) (ID = 140571)
11:53 AM: HKCR\screensaversinstaller.sinstaller.1\ (3 subtraces) (ID = 140572)
11:53 AM: HKCR\screensaversinstaller.sinstaller.1\clsid\ (1 subtraces) (ID = 140573)
11:53 AM: HKCR\screensaversinstaller.sinstaller\ (5 subtraces) (ID = 140574)
11:53 AM: HKCR\typelib\{0ab5b0d8-2b74-4c1c-8fa4-e52550b8b45b}\ (9 subtraces) (ID = 140575)
11:53 AM: Found Adware: websearch toolbar
11:53 AM: HKLM\software\microsoft\windows\currentversion\uninstall\wintools_esies\ (4 subtraces) (ID = 146511)
11:53 AM: HKLM\system\currentcontrolset\enum\root\legacy_wintoolssvc\ (8 subtraces) (ID = 146518)
11:53 AM: Found Adware: winad
11:53 AM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/adtoolsx.dll\ (2 subtraces) (ID = 147188)
11:53 AM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\adtoolsx.dll (ID = 147215)
11:53 AM: Found Adware: coolwebsearch (cws)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1011\software\microsoft\internet explorer\keywords\ (16 subtraces) (ID = 109820)
11:53 AM: Found Adware: drsnsrch.com hijack
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1011\software\microsoft\internet explorer\searchurl\ (ID = 128212)
11:53 AM: Found Adware: tvmedia
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1011\software\microsoft\internet explorer\urlsearchhooks\ || {20ec3d2d-33c1-4c9d-bc37-c2d500688da2} (ID = 145309)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1011\software\microsoft\internet explorer\toolbar\shellbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 146462)
11:53 AM: Found Adware: wildmedia
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1011\software\microsoft\internet explorer\main\ || updater2 (ID = 146720)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1011\software\microsoft\internet explorer\main\ || updater (ID = 146721)
11:53 AM: Found Adware: highdialer hijack
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1011\software\microsoft\internet explorer\main\ || search page (ID = 1057098)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1011\software\microsoft\internet explorer\main\ || local page (ID = 1057450)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1011\software\microsoft\internet explorer\main\ || search bar (ID = 1058638)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1011\software\microsoft\windows nt\currentversion\windows\ || run (ID = 1062376)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\microsoft\internet explorer\searchurl\ (ID = 128212)
11:53 AM: Found Adware: searchtoolbar
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\{12ee7a5e-0674-42f9-a76b-000000004d00}\ (ID = 141347)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\microsoft\internet explorer\urlsearchhooks\ || {20ec3d2d-33c1-4c9d-bc37-c2d500688da2} (ID = 145309)
11:53 AM: Found Adware: twain-tech
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\mxtarget\ (6 subtraces) (ID = 145343)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\microsoft\internet explorer\toolbar\shellbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 146462)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\microsoft\internet explorer\main\ || updater2 (ID = 146720)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\microsoft\internet explorer\main\ || updater (ID = 146721)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\microsoft\internet explorer\main\ || search page (ID = 1057098)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\microsoft\internet explorer\main\ || local page (ID = 1057450)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\microsoft\internet explorer\main\ || search bar (ID = 1058638)
11:53 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1010\software\microsoft\windows nt\currentversion\windows\ || run (ID = 1062376)
11:54 AM: HKU\S-1-5-21-3977429315-1877297475-578083254-1009\software\microsoft\internet explorer\sites\ (2 subtraces) (ID = 109822)
11:54 AM: Found Adware: cws_xplugin
11:54 AM: HKU\S-1-5-21-3977429315-1877297475-578083254-1009\software\microsoft\internet explorer\main\ || sethp (ID = 124467)
11:54 AM: HKU\S-1-5-21-3977429315-1877297475-578083254-1009\software\microsoft\internet explorer\toolbar\shellbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 146462)
11:54 AM: HKU\S-1-5-21-3977429315-1877297475-578083254-1009\software\microsoft\internet explorer\main\ || updater2 (ID = 146720)
11:54 AM: HKU\S-1-5-21-3977429315-1877297475-578083254-1009\software\microsoft\internet explorer\main\ || updater (ID = 146721)
11:54 AM: HKU\S-1-5-21-3977429315-1877297475-578083254-1009\software\microsoft\internet explorer\main\ || search page (ID = 1057098)
11:54 AM: HKU\S-1-5-21-3977429315-1877297475-578083254-1009\software\microsoft\internet explorer\main\ || local page (ID = 1057450)
11:54 AM: HKU\S-1-5-21-3977429315-1877297475-578083254-1009\software\microsoft\internet explorer\main\ || search bar (ID = 1058638)
11:54 AM: HKU\S-1-5-21-3977429315-1877297475-578083254-1009\software\microsoft\windows nt\currentversion\windows\ || run (ID = 1062376)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\keywords\ (16 subtraces) (ID = 109820)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\searchurl\ (ID = 128212)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\{12ee7a5e-0674-42f9-a76b-000000004d00}\ (3 subtraces) (ID = 141347)
11:54 AM: Found Adware: targetsaver
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\tsa\ (8 subtraces) (ID = 143614)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\urlsearchhooks\ || {20ec3d2d-33c1-4c9d-bc37-c2d500688da2} (ID = 145309)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\mxtarget\ (29 subtraces) (ID = 145343)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\toolbar\shellbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 146462)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\main\ || updater2 (ID = 146720)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\main\ || updater (ID = 146721)
11:54 AM: Found Adware: sidesearch
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\searchurl\ || provider (ID = 826438)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\main\ || search page (ID = 1057098)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\main\ || local page (ID = 1057450)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\main\ || start page (ID = 1057451)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\internet explorer\main\ || search bar (ID = 1058638)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1008\software\microsoft\windows nt\currentversion\windows\ || run (ID = 1062376)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1007\software\microsoft\internet explorer\main\ || updater2 (ID = 146720)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1007\software\microsoft\internet explorer\main\ || updater (ID = 146721)
11:54 AM: HKU\WRSS_Profile_S-1-5-21-3977429315-1877297475-578083254-1007\software\microsoft\internet explorer\extensions\cmdmapping\ || {000007c6-17df-4438-92a4-de5537471ba3} (ID = 530423)
11:54 AM: Registry Sweep Complete, Elapsed Time:00:00:43
11:54 AM: Starting Cookie Sweep
11:54 AM: Found Spy Cookie: 2o7.net cookie
11:54 AM: peter f. dwyer@2o7[1].txt (ID = 1957)
11:54 AM: Found Spy Cookie: 888 cookie
11:54 AM: peter f. dwyer@888[1].txt (ID = 2019)
11:54 AM: Found Spy Cookie: websponsors cookie
11:54 AM: peter f. dwyer@a.websponsors[1].txt (ID = 3665)
11:54 AM: Found Spy Cookie: go.com cookie
11:54 AM: peter f. dwyer@abclocal.go[1].txt (ID = 2729)
11:54 AM: peter f. dwyer@abcnews.go[1].txt (ID = 2729)
11:54 AM: Found Spy Cookie: yieldmanager cookie
11:54 AM: peter f. dwyer@ad.yieldmanager[2].txt (ID = 3751)
11:54 AM: Found Spy Cookie: adecn cookie
11:54 AM: peter f. dwyer@adecn[2].txt (ID = 2063)
11:54 AM: Found Spy Cookie: adlegend cookie
11:54 AM: peter f. dwyer@adlegend[1].txt (ID = 2074)
11:54 AM: Found Spy Cookie: hbmediapro cookie
11:54 AM: peter f. dwyer@adopt.hbmediapro[2].txt (ID = 2768)
11:54 AM: Found Spy Cookie: precisead cookie
11:54 AM: peter f. dwyer@adopt.precisead[2].txt (ID = 3182)
11:54 AM: Found Spy Cookie: specificclick.com cookie
11:54 AM: peter f. dwyer@adopt.specificclick[1].txt (ID = 3400)
11:54 AM: Found Spy Cookie: adrevolver cookie
11:54 AM: peter f. dwyer@adrevolver[1].txt (ID = 2088)
11:54 AM: Found Spy Cookie: addynamix cookie
11:54 AM: peter f. dwyer@ads.addynamix[1].txt (ID = 2062)
11:54 AM: Found Spy Cookie: ads.businessweek cookie
11:54 AM: peter f. dwyer@ads.businessweek[1].txt (ID = 2113)
11:54 AM: Found Spy Cookie: enliven cookie
11:54 AM: peter f. dwyer@ads.enliven[1].txt (ID = 2615)
11:54 AM: Found Spy Cookie: pointroll cookie
11:54 AM: peter f. dwyer@ads.pointroll[2].txt (ID = 3148)
11:54 AM: peter f. dwyer@ads.specificclick[1].txt (ID = 3400)
11:54 AM: Found Spy Cookie: x10 cookie
11:54 AM: peter f. dwyer@ads.x10[1].txt (ID = 3712)
11:54 AM: Found Spy Cookie: bpath cookie
11:54 AM: peter f. dwyer@ads18.bpath[1].txt (ID = 2321)
11:54 AM: Found Spy Cookie: adserver.trb cookie
11:54 AM: peter f. dwyer@adserver.trb[2].txt (ID = 2147)
11:54 AM: Found Spy Cookie: advertising cookie
11:54 AM: peter f. dwyer@advertising[1].txt (ID = 2175)
11:54 AM: Found Spy Cookie: apmebf cookie
11:54 AM: peter f. dwyer@apmebf[2].txt (ID = 2229)
11:54 AM: Found Spy Cookie: about cookie
11:54 AM: peter f. dwyer@arthritis.about[1].txt (ID = 2038)
11:54 AM: Found Spy Cookie: falkag cookie
11:54 AM: peter f. dwyer@as-eu.falkag[2].txt (ID = 2650)
11:54 AM: peter f. dwyer@as1.falkag[2].txt (ID = 2650)
11:54 AM: Found Spy Cookie: ask cookie
11:54 AM: peter f. dwyer@ask[1].txt (ID = 2245)
11:54 AM: Found Spy Cookie: atlas dmt cookie
11:54 AM: peter f. dwyer@atdmt[2].txt (ID = 2253)
11:54 AM: Found Spy Cookie: belnk cookie
11:54 AM: peter f. dwyer@ath.belnk[2].txt (ID = 2293)
11:54 AM: Found Spy Cookie: atwola cookie
11:54 AM: peter f. dwyer@atwola[1].txt (ID = 2255)
11:54 AM: peter f. dwyer@autorepair.about[1].txt (ID = 2038)
11:54 AM: Found Spy Cookie: azjmp cookie
11:54 AM: peter f. dwyer@azjmp[1].txt (ID = 2270)
11:54 AM: peter f. dwyer@belnk[1].txt (ID = 2292)
11:54 AM: Found Spy Cookie: bizrate cookie
11:54 AM: peter f. dwyer@bizrate[1].txt (ID = 2308)
11:54 AM: peter f. dwyer@c.as-us.falkag[2].txt (ID = 2650)
11:54 AM: Found Spy Cookie: gostats cookie
11:54 AM: peter f. dwyer@c2.gostats[1].txt (ID = 2748)
11:54 AM: Found Spy Cookie: callwave cookie
11:54 AM: peter f. dwyer@callwave[2].txt (ID = 2342)
11:54 AM: Found Spy Cookie: centralmedia cookie
11:54 AM: peter f. dwyer@centralmedia[1].txt (ID = 2373)
11:54 AM: Found Spy Cookie: centrport net cookie
11:54 AM: peter f. dwyer@centrport[1].txt (ID = 2374)
11:54 AM: Found Spy Cookie: classmates cookie
11:54 AM: peter f. dwyer@classmates[1].txt (ID = 2384)
11:54 AM: Found Spy Cookie: tickle cookie
11:54 AM: peter f. dwyer@cookie.tickle[1].txt (ID = 3530)
11:54 AM: Found Spy Cookie: hitslink cookie
11:54 AM: peter f. dwyer@counter.hitslink[2].txt (ID = 2790)
11:54 AM: peter f. dwyer@counter2.hitslink[2].txt (ID = 2790)
11:54 AM: peter f. dwyer@cruises.about[1].txt (ID = 2038)
11:54 AM: Found Spy Cookie: 360i cookie
11:54 AM: peter f. dwyer@ct.360i[2].txt (ID = 1962)
11:54 AM: Found Spy Cookie: overture cookie
11:54 AM: peter f. dwyer@data3.perf.overture[2].txt (ID = 3106)
11:54 AM: Found Spy Cookie: did-it cookie
11:54 AM: peter f. dwyer@did-it[2].txt (ID = 2523)
11:54 AM: peter f. dwyer@dist.belnk[1].txt (ID = 2293)
11:54 AM: Found Spy Cookie: 180solutions cookie
11:54 AM: peter f. dwyer@downloads.180solutions[1].txt (ID = 1934)
11:54 AM: Found Spy Cookie: emode cookie
11:54 AM: peter f. dwyer@emode[1].txt (ID = 2603)
11:54 AM: peter f. dwyer@entrepreneur.122.2o7[1].txt (ID = 1958)
11:54 AM: peter f. dwyer@espn.go[1].txt (ID = 2729)
11:54 AM: peter f. dwyer@espnradio.espn.go[2].txt (ID = 2729)
11:54 AM: Found Spy Cookie: exitexchange cookie
11:54 AM: peter f. dwyer@exitexchange[2].txt (ID = 2633)
11:54 AM: Found Spy Cookie: findwhat cookie
11:54 AM: peter f. dwyer@findwhat[1].txt (ID = 2674)
11:54 AM: Found Spy Cookie: gator cookie
11:54 AM: peter f. dwyer@gator[1].txt (ID = 2722)
11:54 AM: peter f. dwyer@go[1].txt (ID = 2728)
11:54 AM: Found Spy Cookie: clickandtrack cookie
11:54 AM: peter f. dwyer@hits.clickandtrack[1].txt (ID = 2397)
11:54 AM: Found Spy Cookie: homestore cookie
11:54 AM: peter f. dwyer@homestore[1].txt (ID = 2793)
11:54 AM: peter f. dwyer@houseandhome.aol.homestore[1].txt (ID = 2794)
11:54 AM: Found Spy Cookie: screensavers.com cookie
11:54 AM: peter f. dwyer@i.screensavers[2].txt (ID = 3298)
11:54 AM: Found Spy Cookie: ic-live cookie
11:54 AM: peter f. dwyer@ic-live[1].txt (ID = 2821)
11:54 AM: Found Spy Cookie: infospace cookie
11:54 AM: peter f. dwyer@infospace[2].txt (ID = 2865)
11:54 AM: peter f. dwyer@installs.180solutions[1].txt (ID = 1934)
11:54 AM: Found Spy Cookie: sb01 cookie
11:54 AM: peter f. dwyer@jp1.sb01[1].txt (ID = 3288)
11:54 AM: Found Spy Cookie: kount cookie
11:54 AM: peter f. dwyer@kount[2].txt (ID = 2911)
11:54 AM: Found Spy Cookie: l2m.net cookie
11:54 AM: peter f. dwyer@l2m[1].txt (ID = 2913)
11:54 AM: Found Spy Cookie: netster cookie
11:54 AM: peter f. dwyer@lb1.netster[1].txt (ID = 3072)
11:54 AM: Found Spy Cookie: directtrack cookie
11:54 AM: peter f. dwyer@lendinghope.directtrack[1].txt (ID = 2528)
11:54 AM: peter f. dwyer@marketworksinc.122.2o7[1].txt (ID = 1958)
11:54 AM: Found Spy Cookie: fastclick cookie
11:54 AM: peter f. dwyer@media.fastclick[1].txt (ID = 2652)
11:54 AM: Found Spy Cookie: mediaplex cookie
11:54 AM: peter f. dwyer@mediaplex[1].txt (ID = 6442)
11:54 AM: Found Spy Cookie: metareward.com cookie
11:54 AM: peter f. dwyer@metareward[1].txt (ID = 2990)
11:54 AM: Found Spy Cookie: monstermarketplace cookie
11:54 AM: peter f. dwyer@monstermarketplace[2].txt (ID = 3006)
11:54 AM: Found Spy Cookie: qsrch cookie
11:54 AM: peter f. dwyer@newnet.qsrch[2].txt (ID = 3216)
11:54 AM: Found Spy Cookie: nextag cookie
11:54 AM: peter f. dwyer@nextag[1].txt (ID = 5014)
11:54 AM: Found Spy Cookie: netratingsselect cookie
11:54 AM: peter f. dwyer@nnselect[2].txt (ID = 3065)
11:54 AM: Found Spy Cookie: offeroptimizer cookie
11:54 AM: peter f. dwyer@offeroptimizer[2].txt (ID = 3087)
11:54 AM: Found Spy Cookie: one-time-offer cookie
11:54 AM: peter f. dwyer@one-time-offer[2].txt (ID = 3095)
11:54 AM: peter f. dwyer@orthopedics.about[1].txt (ID = 2038)
11:54 AM: peter f. dwyer@overture[2].txt (ID = 3105)
11:54 AM: peter f. dwyer@partygaming.122.2o7[1].txt (ID = 1958)
11:54 AM: Found Spy Cookie: touchclarity cookie
11:54 AM: peter f. dwyer@partypoker.touchclarity[1].txt (ID = 3567)
11:54 AM: Found Spy Cookie: partypoker cookie
11:54 AM: peter f. dwyer@partypoker[1].txt (ID = 3111)
11:54 AM: peter f. dwyer@perf.overture[1].txt (ID = 3106)
11:54 AM: peter f. dwyer@pointroll[1].txt (ID = 3147)
11:54 AM: Found Spy Cookie: popups.infostart cookie
11:54 AM: peter f. dwyer@popups.infostart[1].txt (ID = 3159)
11:54 AM: Found Spy Cookie: pro-market cookie
11:54 AM: peter f. dwyer@pro-market[2].txt (ID = 3197)
11:54 AM: Found Spy Cookie: reunion cookie
11:54 AM: peter f. dwyer@reunion[1].txt (ID = 3255)
11:54 AM: Found Spy Cookie: revenue.net cookie
11:54 AM: peter f. dwyer@revenue[2].txt (ID = 3257)
11:54 AM: Found Spy Cookie: rightmedia cookie
11:54 AM: peter f. dwyer@rightmedia[1].txt (ID = 3259)
11:54 AM: Found Spy Cookie: rn11 cookie
11:54 AM: peter f. dwyer@rn11[2].txt (ID = 3261)
11:54 AM: peter f. dwyer@rsi.abcnews.go[1].txt (ID = 2729)
11:54 AM: peter f. dwyer@rsi.espn.go[1].txt (ID = 2729)
11:54 AM: Found Spy Cookie: server.iad.liveperson cookie
11:54 AM: peter f. dwyer@server.iad.liveperson[2].txt (ID = 3341)
11:54 AM: Found Spy Cookie: specificpop cookie
11:54 AM: peter f. dwyer@specificpop[2].txt (ID = 3401)
11:54 AM: peter f. dwyer@sports.espn.go[1].txt (ID = 2729)
11:54 AM: Found Spy Cookie: spylog cookie
11:54 AM: peter f. dwyer@spylog[1].txt (ID = 3415)
11:54 AM: Found Spy Cookie: spywarestormer cookie
11:54 AM: peter f. dwyer@spywarestormer[1].txt (ID = 3417)
11:54 AM: Found Spy Cookie: st.sageanalyst cookie
11:54 AM: peter f. dwyer@st.sageanalyst[1].txt (ID = 3436)
11:54 AM: Found Spy Cookie: clicktracks cookie
11:54 AM: peter f. dwyer@stats2.clicktracks[1].txt (ID = 2407)
11:54 AM: peter f. dwyer@support.tickle[1].txt (ID = 3530)
11:54 AM: Found Spy Cookie: tacoda cookie
11:54 AM: peter f. dwyer@tacoda[1].txt (ID = 6444)
11:54 AM: peter f. dwyer@tickle[1].txt (ID = 3529)
11:54 AM: Found Spy Cookie: toplist cookie
11:54 AM: peter f. dwyer@toplist[1].txt (ID = 3557)
11:54 AM: Found Spy Cookie: coremetrics cookie
11:54 AM: peter f. dwyer@twci.coremetrics[1].txt (ID = 2472)
11:54 AM: peter f. dwyer@usmilitary.about[2].txt (ID = 2038)
11:54 AM: Found Spy Cookie: valuead cookie
11:54 AM: peter f. dwyer@valuead[2].txt (ID = 3626)
11:54 AM: Found Spy Cookie: realtracker cookie
11:54 AM: peter f. dwyer@web4.realtracker[1].txt (ID = 3242)
11:54 AM: Found Spy Cookie: clickxchange adware cookie
11:54 AM: peter f. dwyer@www.clickxchange[1].txt (ID = 2409)
11:54 AM: peter f. dwyer@www.homestore[1].txt (ID = 2794)
11:54 AM: Found Spy Cookie: maximumcash cookie
11:54 AM: peter f. dwyer@www.maximumcash[1].txt (ID = 2962)
11:54 AM: Found Spy Cookie: myaffiliateprogram.com cookie
11:54 AM: peter f. dwyer@www.myaffiliateprogram[2].txt (ID = 3032)
11:54 AM: Found Spy Cookie: rednova cookie
11:54 AM: peter f. dwyer@www.rednova[2].txt (ID = 3246)
11:54 AM: Found Spy Cookie: redzip cookie
11:54 AM: peter f. dwyer@www.redzip[2].txt (ID = 3250)
11:54 AM: peter f. dwyer@www.screensavers[1].txt (ID = 3298)
11:54 AM: Found Spy Cookie: toprebates.com cookie
11:54 AM: peter f. dwyer@www.toprebates[2].txt (ID = 3562)
11:54 AM: Found Spy Cookie: upspiral cookie
11:54 AM: peter f. dwyer@www.upspiral[2].txt (ID = 3615)
11:54 AM: Found Spy Cookie: xzoomy cookie
11:54 AM: peter f. dwyer@www.xzoomy[1].txt (ID = 3742)
11:54 AM: peter f. dwyer@x10[1].txt (ID = 3711)
11:54 AM: Found Spy Cookie: xiti cookie
11:54 AM: peter f. dwyer@xiti[1].txt (ID = 3717)
11:54 AM: peter f. dwyer@yieldmanager[2].txt (ID = 3749)
11:54 AM: peter f. dwyer@ypng.infospace[1].txt (ID = 2866)
11:54 AM: Found Spy Cookie: zedo cookie
11:54 AM: peter f. dwyer@zedo[1].txt (ID = 3762)
11:54 AM: Cookie Sweep Complete, Elapsed Time: 00:00:16
11:54 AM: Starting File Sweep
11:55 AM: c:\program files\screensavers.com (8 subtraces) (ID = -2147480365)
11:58 AM: preinstt.exe (ID = 81866)
11:58 AM: polmx.cab (ID = 81854)
11:58 AM: polall1m.exe (ID = 81852)
12:00 PM: Found Adware: ieplugin
12:00 PM: kwv2.dat (ID = 63355)
12:02 PM: shex.exe (ID = 94438)
12:04 PM: tvm.upd (ID = 81654)
12:06 PM: swpstart.exe (ID = 74759)
12:06 PM: key2.txt (ID = 51468)
12:06 PM: twaintec.cab (ID = 81875)
12:08 PM: tsinstall_4_0_3_7.exe (ID = 78266)
12:08 PM: tsinstall_4_0_3_6.exe (ID = 78264)
12:10 PM: lycos sidesearch.lnk (ID = 76058)
12:12 PM: tvmuknwrd.dll (ID = 81759)
12:12 PM: zwipvbh.wzg (ID = 87862)
12:12 PM: polmx.inf (ID = 81856)
12:12 PM: twaintec.inf (ID = 81889)
12:12 PM: twaintec.inf (ID = 81889)
12:12 PM: Warning: Unhandled Archive Type
12:12 PM: Warning: Unhandled Archive Type
12:13 PM: Warning: Unhandled Archive Type
12:13 PM: File Sweep Complete, Elapsed Time: 00:18:50
12:13 PM: Full Sweep has completed. Elapsed time 00:21:43
12:13 PM: Traces Found: 490
12:15 PM: Removal process initiated
12:15 PM: Quarantining All Traces: purityscan
12:15 PM: Quarantining All Traces: websearch toolbar
12:15 PM: Quarantining All Traces: wildmedia
12:15 PM: Quarantining All Traces: blazefind
12:15 PM: Quarantining All Traces: coolwebsearch (cws)
12:15 PM: Quarantining All Traces: sidesearch
12:15 PM: Quarantining All Traces: winad
12:15 PM: Quarantining All Traces: cws_xplugin
12:15 PM: Quarantining All Traces: drsnsrch.com hijack
12:15 PM: Quarantining All Traces: highdialer hijack
12:15 PM: Quarantining All Traces: ieplugin
12:15 PM: Quarantining All Traces: screensavers
12:15 PM: Quarantining All Traces: searchtoolbar
12:15 PM: Quarantining All Traces: targetsaver
12:15 PM: Quarantining All Traces: tvmedia
12:15 PM: Quarantining All Traces: twain-tech
12:15 PM: Quarantining All Traces: 180solutions cookie
12:15 PM: Quarantining All Traces: 2o7.net cookie
12:15 PM: Quarantining All Traces: 360i cookie
12:15 PM: Quarantining All Traces: 888 cookie
12:15 PM: Quarantining All Traces: about cookie
12:15 PM: Quarantining All Traces: addynamix cookie
12:15 PM: Quarantining All Traces: adecn cookie
12:15 PM: Quarantining All Traces: adlegend cookie
12:15 PM: Quarantining All Traces: adrevolver cookie
12:15 PM: Quarantining All Traces: ads.businessweek cookie
12:15 PM: Quarantining All Traces: adserver.trb cookie
12:15 PM: Quarantining All Traces: advertising cookie
12:15 PM: Quarantining All Traces: apmebf cookie
12:15 PM: Quarantining All Traces: ask cookie
12:15 PM: Quarantining All Traces: atlas dmt cookie
12:15 PM: Quarantining All Traces: atwola cookie
12:15 PM: Quarantining All Traces: azjmp cookie
12:15 PM: Quarantining All Traces: belnk cookie
12:15 PM: Quarantining All Traces: bizrate cookie
12:15 PM: Quarantining All Traces: bpath cookie
12:15 PM: Quarantining All Traces: callwave cookie
12:15 PM: Quarantining All Traces: centralmedia cookie
12:15 PM: Quarantining All Traces: centrport net cookie
12:15 PM: Quarantining All Traces: classmates cookie
12:15 PM: Quarantining All Traces: clickandtrack cookie
12:15 PM: Quarantining All Traces: clicktracks cookie
12:15 PM: Quarantining All Traces: clickxchange adware cookie
12:15 PM: Quarantining All Traces: coremetrics cookie
12:15 PM: Quarantining All Traces: did-it cookie
12:15 PM: Quarantining All Traces: directtrack cookie
12:15 PM: Quarantining All Traces: emode cookie
12:15 PM: Quarantining All Traces: enliven cookie
12:15 PM: Quarantining All Traces: exitexchange cookie
12:15 PM: Quarantining All Traces: falkag cookie
12:15 PM: Quarantining All Traces: fastclick cookie
12:15 PM: Quarantining All Traces: findwhat cookie
12:15 PM: Quarantining All Traces: gator cookie
12:15 PM: Quarantining All Traces: go.com cookie
12:15 PM: Quarantining All Traces: gostats cookie
12:15 PM: Quarantining All Traces: hbmediapro cookie
12:15 PM: Quarantining All Traces: hitslink cookie
12:15 PM: Quarantining All Traces: homestore cookie
12:15 PM: Quarantining All Traces: ic-live cookie
12:15 PM: Quarantining All Traces: infospace cookie
12:15 PM: Quarantining All Traces: kount cookie
12:15 PM: Quarantining All Traces: l2m.net cookie
12:15 PM: Quarantining All Traces: maximumcash cookie
12:15 PM: Quarantining All Traces: mediaplex cookie
12:15 PM: Quarantining All Traces: metareward.com cookie
12:15 PM: Quarantining All Traces: monstermarketplace cookie
12:15 PM: Quarantining All Traces: myaffiliateprogram.com cookie
12:15 PM: Quarantining All Traces: netratingsselect cookie
12:15 PM: Quarantining All Traces: netster cookie
12:15 PM: Quarantining All Traces: nextag cookie
12:15 PM: Quarantining All Traces: offeroptimizer cookie
12:15 PM: Quarantining All Traces: one-time-offer cookie
12:15 PM: Quarantining All Traces: overture cookie
12:15 PM: Quarantining All Traces: partypoker cookie
12:15 PM: Quarantining All Traces: pointroll cookie
12:15 PM: Quarantining All Traces: popups.infostart cookie
12:15 PM: Quarantining All Traces: precisead cookie
12:15 PM: Quarantining All Traces: pro-market cookie
12:15 PM: Quarantining All Traces: qsrch cookie
12:15 PM: Quarantining All Traces: realtracker cookie
12:15 PM: Quarantining All Traces: rednova cookie
12:15 PM: Quarantining All Traces: redzip cookie
12:15 PM: Quarantining All Traces: reunion cookie
12:15 PM: Quarantining All Traces: revenue.net cookie
12:15 PM: Quarantining All Traces: rightmedia cookie
12:15 PM: Quarantining All Traces: rn11 cookie
12:15 PM: Quarantining All Traces: sb01 cookie
12:15 PM: Quarantining All Traces: screensavers.com cookie
12:15 PM: Quarantining All Traces: server.iad.liveperson cookie
12:15 PM: Quarantining All Traces: specificclick.com cookie
12:15 PM: Quarantining All Traces: specificpop cookie
12:15 PM: Quarantining All Traces: spylog cookie
12:15 PM: Quarantining All Traces: spywarestormer cookie
12:15 PM: Quarantining All Traces: st.sageanalyst cookie
12:15 PM: Quarantining All Traces: tacoda cookie
12:15 PM: Quarantining All Traces: tickle cookie
12:15 PM: Quarantining All Traces: toplist cookie
12:15 PM: Quarantining All Traces: toprebates.com cookie
12:15 PM: Quarantining All Traces: touchclarity cookie
12:15 PM: Quarantining All Traces: upspiral cookie
12:15 PM: Quarantining All Traces: valuead cookie
12:15 PM: Quarantining All Traces: websponsors cookie
12:15 PM: Quarantining All Traces: x10 cookie
12:15 PM: Quarantining All Traces: xiti cookie
12:15 PM: Quarantining All Traces: xzoomy cookie
12:15 PM: Quarantining All Traces: yieldmanager cookie
12:15 PM: Quarantining All Traces: zedo cookie
12:16 PM: Removal process completed. Elapsed time 00:01:10

Here is my microsoft anti spyware log:

2/4/2006 2:30:43 AM::------------------------------------------------------------------
2/4/2006 2:30:43 AM::Initializing Clean - (ScanID: F5063F67-6487-469F-8946-B80E00)
2/4/2006 2:30:43 AM::Unititializing Clean
2/4/2006 2:30:43 AM::------------------------------------------------------------------
2/4/2006 11:50:02 AM::------------------------------------------------------------------
2/4/2006 11:50:02 AM::Initializing Clean - (ScanID: F5063F67-6487-469F-8946-B80E00)
2/4/2006 11:50:02 AM::Remove Threat (ID:16416)
2/4/2006 11:50:02 AM::Clean Threat BackDoor.Galapop.A (ID:16416)
2/4/2006 11:50:04 AM:elete registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run [aupd=C:\WINDOWS\System32\symsvcsa.exe]
2/4/2006 11:50:04 AM::Clean Threat BackDoor.Galapop.A (ID:16416) Complete
2/4/2006 11:50:05 AM::Remove Threat (ID:16416) Complete
2/4/2006 11:50:05 AM::Remove Threat (ID:11648)
2/4/2006 11:50:05 AM::Clean Threat StatBlaster (ID:11648)
2/4/2006 11:50:06 AM::Removing file c:\documents and settings\peter j. dwyer\local settings\tempwm_fuins.bat
2/4/2006 11:50:06 AM:isable file c:\documents and settings\peter j. dwyer\local settings\tempwm_fuins.bat and quarantine to C:\Program Files\Microsoft AntiSpyware\Quarantine\04614DD5-6381-4B18-ACE2-218258\4E3DEF5E-E27D-480B-BF67-A04BCF
2/4/2006 11:50:07 AM::Clean Threat StatBlaster (ID:11648) Complete
2/4/2006 11:50:07 AM::Remove Threat (ID:11648) Complete
2/4/2006 11:50:07 AM::Remove Threat (ID:13770)
2/4/2006 11:50:07 AM::Clean Threat Twain Tech (ID:13770)
2/4/2006 11:50:08 AM::Removing registry value HKEY_CURRENT_USER\Software\MxTarget [MTI7d8OfSInst={5B9E7366-2010-43A6-9F69-D13188399497}
2/4/2006 11:50:08 AM::Removing registry value HKEY_CURRENT_USER\Software\MxTarget [MTC7n8trMsgSDisp=0
2/4/2006 11:50:08 AM::Removing registry value HKEY_CURRENT_USER\Software\MxTarget [MTI7d8OfSDist=THNALL1T
2/4/2006 11:50:08 AM::Removing registry value HKEY_CURRENT_USER\Software\MxTarget [MTT7o8pListSPos=0
2/4/2006 11:50:08 AM::Removing registry value HKEY_CURRENT_USER\Software\MxTarget [MTI7n8ProgSCab=0
2/4/2006 11:50:08 AM::Removing registry value HKEY_CURRENT_USER\Software\MxTarget [MTI7n8ProgSEx=0
2/4/2006 11:50:08 AM::Removing registry value HKEY_CURRENT_USER\Software\MxTarget [MTI7n8ProgSLstest=0
2/4/2006 11:50:08 AM::Removing registry value HKEY_CURRENT_USER\Software\MxTarget
2/4/2006 11:50:08 AM::Removing registry key HKEY_CURRENT_USER\Software\MxTarget
2/4/2006 11:50:08 AM::Clean Threat Twain Tech (ID:13770) Complete
2/4/2006 11:50:09 AM::Remove Threat (ID:13770) Complete
2/4/2006 11:50:09 AM::Unititializing Clean
2/4/2006 11:50:09 AM::------------------------------------------------------------------
2/4/2006 12:20:31 PM::------------------------------------------------
2/4/2006 12:20:31 PM:tarting GIANT AS Cleaner
2/4/2006 12:20:31 PM::Running all Cleaner deletes
2/4/2006 12:20:31 PM::---Starting Quick Cleaner DelRegValues
2/4/2006 12:20:31 PM::Checking threats to clean
2/4/2006 12:20:31 PM::Ending GIANT AS Cleaner
2/4/2006 12:20:31 PM::------------------------------------------------
I Had to run ewido anti maleware 3 different times, dont ask my why, but here they are:

EWIDO 1:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:02:48 PM, 2/2/2006
+ Report-Checksum: 7C95AF80

+ Scan result:

HKLM\SOFTWARE\Classes\Replace.HBO -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Replace.HBO\CLSID -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Replace.HBO\CurVer -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Replace.HBO.1 -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> Spyware.PopularScreensavers : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaTickets -> Spyware.PurityScan : Cleaned with backup
HKU\S-1-5-21-3977429315-1877297475-578083254-1007\Software\Microsoft\Internet Explorer\Keywords -> Spyware.CoolWebSearch : Cleaned with backup
C:\counter.cab/counter.exe -> Dropper.Small.ls : Error during cleaning
C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\Quarantine\20050927155718.zip/Program Files/common files/wintools/WToolsB.dll -> Spyware.Wintol : Cleaned with backup
C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\Quarantine\20050927155718.zip/Program Files/common files/wintools/WSup.exe -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\02fk.sys -> Trojan.Kolweb.e : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\260.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\cIx.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\k1bm.sys -> Trojan.Kolweb.b : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\u2kr65r.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\wzg7d0.sys -> Trojan.Delf.cf : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\x80.sys -> Trojan.Kolweb.b : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~359634.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~374043.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~391410.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~394333.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~409058.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~413222.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~418595.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~437203.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~444674.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~502046.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~503843.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~531514.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~561335.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~564229.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~582443.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~595832.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~623648.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~635059.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~635724.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~646402.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~652952.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~656735.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~658156.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~660623.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~664262.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~672095.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~678599.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~706768.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~709401.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~709974.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~728834.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~731163.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~735272.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~744592.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~748831.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~749081.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~771535.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~775566.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~778132.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~781824.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~785012.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~788774.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~814673.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~816670.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~855876.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~871963.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~888187.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~904025.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~912927.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Laura Dwyer\Local Settings\Temp\~919204.tmp -> Spyware.Wintools : Cleaned with backup


::Report End

EWIDO 2:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 6:54:23 AM, 2/3/2006
+ Report-Checksum: 342D7A0D

+ Scan result:

C:\counter.cab/counter.exe -> Dropper.Small.ls : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\!update.exe -> Downloader.PurityScan.be : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\260.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\down.cab/WToolsB.dll -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\ezw.exe -> Adware.eZula : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\rs.exe -> Downloader.Agent.df : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\THI384D.tmp\mxTarget.cab/mxTarget.dll -> Spyware.BiSpy : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\THI384D.tmp\mxTarget.cab/preInsMt.exe -> Spyware.BiSpy : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\THI3BE5.tmp\twaintec.cab/twaintec.dll -> Spyware.BiSpy : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\THI3BE5.tmp\twaintec.cab/preInsTT.exe -> Spyware.BiSpy : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\THI3BE5.tmp\twaintec.cab/polall1t.exe -> Downloader.Agent.ae : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\THI5FBB.tmp\mxTarget.cab/mxTarget.dll -> Spyware.BiSpy : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\THI5FBB.tmp\mxTarget.cab/preInsMt.exe -> Spyware.BiSpy : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\THI7568.tmp\mxTarget.cab/mxTarget.dll -> Spyware.BiSpy : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\THI7568.tmp\mxTarget.cab/preInsMt.exe -> Spyware.BiSpy : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\u2kr65r.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~404792.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~434794.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~465986.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~468170.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~470118.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~473757.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~474444.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~475182.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~488215.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~492915.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~505877.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~510058.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~510862.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~567680.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~573186.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~585583.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~590751.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~607813.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~629374.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~631797.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~643393.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~650384.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~655667.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~666227.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~668126.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~677714.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~693249.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~699084.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~702858.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~708609.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~710053.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~722224.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~723382.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~724552.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~745864.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~745921.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~751006.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~752771.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~754192.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~756389.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~759229.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~759718.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~760730.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~761207.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~761614.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~763129.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~774985.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~775452.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~776824.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~776930.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~784270.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~785833.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~787994.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~788637.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~790876.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~792626.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~794327.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~794555.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~799712.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~803020.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~804189.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~809812.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~810381.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~810526.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~815098.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~818570.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~833255.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~833362.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~834781.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~836623.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~841271.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~843168.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~844495.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~847956.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~854180.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~855083.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~856187.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~857505.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~858101.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~858793.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~875847.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~921517.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~923185.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Peter J. Dwyer\Local Settings\Temp\~934820.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\02fk.sys -> Trojan.Kolweb.e : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\260.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\CBz.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\DYm8.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\u2kr65r.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~338936.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~409925.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~416650.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~421718.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~455006.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~467068.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~470256.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~483107.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~489284.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~498762.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~502916.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~527847.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~542321.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~545322.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~551197.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~552548.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~554048.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~557183.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~558788.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~562298.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~567094.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~580977.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~585048.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~603254.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~604458.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~606569.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~608687.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~613386.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~621617.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~622625.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~623704.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~624863.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~627056.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~629528.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~630610.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~633376.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~638087.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~640259.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~644524.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~649292.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~652234.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~654009.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~655641.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~657648.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~660409.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~661420.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~662423.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~667915.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~676578.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~677258.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~678651.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~679048.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~679845.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~680043.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~680362.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~680477.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~681867.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~682286.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~685964.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~687684.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~690310.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~690766.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~692278.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~693788.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~694144.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~697368.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~698874.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~699052.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~701673.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~702500.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~708504.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~709374.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~710160.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~710577.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~711437.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~714030.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~717423.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~725145.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~727379.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~728541.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~729291.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~732886.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~735124.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~735715.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~739908.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~740332.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~741848.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~745685.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~745851.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~747073.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~751346.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~754781.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~757254.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~757970.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~758467.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~760378.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~763578.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~779580.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~781719.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~784222.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~789060.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~792347.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~794374.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~795593.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~803094.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~804481.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~804638.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~808026.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~808207.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~808419.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~809068.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~809112.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~816337.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~816342.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~816666.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~817736.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~820451.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~823159.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~828653.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~829334.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~834307.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~836796.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~837524.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~838780.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~848188.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~856906.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~857047.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~866355.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~905052.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~906339.tmp -> Spyware.Wintools : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~922199.tmp -> Downloader.WinTool : Cleaned with backup
C:\Documents and Settings\Victoria Dwyer\Local Settings\Temp\~942452.tmp -> Spyware.Wintools : Cleaned with backup
C:\Program Files\America Online 9.0\download\fdsf -> Hijacker.Spywad.l : Cleaned with backup
C:\Program Files\America Online 9.0\download\sdfff -> Downloader.Small.awa : Cleaned with backup
C:\Program Files\America Online 9.0\download\wdcevf -> Downloader.Small.bwr : Cleaned with backup
C:\Program Files\America Online 9.0\download\zxczxc -> Trojan.Dialer.mi : Cleaned with backup
C:\Program Files\Internet Explorer\pmofupwj.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\Program Files\Screensavers.com\Installer\bin\ScreensaversInst.dll -> Spyware.Comet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP729\A0234799.dll -> Trojan.Kolweb.d : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP751\A0240538.exe -> Downloader.PurityScan.au : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP751\A0240539.dll -> Spyware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP751\A0240540.exe -> Spyware.MediaTickets : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0243004.exe -> Hijacker.Spywad.l : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0243005.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP754\A0243031.exe -> Spyware.CWS : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0243041.exe -> Hijacker.Spywad.l : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0243042.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0243072.exe -> Hijacker.Spywad.l : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0243076.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0243092.exe -> Trojan.Dialer.mi : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0243104.exe -> Trojan.Dialer.ay : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0244076.exe -> Hijacker.Spywad.l : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0244077.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0244093.exe -> Backdoor.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0244095.exe -> Backdoor.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP755\A0244135.exe -> Downloader.CWS : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP757\A0244249.exe -> Downloader.CWS : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP758\A0244381.exe -> Backdoor.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP758\A0244382.exe -> Backdoor.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP759\A0244461.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP759\A0244463.dll -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP760\A0244643.exe -> Spyware.CWS : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP760\A0244647.exe -> Proxy.Small.cf : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP760\A0244695.exe -> Downloader.CWS : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP760\A0244739.exe -> Downloader.CWS : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP763\A0244956.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP763\A0244957.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP764\A0244991.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP764\A0244992.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP764\A0244994.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP764\A0244995.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP764\A0244996.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP769\A0245682.exe -> Downloader.CWS.r : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP769\A0245752.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP770\A0245890.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP770\A0245946.exe -> Downloader.CWS.r : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP770\A0245948.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP770\A0246004.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP771\A0246013.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP771\A0246072.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP772\A0246153.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP773\A0246213.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP774\A0246308.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP774\A0246325.dll -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP774\A0246347.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP775\A0246407.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0246515.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0246529.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0246531.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0246532.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0246533.exe -> Logger.Agent.ig : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0246534.exe -> Downloader.CWS : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0246535.exe -> Downloader.Small.bwr : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0246536.exe -> Downloader.Small.awa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0246539.exe -> Hijacker.Spywad.l : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0246541.exe -> Proxy.Small.cf : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP781\A0248875.exe -> Backdoor.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP781\A0248956.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP781\A0248959.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP782\A0249100.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP782\A0249106.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP784\A0249217.exe -> Adware.MediaTickets : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP784\A0249218.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP784\A0249219.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP785\A0249317.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP785\A0249318.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP786\A0249354.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP786\A0249355.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP789\A0249573.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP789\A0249574.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP789\A0249604.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP789\A0249606.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP791\A0249730.exe -> Hijacker.Spywad.l : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP792\A0249806.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP792\A0249807.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250332.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\WINDOWS\mtuninst.exe -> Adware.MediaTickets : Cleaned with backup
C:\WINDOWS\SYSTEM32\10243_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\11218_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\11583_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\13309_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\13388_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\14147_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\14868_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\1572_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\1580_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\17263_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\1938_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\20360_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\21176_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\21412_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\22635_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\22827_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\24194_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\24758_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\2695_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\27177_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\27933_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\28666_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\28801_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\30089_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\30933_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\31280_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\31767_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\32558_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\3839_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\3881_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\4401_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\5867_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\9070_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\9781_up.exe -> Worm.Sasser.A : Cleaned with backup
C:\WINDOWS\SYSTEM32\b4ax3i.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\WINDOWS\SYSTEM32\bmk13.exe -> Trojan.Favadd.a : Cleaned with backup
C:\WINDOWS\SYSTEM32\casino.exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\SYSTEM32\d2kbpn.exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\SYSTEM32\exeha2.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\WINDOWS\SYSTEM32\ll.exe -> Proxy.Lager.f : Cleaned with backup
C:\WINDOWS\SYSTEM32\n6cf.dll -> Trojan.Kolweb.f : Cleaned with backup
C:\WINDOWS\SYSTEM32\NOTEPAD.EXE -> Downloader.Small.jc : Cleaned with backup
C:\WINDOWS\SYSTEM32\nxh83.dll -> Trojan.Kolweb.f : Cleaned with backup
C:\WINDOWS\SYSTEM32\oins.exe -> Spyware.MediaTickets : Cleaned with backup
C:\WINDOWS\SYSTEM32\symsvcsa.exe -> Trojan.Small : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysupd1003.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\SYSTEM32\sywsvcs.exe -> Backdoor.Small : Cleaned with backup
C:\WINDOWS\SYSTEM32\u2kr65r.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\WINDOWS\SYSTEM32\urhcbm0.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\WINDOWS\SYSTEM32\~update.exe -> Trojan.Small : Cleaned with backup
C:\WINDOWS\u2kr65r.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\WINDOWS\UnstSA2.exe -> Dropper.Delf.z : Cleaned with backup


::Report End

EWIDO 3:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:48:04 AM, 2/4/2006
+ Report-Checksum: AB20A6DF

+ Scan result:

HKU\S-1-5-21-3977429315-1877297475-578083254-1009\Software\Microsoft\Internet Explorer\Keywords -> Spyware.CoolWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250389.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250390.dll -> Spyware.Comet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250391.exe -> Adware.MediaTickets : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250392.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250393.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250394.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250395.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250396.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250397.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250398.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250399.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250400.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250401.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250402.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250403.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250404.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250405.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250406.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250407.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250408.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250409.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250410.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250411.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250412.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250413.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250414.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250415.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250416.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250417.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250418.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250419.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250420.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250421.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250422.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250423.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250424.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250425.exe -> Worm.Sasser.A : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250426.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250427.exe -> Trojan.Favadd.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250428.exe -> Dialer.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250429.exe -> Dialer.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250430.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250431.exe -> Proxy.Lager.f : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250432.dll -> Trojan.Kolweb.f : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250433.EXE -> Downloader.Small.jc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250434.dll -> Trojan.Kolweb.f : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250435.exe -> Spyware.MediaTickets : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250436.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250437.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250438.exe -> Backdoor.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250439.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250440.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250441.exe -> Trojan.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250442.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0250443.exe -> Dropper.Delf.z : Cleaned with backup


::Report End


AGAIN THANKS TO EVERYONE WHO HELPED ME OUT!
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the Viruses, Spyware and other Nasties Forum
Thread Tools Search this Thread



adware anti-malware anti-virussitesaccessissue antivirus attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia education email europe exam exploit facebook fake fancheckvirus gaming gumblar halloween hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system trojan unwanted update usa virus viruses vista war warning windows worm yahoo zeroday
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC