0

i've tried several different things in trying to remove these programs and done a lot of research. I've learned that i need a pro to go through my HJT log and give me some steps on how to get rid of it. I've tried HSRemove, CWShredder, About:Buster, and several virus scanners including Spybot and Adaware. I've lost the use of several programs including interent explorer and Aim (i've switched to Firefox as my web browser). Any and all help would be greatly appreciated. Thank You!

Here is my current HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 2:48:03 PM, on 8/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\iehl32.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\AT&T\WnClient\Programs\WNConnect.exe
C:\PROGRA~1\AT&T\WnClient\Programs\WNCSMS~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {11385C18-9788-41BB-1120-99D508537CF7} - C:\WINDOWS\system32\crvi32.dll (file missing)
O2 - BHO: Class - {21204F9B-E08B-9E2A-C0B8-0DA765FD3394} - C:\WINDOWS\winel32.dll
O2 - BHO: Class - {24D87AB5-7115-66D2-F97A-234319B569B2} - C:\WINDOWS\netxr.dll (file missing)
O2 - BHO: Class - {3F83AEC3-983B-9E28-2594-47C2D6EF242D} - C:\WINDOWS\msls32.dll (file missing)
O2 - BHO: Class - {424ECF3F-0AA2-ED97-35AB-180E7F0F8EB4} - C:\WINDOWS\addoe32.dll (file missing)
O2 - BHO: Class - {A2E2EDE4-E2D3-F3DF-1F23-8C3BEE10E0AA} - C:\WINDOWS\system32\netzs.dll (file missing)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {E7077AA3-E05A-805B-4D85-F99FE9283C46} - C:\WINDOWS\d3fi32.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [addoe32.exe] C:\WINDOWS\addoe32.exe
O4 - HKLM\..\Run: [iehl32.exe] C:\WINDOWS\iehl32.exe
O4 - HKLM\..\RunOnce: [javayg32.exe] C:\WINDOWS\javayg32.exe
O4 - HKLM\..\RunOnce: [addpw32.exe] C:\WINDOWS\system32\addpw32.exe
O4 - HKLM\..\RunOnce: [atlxk32.exe] C:\WINDOWS\atlxk32.exe
O4 - HKLM\..\RunOnce: [sdkig32.exe] C:\WINDOWS\sdkig32.exe
O4 - HKLM\..\RunOnce: [javadd32.exe] C:\WINDOWS\javadd32.exe
O4 - HKLM\..\RunOnce: [mfcxs32.exe] C:\WINDOWS\system32\mfcxs32.exe
O4 - HKLM\..\RunOnce: [syscu.exe] C:\WINDOWS\syscu.exe
O4 - HKLM\..\RunOnce: [sdkay.exe] C:\WINDOWS\system32\sdkay.exe
O4 - HKLM\..\RunOnce: [ipxv32.exe] C:\WINDOWS\system32\ipxv32.exe
O4 - HKLM\..\RunOnce: [appcx.exe] C:\WINDOWS\system32\appcx.exe
O4 - HKLM\..\RunOnce: [appwj32.exe] C:\WINDOWS\system32\appwj32.exe
O4 - HKLM\..\RunOnce: [winug32.exe] C:\WINDOWS\system32\winug32.exe
O4 - HKLM\..\RunOnce: [crzi32.exe] C:\WINDOWS\system32\crzi32.exe
O4 - HKLM\..\RunOnce: [crtu.exe] C:\WINDOWS\system32\crtu.exe
O4 - HKLM\..\RunOnce: [apiyw32.exe] C:\WINDOWS\system32\apiyw32.exe
O4 - HKLM\..\RunOnce: [netge32.exe] C:\WINDOWS\system32\netge32.exe
O4 - HKLM\..\RunOnce: [mfcbi32.exe] C:\WINDOWS\system32\mfcbi32.exe
O4 - HKLM\..\RunOnce: [ntrf.exe] C:\WINDOWS\system32\ntrf.exe
O4 - HKLM\..\RunOnce: [appfc32.exe] C:\WINDOWS\system32\appfc32.exe
O4 - HKLM\..\RunOnce: [ieep32.exe] C:\WINDOWS\ieep32.exe
O4 - HKLM\..\RunOnce: [mfckj32.exe] C:\WINDOWS\mfckj32.exe
O4 - HKLM\..\RunOnce: [ipeg.exe] C:\WINDOWS\ipeg.exe
O4 - HKLM\..\RunOnce: [atlgg32.exe] C:\WINDOWS\system32\atlgg32.exe
O4 - HKLM\..\RunOnce: [appgl32.exe] C:\WINDOWS\system32\appgl32.exe
O4 - HKLM\..\RunOnce: [sdktq32.exe] C:\WINDOWS\system32\sdktq32.exe
O4 - HKLM\..\RunOnce: [mfcwz32.exe] C:\WINDOWS\mfcwz32.exe
O4 - HKLM\..\RunOnce: [mfcuv.exe] C:\WINDOWS\system32\mfcuv.exe
O4 - HKLM\..\RunOnce: [atlbs.exe] C:\WINDOWS\system32\atlbs.exe
O4 - HKLM\..\RunOnce: [apizw32.exe] C:\WINDOWS\apizw32.exe
O4 - HKLM\..\RunOnce: [craw.exe] C:\WINDOWS\craw.exe
O4 - HKLM\..\RunOnce: [sdktz32.exe] C:\WINDOWS\sdktz32.exe
O4 - HKLM\..\RunOnce: [sysnh32.exe] C:\WINDOWS\system32\sysnh32.exe
O4 - HKLM\..\RunOnce: [netzm32.exe] C:\WINDOWS\netzm32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\GameClient.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://anu.popcap.com/games/popcaploader_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D934B0F-C173-4683-B68F-CE3C7E158D1E}: NameServer = 12.102.244.4 204.127.129.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D934B0F-C173-4683-B68F-CE3C7E158D1E}: NameServer = 12.102.244.4 204.127.129.4
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Network Security Service (NSS) ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\javayg32.exe" /s (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

2
Contributors
8
Replies
9
Views
12 Years
Discussion Span
Last Post by swatkat
0

Hi,
Open NotePad, and copy the contents of the below "Quote" box:-

cd %windir%
attrib -s -r -h iehl32.exe
del iehl32.exe
attrib -s -r -h addoe32.exe
del addoe32.exe
attrib -s -r -h javayg32.exe
del javayg32.exe
attrib -s -r -h atlxk32.exe
del atlxk32.exe
attrib -s -r -h sdkig32.exe
del sdkig32.exe
attrib -s -r -h javadd32.exe
del javadd32.exe
attrib -s -r -h syscu.exe
del syscu.exe
attrib -s -r -h ieep32.exe
del ieep32.exe
attrib -s -r -h mfckj32.exe
del mfckj32.exe
attrib -s -r -h ipeg.exe
del ipeg.exe
attrib -s -r -h mfcwz32.exe
del mfcwz32.exe
attrib -s -r -h apizw32.exe
del apizw32.exe
attrib -s -r -h craw.exe
del craw.exe
attrib -s -r -h sdktz32.exe
del sdktz32.exe
attrib -s -r -h netzm32.exe
del netzm32.exe
cd system32
attrib -s -r -h mfcxs32.exe
del mfcxs32.exe
attrib -s -r -h addpw32.exe
del addpw32.exe
attrib -s -r -h sdkay.exe
del sdkay.exe
attrib -s -r -h ipxv32.exe
del ipxv32.exe
attrib -s -r -h appcx.exe
del appcx.exe
attrib -s -r -h appwj32.exe
del appwj32.exe
attrib -s -r -h winug32.exe
del winug32.exe
attrib -s -r -h crzi32.exe
del crzi32.exe
attrib -s -r -h crtu.exe
del crtu.exe
attrib -s -r -h apiyw32.exe
del apiyw32.exe
attrib -s -r -h netge32.exe
del netge32.exe
attrib -s -r -h mfcbi32.exe
del mfcbi32.exe
attrib -s -r -h ntrf.exe
del ntrf.exe
attrib -s -r -h appfc32.exe
del appfc32.exe
attrib -s -r -h atlgg32.exe
del atlgg32.exe
attrib -s -r -h appgl32.exe
del appgl32.exe
attrib -s -r -h sdktq32.exe
del sdktq32.exe
attrib -s -r -h mfcuv.exe
del mfcuv.exe
attrib -s -r -h atlbs.exe
del atlbs.exe
attrib -s -r -h sysnh32.exe
del sysnh32.exe

Go to File Menu > Save As, and save the file with the name Test.bat and exit from NotePad.


Download Ewido and install it. Then run, you will receive a warning message saying "Database not found", click "OK" for this. Next in the main screen, click "Update" and click "Start Update". After the update process, exit from Ewido.

Download CCleaner and install it.


Make Windows to show all files:-
Go to Start > My Computer.
Go to Tools menu, click Folder Options (Folder Option will be in View Menu in Win98).
Uncheck Hide protected operating system files.
Then, click to select the option Show hidden files and folders.
Click Apply and then click OK to exit.


Reboot in Safe Mode:-
Restart (or switch ON) the PC.
Then, keep tapping the F8 Key.
From the menu that will be displayed, out of which choose Safe Mode and press Enter.


Run HijackThis and click Do only a System scan.
Then put a check mark infront of below listed entries:-

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {11385C18-9788-41BB-1120-99D508537CF7} - C:\WINDOWS\system32\crvi32.dll (file missing)
O2 - BHO: Class - {21204F9B-E08B-9E2A-C0B8-0DA765FD3394} - C:\WINDOWS\winel32.dll
O2 - BHO: Class - {24D87AB5-7115-66D2-F97A-234319B569B2} - C:\WINDOWS\netxr.dll (file missing)
O2 - BHO: Class - {3F83AEC3-983B-9E28-2594-47C2D6EF242D} - C:\WINDOWS\msls32.dll (file missing)
O2 - BHO: Class - {424ECF3F-0AA2-ED97-35AB-180E7F0F8EB4} - C:\WINDOWS\addoe32.dll (file missing)
O2 - BHO: Class - {A2E2EDE4-E2D3-F3DF-1F23-8C3BEE10E0AA} - C:\WINDOWS\system32\netzs.dll (file missing)
O2 - BHO: Class - {E7077AA3-E05A-805B-4D85-F99FE9283C46} - C:\WINDOWS\d3fi32.dll
O4 - HKLM\..\Run: [addoe32.exe] C:\WINDOWS\addoe32.exe
O4 - HKLM\..\Run: [iehl32.exe] C:\WINDOWS\iehl32.exe
O4 - HKLM\..\RunOnce: [javayg32.exe] C:\WINDOWS\javayg32.exe
O4 - HKLM\..\RunOnce: [addpw32.exe] C:\WINDOWS\system32\addpw32.exe
O4 - HKLM\..\RunOnce: [atlxk32.exe] C:\WINDOWS\atlxk32.exe
O4 - HKLM\..\RunOnce: [sdkig32.exe] C:\WINDOWS\sdkig32.exe
O4 - HKLM\..\RunOnce: [javadd32.exe] C:\WINDOWS\javadd32.exe
O4 - HKLM\..\RunOnce: [mfcxs32.exe] C:\WINDOWS\system32\mfcxs32.exe
O4 - HKLM\..\RunOnce: [syscu.exe] C:\WINDOWS\syscu.exe
O4 - HKLM\..\RunOnce: [sdkay.exe] C:\WINDOWS\system32\sdkay.exe
O4 - HKLM\..\RunOnce: [ipxv32.exe] C:\WINDOWS\system32\ipxv32.exe
O4 - HKLM\..\RunOnce: [appcx.exe] C:\WINDOWS\system32\appcx.exe
O4 - HKLM\..\RunOnce: [appwj32.exe] C:\WINDOWS\system32\appwj32.exe
O4 - HKLM\..\RunOnce: [winug32.exe] C:\WINDOWS\system32\winug32.exe
O4 - HKLM\..\RunOnce: [crzi32.exe] C:\WINDOWS\system32\crzi32.exe
O4 - HKLM\..\RunOnce: [crtu.exe] C:\WINDOWS\system32\crtu.exe
O4 - HKLM\..\RunOnce: [apiyw32.exe] C:\WINDOWS\system32\apiyw32.exe
O4 - HKLM\..\RunOnce: [netge32.exe] C:\WINDOWS\system32\netge32.exe
O4 - HKLM\..\RunOnce: [mfcbi32.exe] C:\WINDOWS\system32\mfcbi32.exe
O4 - HKLM\..\RunOnce: [ntrf.exe] C:\WINDOWS\system32\ntrf.exe
O4 - HKLM\..\RunOnce: [appfc32.exe] C:\WINDOWS\system32\appfc32.exe
O4 - HKLM\..\RunOnce: [ieep32.exe] C:\WINDOWS\ieep32.exe
O4 - HKLM\..\RunOnce: [mfckj32.exe] C:\WINDOWS\mfckj32.exe
O4 - HKLM\..\RunOnce: [ipeg.exe] C:\WINDOWS\ipeg.exe
O4 - HKLM\..\RunOnce: [atlgg32.exe] C:\WINDOWS\system32\atlgg32.exe
O4 - HKLM\..\RunOnce: [appgl32.exe] C:\WINDOWS\system32\appgl32.exe
O4 - HKLM\..\RunOnce: [sdktq32.exe] C:\WINDOWS\system32\sdktq32.exe
O4 - HKLM\..\RunOnce: [mfcwz32.exe] C:\WINDOWS\mfcwz32.exe
O4 - HKLM\..\RunOnce: [mfcuv.exe] C:\WINDOWS\system32\mfcuv.exe
O4 - HKLM\..\RunOnce: [atlbs.exe] C:\WINDOWS\system32\atlbs.exe
O4 - HKLM\..\RunOnce: [apizw32.exe] C:\WINDOWS\apizw32.exe
O4 - HKLM\..\RunOnce: [craw.exe] C:\WINDOWS\craw.exe
O4 - HKLM\..\RunOnce: [sdktz32.exe] C:\WINDOWS\sdktz32.exe
O4 - HKLM\..\RunOnce: [sysnh32.exe] C:\WINDOWS\system32\sysnh32.exe
O4 - HKLM\..\RunOnce: [netzm32.exe] C:\WINDOWS\netzm32.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\GameClient.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://anu.popcap.com/games/popcaploader_v6.cab
O23 - Service: Network Security Service (NSS) ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\javayg32.exe" /s (file missing)

Close all other open programs except Hijackthis and click the button Fix Checked in HijackThis.


Double-Click on the file Test.bat, a small DOS type window should open and close immediately.

Run CCleaner, click "Options" button and here go to "Advanced" tab and uncheck the option "Only delete files in Windows Temp folder older than 48 hours".
Click OK to exit from the Options.
Finally click "Run Cleaner" and click "OK" to continue cleaning.

Run Ewido, click on the "Scanner" button in the left menu, then click on the "Start" button.
If ewido finds anything, it will pop up a notification. You can select "Clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on OK.
When the scan finishes, click on "Save Report". This will create a text file.


Reboot to Normal Mode. Run HijackThis again, click Do a System scan and save log, and post the fresh log along with the Ewido log.

0

thanks a ton for helping me out!
i really appreciate it!

i didnt have any problems with your directions.

heres the HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 10:42:44 PM, on 8/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {42A72D7B-97C0-DF8C-21C4-4B2E4F6B1A0A} - C:\WINDOWS\system32\msor32.dll (file missing)
O2 - BHO: Class - {AEC09CC4-4C18-178C-38D0-22D9E0B785FD} - C:\WINDOWS\msqs32.dll (file missing)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [ntvu.exe] C:\WINDOWS\ntvu.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\javayg32.exe" /s (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

0

and heres the ewido log:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------


+ Created on:           10:36:27 PM, 8/4/2005
+ Report-Checksum:      8611EC67


+ Scan result:


HKLM\SOFTWARE\Classes\CLSID\{05CFF62B-F8EF-A6A3-C2D8-0649EE07F197} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{07F0CAA0-8206-9DCC-5402-D4CC24EC1764} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{16C710FD-4C93-9C02-15FC-681DF7937350} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1C1F1B09-C5DE-0C47-B128-B83F5668EB83} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1D232F9D-941D-5CD9-732F-8F6EC1977CF2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{207FA229-5C54-6B41-BFEE-0F4A12371E70} -> Spyware.MidAddle : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{26F5CDB0-3ADD-70F3-F30F-8DD2B92D52FF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2D7C78D3-F49A-8BD3-9A98-41F319D802B2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{36A41F9E-B433-C078-89AE-486D2624C972} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{38BCC2CD-AF0A-EC41-D4CB-035F1C7378C9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{44A4F449-ADED-A513-8AE7-5A3DDF205F49} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4FFB405E-2D99-7374-B6D3-F0CD9DC8744E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5F1C7FC6-359E-6D58-42B3-3E410DB4CADB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6A493714-8012-621E-A09E-CD80FF52FB1F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7394CC45-E29E-AC0B-19B4-FA1B376B3209} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{76321C6A-B800-93A4-24BB-B1F318D2A8E0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{83CBE2FB-4038-4351-9B1C-E69BF75962AA} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8BB0647D-D9C2-CB7B-7651-2618BD82261B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{98832348-0E38-D102-51A5-517934760119} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BC0FE7F5-AD1D-A795-C683-F3EB54072EFE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BD00AB82-F105-58F8-2B31-B600383177E6} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C432F8C9-5E41-F564-674E-C21B8257061B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E2C9F72D-0138-BCB7-FEC5-19DFD2369867} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E5181BB3-B821-0D7B-D568-3766286D5460} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F2903213-C2D0-B852-F56D-8B10D6C8C121} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F55B9B22-5BAA-C8BB-5C3F-3E652D794BF7} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F9611D23-F7B8-A44B-E962-46EE65E5DBA4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FDEDD1BB-EE5D-1AF2-C50B-11681C5E2A93} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SE -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SW -> Spyware.CoolWebSearch : Cleaned with backup
C:\Documents and Settings\Alex\Desktop\hijackthis\backups\backup-20050803-155649-166.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\CP8T4TOL\CursorManiaSetup2.0.3.26[1].exe -> Spyware.MyWebSearch : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Zach\Application Data\Mozilla\Firefox\Profiles\48cbbbzq.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Zach\Cookies\zach@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Zach\Cookies\zach@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Zach\Cookies\zach@free.wegcash[2].txt -> Spyware.Cookie.Wegcash : Cleaned with backup
C:\Documents and Settings\Zach\Cookies\zach@hypertracker[2].txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\Zach\Cookies\zach@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Zach\Cookies\zach@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Zach\Local Settings\Application Data\Wildtangent\Cdacache\00\00\0F.dat/files\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
C:\hijackthis\backups\backup-20050803-155649-166.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\hijackthis\backups\backup-20050804-214252-973.dll -> Not-A-Virus.PornWare.PopCap.b : Cleaned with backup
C:\QUARANTINE\addsr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\apiio.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\crai.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\crqi.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\crvi32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\QUARANTINE\crwk32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\d3di32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\d3gc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\d3ly.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\d3tt32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\mfciy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\mfckd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\msls32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\QUARANTINE\msym32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\netxr.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\QUARANTINE\netzs.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\QUARANTINE\ntmc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\ntrd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\sdkfg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\QUARANTINE\sysua32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\AC3API.INI:glibm -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\AC3API.INI:gvwtw -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\AC3API.INI:opxbg -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\AC3API.INI:wffgqu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\AC3API.INI:wpwhln -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\adddm.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addgd32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\addht32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addnf32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addoz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addrf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addvs32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\afjoc.txt:prrdw -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\angcq.dat:yahbaz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apigf32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apiiu.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apiiv.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\apiml.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apirw.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appmi32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apptf.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apptp32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appyx32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlqk32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlrs32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlus.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlwo.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlyb32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\bcupd.txt:dzyqw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\bcupd.txt:qhers -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\bcupd.txt:yqbkal -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\beazg.dat:lhkoj -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Blue Lace 16.bmp:auugig -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\BOOTSTAT.DAT:retmi -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\BOXERJAM.INI:pqomfx -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\BOXERJAM.INI:xhegzf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\BOXERJAM.INI:xytoiq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\BOXERJAM.INI:zlcws -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\bzfxz.dat:mikyw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\bzfxz.dat:sunllq -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\cdPlayer.ini:adfagb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cdPlayer.ini:clyix -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\cdPlayer.ini:hohkt -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\cdPlayer.ini:hxhnhx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\cjvpy.txt:ppyuq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\CLOCK.AVI:azwtd -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\CLOCK.AVI:ersgkd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\CLOCK.AVI:hplcmp -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\CLOCK.AVI:rskznt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\CLOCK.AVI:xkdulh -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:cfzjq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:hwlnwa -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:kkley -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:mejtt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:nxotmv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\CONTROL.INI:dwqehl -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\CONTROL.INI:mdtqc -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\corelpf.lrs:gyhygy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\corelpf.lrs:ojfma -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crav.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crkl.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crnu.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crpy32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crrp.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crrx32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crut.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crvj.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3ah.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\d3kl.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3ld32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3nl32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3qj.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3vj.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3wd32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3xl.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3xy32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\DELL.BMP:klyqxp -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\DELL.BMP:minec -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\DELL.BMP:tcukle -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\DESKTOP.INI:dahea -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\DESKTOP.INI:klvosu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dfuow.txt:irnlo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\dfuow.txt:qzkrcs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ecaxv.txt:kxkyj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ecaxv.txt:nimtp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ecaxv.txt:xcypy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ehbuv.dat:zjktm -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\flmzs.txt:kcvli -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fzbcj.txt:fidspb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\fzbcj.txt:pylqgx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fzbcj.txt:ralrgz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\fzbcj.txt:zvdji -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ghfxd.dat:pjighw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Gone Fishing.bmp:dfezkh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Gone Fishing.bmp:mubnlk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Gone Fishing.bmp:ubqxn -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Greenstone.bmp:qkglmo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Greenstone.bmp:rbspq -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Greenstone.bmp:zzqkpg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hhfoj.dat:ccdim -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hhfoj.dat:vywefj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hilet.dat:qbjtqd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hiomv.txt:rcotu -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\hiomv.txt:ztwzzq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hlzlz.dat:fvthj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hlzlz.dat:fxusht -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hmwgy.dat:ecoimr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hqjhd.txt:cdreq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hqjhd.txt:cykldt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hqjhd.txt:suomut -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ieck32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iedp.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iedu32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iefi.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iefr32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ieqs.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipht32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipip.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipix32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipku32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipps32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipqx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iprp.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipsw.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iptu32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\iptu32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipul32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javacz32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javacz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\javafm.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javajj32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javaqs32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javatg.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javazw32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\jgsap.txt:ohotg -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\jhdkz.txt:xoejvu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\jledo.txt:megpap -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\jledo.txt:ybeov -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\jpeuq.txt:odwikm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\jsfoo.dat:bputya -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\jsfoo.dat:dctrch -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\jsmhc.txt:tvfge -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\kdihl.txt:xctmag -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\klsjo.dat:wvkcx -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\klsjo.dat:zizdc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\kystk.dat:dnmrj -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\kystk.dat:qddzcq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Live.bmp:jchhs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Live.ico:xfkceh -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\lriti.txt:kadpb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\lriti.txt:yrkirj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\lunuf.txt:ewira -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\lunuf.txt:gaijcs -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\lunuf.txt:sungnl -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcaj.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcda.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcda32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcdn32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfced32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfciz32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfclp.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcmf32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcmp.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcpn32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfctq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcvo32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfpli.txt:hwnvt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mgdsc.dat:nbohx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mgipb.dat:aeuqi -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\mgipb.dat:opxbg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mkeop.txt:dozrby -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mkeop.txt:dzaebf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mkeop.txt:mtmpv -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\mnhok.dat:lzpgle -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\MSDFMAP.INI:gwtnn -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\MSDFMAP.INI:qfbfl -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\MSDFMAP.INI:xfdml -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\mser32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msie.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msih.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msoffice.ini:igqsb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\msqs32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\msto.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mswv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msyk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\muopl.txt:dicuc -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\mwxfi.dat:xupar -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netae32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netgm.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netgo.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netho32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\netxr.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netyu.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\nlakl.txt:cydbor -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\nlakl.txt:dgfae -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nlakl.txt:ffzchb -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\nlakl.txt:hogtm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nlakl.txt:oadwxs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nltcb.dat:nmjlt -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\nsreg.dat:aokvsz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\nsreg.dat:bhnxh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nsreg.dat:eforth -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\nsreg.dat:gnhcpe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\nsreg.dat:pvhnm -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\nsreg.dat:setdy -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\nsreg.dat:zaeayz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntgu.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nthz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntiu32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ntiz32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntmj32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ntof32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntsn.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nttu32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntus.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntvu.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nzxog.txt:xrxio -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\n_axsxqa.txt:pnuyhi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_axsxqa.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ayawsa.txt:gwaunw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_ayawsa.txt:skieuc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_ayawsa.txt -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_busaco.txt:yomdp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_cthfuc.txt:inndbk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_cthfuc.txt:spkyi -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_cthfuc.txt -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_ecgyjs.dat:oxoxsb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_elkhsb.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_fctjms.dat:nhtclr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_fctjms.dat:vyobp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_fctjms.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_hbcoad.txt:bkqpwg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_hbcoad.txt:spzgm -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\n_hbcoad.txt:yxtzpg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_hbcoad.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_hqrlws.txt:ickwv -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\n_hqrlws.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_otnmdp.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ungipx.txt:dqkri -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ungipx.txt:lwnul -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\n_ungipx.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_vubwwh.txt:huari -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\n_vubwwh.txt -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_wvqdur.dat:tdvpr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_wvqdur.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_yyllaq.txt:fwpvr -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\n_yyllaq.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\oagti.txt:kmdxg -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:abpmk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\odwik.txt:wlzrg -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ogxyt.txt:qxagn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\opodx.txt:njxtrg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\opodx.txt:uhvqx -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\opodx.txt:vcnosq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ORUN32.INI:khjzyt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ORUN32.INI:lwwpz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ORUN32.INI:qarclz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ORUN32.ISU:hmcbc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ORUN32.ISU:iwmaiy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ORUN32.ISU:umprmt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ORUN32.ISU:yayzno -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\oyhsy.txt:efbftd -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\oyhsy.txt:nltcbs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\oyhsy.txt:obgbjq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\oyhsy.txt:vaimpo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\pjhmj.txt:adiklo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\pjhmj.txt:dtfgze -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\pjhmj.txt:vdnjzm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\pkilc.dat:ebgat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\pkilc.dat:txduv -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\PowerReg.dat:zswpzh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Prairie Wind.bmp:hlrtpn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ptmwt.txt:kdtxmb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\pttdi.txt:ezhms -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\QTFont.for:kkwiq -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\QTFont.qfn:qpbfc -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\qxumd.txt:nvixvv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\qxumd.txt:qkaiqf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\rbdqo.dat:sccckh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\rbdqo.dat:uiboyv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\REGLOCS.OLD:kykfdk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\REGLOCS.OLD:toeve -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\REGLOCS.OLD:vmaam -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\reneq.dat:bqmqy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\reneq.dat:hzlqtj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Rhododendron.bmp:crlfmx -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\Rhododendron.bmp:mppby -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\River Sumida.bmp:cofklq -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\River Sumida.bmp:qeubeu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\River Sumida.bmp:riywzl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\rjjtt.txt:olipjl -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\rjjtt.txt:qoyupy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\roipc.txt:pgpehe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Route32.INI:iffpgw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Route32.INI:rttgb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Route32.INI:xqalu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\rqnpt.dat:ujtavt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Santa Fe Stucco.bmp:agxuag -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Santa Fe Stucco.bmp:hetcdv -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\Santa Fe Stucco.bmp:jhiasi -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\SBWIN.INI:aisxez -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SBWIN.INI:rxghdv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdahd.txt:qubciz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdahd.txt:zcslml -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkdw32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkkj.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkse.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkvw.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkxq32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\setupapi.log.0.old:jdlqow -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\setupapi.log.0.old:owsrdm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\siepr.txt:gwkfxx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\skdyl.dat:dzjtxi -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\skdyl.dat:hvnacl -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\skdyl.dat:iejtmc -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\slkit.txt:hvetg -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\smscfg.ini:cpiyz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\smscfg.ini:edaeqb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\smscfg.ini:lnswij -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\smscfg.ini:rgxve -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\smscfg.ini:znkuq -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Soap Bubbles.bmp:crayup -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\Soap Bubbles.bmp:ofxtg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Soap Bubbles.bmp:sddud -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sysag.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysgl.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sysgl.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysgy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysip.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysjx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\syskh32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysne32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sysqh32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM.INI:eokkcu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM.INI:vauzrs -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM.INI:zyauvd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\123.45 -> TrojanDownloader.WinShow.ay : Cleaned with backup
C:\WINDOWS\SYSTEM32\addfr32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\addiv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\addkv32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\addpf.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\addtj.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\addup32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\addxm32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\addxw.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\apigy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\apioe32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\apipo.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\apitg32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\apiup.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\apixv.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\appfa32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\appkg32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\appkw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\appme.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\appua.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\appup32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlaf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlap32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlds.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlgy32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlhb32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlmm32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlnq.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlpb32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\craz.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\crbc.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\crbr32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\crdl32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\crhb32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\crkk32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\crnk32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\crpn32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\crse32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\crvc.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\d3az32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\d3bj.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\d3eo32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\d3rk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\d3vi.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\d3wc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\d3yv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\iedr32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\iegl.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\iejy32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ielm.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\iemd.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\ieqd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\iexw32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ieyl.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\ieyo.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ieyy32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipbg32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipgg32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipyr32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipyy.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipzk.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipzs32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\javaba32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\javafr.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\javaio32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\javapf.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\javasu32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\javasw.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcda32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcit32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcjz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfckb.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcmv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcon32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcoq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcqc32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcsd.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcse32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcta32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcym.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcyu32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcyv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcza.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfczd.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\msak32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\msor32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\msor32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\msut.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mswh32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\msyn.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\netad32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\netaz32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\netcg32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\netjv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\netod32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\netse.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\nettj.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\netvt32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\netza32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntdq32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntmk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntut.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdkcl32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdkkf32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdklh.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdkpv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdkyg32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdkyh.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\syskt32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\systg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysue32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysuz32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\winct32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\windy32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\winff.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\winjp.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\winpb32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\winvz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\winxf.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\systk32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysvw.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysvz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysxb32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysxr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\syszr32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Textart.INI:bqnga -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Textart.INI:vattv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Textart.INI:wdtjkd -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\tpqwy.txt:cqcir -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\tpqwy.txt:swhmc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\tpqwy.txt:yjewq -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\tyecm.dat:khwem -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\tyecm.dat:tafjp -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ubtbo.txt:uehgr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ubtbo.txt:veona -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ubtbo.txt:wsjey -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ughgc.txt:ayool -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\uhdtl.txt:gamjvq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\uhdtl.txt:yhxlfw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\VB.INI:etibl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vjegx.txt:kbjilx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vjegx.txt:lzrzh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vjegx.txt:usnqg -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\vygvr.txt:hsekxx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vygvr.txt:mggkff -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vygvr.txt:snzhlx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\WIN.INI:kornnz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\WIN.INI:lhhgzz -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\WIN.INI:ouzeoy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\WIN.INI:sgvcka -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\WIN.INI:wqihz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winai.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\winak32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wined.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winhh32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\winim.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wininit.ini:euqjc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wininit.ini:hnrjib -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\wininit.ini:mdjhfq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wininit.ini:pexgof -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wininit.ini:unoqlu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winjm32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\winlo32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\WINNT.BMP:ipazax -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\WINNT256.BMP:mzlkeb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\WINNT256.BMP:xyxbz -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\winya32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\winyn.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wiplj.txt:gzeph -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\wiplj.txt:qmldkk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wlboe.txt:edumha -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wlboe.txt:hrkzg -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\WMSysPr9.prx:vrbpi -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\wzakp.txt:bownhx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wzakp.txt:fzbcjd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wzljd.txt:jthae -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wzljd.txt:nrucc -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\xiybf.dat:ktvrc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\xiybf.dat:mfzug -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\xqjgj.txt:czloxm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\yjnaz.txt:vurgqk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ykxmp.txt:jeurjs -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ynwux.dat:mshlz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ynwux.dat:ytxny -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\yujxo.txt:ebien -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ywczb.txt:jihtc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ywczb.txt:xgcec -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Zapotec.bmp:beaizj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Zapotec.bmp:biytvo -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Zapotec.bmp:osgten -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Zapotec.bmp:xsmsk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\zfrse.txt:tzisd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ztscu.dat:rqlni -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\zxquy.dat:lwocp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\zxquy.dat:tztbmd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\zxquy.dat:yhshgk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:aajuuu -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:aewzjs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:afemuq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:afvpb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:ahbjof -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:aimkln -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:ajwslr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:aowrva -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:avpal -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:aybii -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bdkbg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:beclz -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:beyhr -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bjalo -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bjhks -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:blljpj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:boqmy -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bptwd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bpugd -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bpvdq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bqxpy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:brlhf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:brqqe -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bvdnd -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bzaod -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bzinn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:bzjbi -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cbvkra -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cdcpp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cdnfo -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cdryt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cjvjmt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cleuna -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cnvgaq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cqubov -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:ctdavs -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cusqq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cvncm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cwbbn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cwuohz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:czbihs -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dbcvpy -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dcpmgz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dgmejc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:diwojp -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dlwtmk -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dnwrf -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dopskp -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dqtev -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dvulq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dxkpqy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dyeycc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dzzuzb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:eclays -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:edxbe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:efefh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:eglug -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:eibzqa -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:eivmfq -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:ejakt -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:ekrpfb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:emgbm -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:emnyd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:eneejs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:enyhto -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:epdzgy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:epgawb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:erapqw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:erfrbk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:erprwy -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:eucqgp -> Spyware.Ipyn : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fbbmd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fcplub -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fildra -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fizmh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fjrdy -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fkqrfs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fkunr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fptpnb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fqbfc -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fqjqxo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:frzsb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:ftyrlf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fuxozy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fwity -> TrojanDownloader.Agent.bc : Cleaned with backup



::Report End

thanks again!

Edited by happygeek: fixed formatting

0

new update: AIM now works but Add/REmove programs still shows that I have 180 Search Assistent

0

Hi,
Log looks cleaner now :) But there are some more things to remove :)
Open NotePad, and copy the contents of the below "Quote" box:-

cd %windir%
attrib -s -r -h ntvu.exe
del ntvu.exe
attrib -s -r -h javayg32.exe
del javayg32.exe

Go to File Menu > Save As, and save the file with the name Remove.bat and exit from NotePad.

Please download SpywareBlaster and install it.


Boot in safe mode.


Go to Start > Run and type services.msc and press ENTER. In the Services window that opens up, navigate to the service named Network Security Service ( 11Fßä#·ºÄÖ`I) and right-click it, and select "Properties".
In the Property window, click Stop in the "Service Status" option box. After this, in the "Startup" option box, select Disabled from the dropdown menu. Click "Apply" and then "OK".


Run HijackThis and click Do only a System scan.
Then put a check mark infront of below listed entries:-

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
O2 - BHO: Class - {42A72D7B-97C0-DF8C-21C4-4B2E4F6B1A0A} - C:\WINDOWS\system32\msor32.dll (file missing)
O2 - BHO: Class - {AEC09CC4-4C18-178C-38D0-22D9E0B785FD} - C:\WINDOWS\msqs32.dll (file missing)
O4 - HKLM\..\Run: [ntvu.exe] C:\WINDOWS\ntvu.exe
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\javayg32.exe" /s (file missing)

Close all other open programs except Hijackthis and click the button Fix Checked in HijackThis.


Double-Click on the file Remove.bat, a small DOS type window should open and close immediately.


Run SpywareBlaster, and click "Enable All Protection" and close it.


Go to Add/Remove Programs, and remove the entry "180 Search Assistant". Does it give any error while removing?


Reboot to Normal Mode. Perform an online virus scan at Panda ActiveScan with the "Disinfection" option enabled. Save the log it gives after the scan.

Run HijackThis again, click Do a System scan and save log, and post the fresh log along with the Panda ActiveScan log.

0

Okay, somehow i lost Internet Explorer from my machine and can't find it anywhere :?: So i couldn't run the Panda Activescan and i wasn't sure if i should download a new Internet Explorer. 180 search assistent appears to be gone but Home Search Assistent is still in Add/Remove Programs.

I really appreciate all the time you've spent on helping me combat this persistant problem. thanks.

Logfile of HijackThis v1.99.1
Scan saved at 10:52:07 PM, on 8/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\AT&T\WnClient\Programs\WNConnect.exe
C:\PROGRA~1\AT&T\WnClient\Programs\WNCSMS~1.EXE
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D934B0F-C173-4683-B68F-CE3C7E158D1E}: NameServer = 204.127.129.3 12.102.244.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D934B0F-C173-4683-B68F-CE3C7E158D1E}: NameServer = 204.127.129.3 12.102.244.1
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

0

i ran CCleaner today and realized that Home Search Assistent is now gone from Add/Remove Programs. I don't have more of the side effects of it either. So it seem the problem is solved! :cheesy: The only question now is whether or not i should download a new Internet Explorer or not (i think i deleted it by accident when trying to remove Home Search Assistent earlier). Again, thanks a ton for all of your help!

0

Hi,
Log looks clean :)
You can download IE from here. It's better to have IE in your System, because you need it for Windows Update.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.