MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: problems, please help, hjt posted
March 31, 2020, 12:47:48 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
March 31, 2020, 12:47:48 PM

Login with username, password and session length
 Featured Sites:
News
New  Looking for cheap hardware and/or software?
Visit our new Online Store where you will be able to purchase from a reputable vendor by country.
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: problems, please help, hjt posted  (Read 4246 times)
Reddy
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 6


Bookmark and Share

View Profile
« on: September 08, 2005, 02:09:49 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version:
Problem Application Name & Version:
Problem Hardware Make & Model:
Error Messages:




I am having many problems with Ads and the BSOD, I have tried adaware and Spybot with no luck please help.

Logfile of HijackThis v1.99.0
Scan saved at 9:08:47 AM, on 9/8/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\program files\mcafee.com\vso\mcvsshld.exe
C:\Program Files\QUICKENW\QAGENT.EXE
C:\WINDOWS\System32\picsvr\picsvr.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\System32\msnncode.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\WINDOWS\System32\msinap.exe
C:\Program Files\ORiNOCO\Client Manager\CmLUC.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\cisvc.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\snmp.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\PeDevice\PeDev.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\sreddy\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = www.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie/button/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.juno.com/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R3 - URLSearchHook: (no name) - _{37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - (no file)
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\Aprps\cxtpls.dll
O2 - BHO: (no name) - {1D079C8A-FE38-4AF4-976F-B1D23853FE71} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {20B26F76-C660-4812-A1EA-C3E6E7BC3946} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {633E2C79-740D-429A-8833-5DA47061910B} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: LinkTracker Class - {8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} - C:\WINDOWS\System32\qlink32.dll
O2 - BHO: (no name) - {BD7517A5-25E3-4EF7-B89D-5D82DC08614D} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {C139B39B-04C6-4E0D-9375-0126F8DC5190} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {C1BC42BA-F0CE-449E-B687-BFD6740144DC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {CBAAB196-EDF8-4BBA-8177-02A1649DA0E3} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll
O2 - BHO: (no name) - {F4194754-E51A-44CC-BEF7-61C834F9CC01} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {F499B2F2-37D9-4192-ABD2-0636A8B1AA20} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {F5D7B36C-1DB4-469B-BF8B-B151FFD4915A} - C:\Program Files\CSBB\CSBB.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [CapFax] C:\Program Files\Classic PhoneTools\CapFax.EXE
O4 - HKLM\..\Run: [ConMgr.exe] "C:\Program Files\EarthLink 5.0\conmgr.exe"
O4 - HKLM\..\Run: [QAGENT] C:\Program Files\QUICKENW\QAGENT.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [cd1] c:\windows\system32\cd1.exe /nocomm
O4 - HKLM\..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKLM\..\Run: [kgnfct] c:\windows\system32\lgupasg.exe r
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [s3nU3FO] msnncode.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\JUSearch\juspc.exe" -w
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [d048RPipW] msinap.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Global Startup: ORiNOCO Client Manager.lnk = C:\Program Files\ORiNOCO\Client Manager\CmLUC.exe
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\Juno6\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\Juno6\qsacc\appres.dll/227
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.gitasupersite.iitk.ac.in/wfplayer/tdserver.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - ms-its:mhtml:file://c:\nosunel.mht!http://daemonlinks.net/script/lc.chm::/bridge-c46.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - ms-its:mhtml:file://c:\nosunex.mht!http://daemonlinks.net/script/ys.chm::/ysb_regular.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,72/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,15/mcgdmgr.cab
O20 - AppInit_DLLs: repairs.dll
O23 - Service: McAfee.com McShield - Unknown - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine - Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: System Startup Service  - Unknown - C:\WINDOWS\svcproc.exe (file missing)


Logged

 
sUBs
Global Moderator
Hero Member
*****

Karma: +0/-0
Offline Offline

Posts: 278


Bookmark and Share

View Profile
« Reply #1 on: September 08, 2005, 04:22:52 PM »

Hello and Welcome

Please subscribe to this thread to get immediate notification of fixes as soon as they are posted.

You are currently running an outdated version of HiJackThis. Please click on the link below to download the latest version:Delete your current HiJackThis.exe file  
 Double-click on the file you just downloaded.
 Click on the "Unzip" button to install the newer version.
 It will by default install to the directory - C:\Program Files\HiJackThis\
I require your next HJT log to be from this newer version


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Please download these additional files/programs.  Do not run them until instructed to do so.
Unless otherwise stated, they should be stored in same directory as the HiJackThis program.

CleanUp! - Install.

KillBox v2.0.0.175

Ewido Security Suite
  • Install Ewido Security Suite
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.
  • On the left hand side of the main screen click update.
  • Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.



Download Lavasoft's Ad-Aware & it's recently updated plug-in - VX2 Cleaner

Install both using the default options & then update Ad-Aware with the latest definitions.
Click on Add-ons in the lefthand column & select - VX2 Cleaner V2.0
Click Run Tool >>  "OK"
If something is found, click "Clean" as in the directions given.  
Click "Close", and exit Ad-Aware.


UNPLUG YOUR COMPUTER FOM THE INTERNET WHEN YOU HAVE FINISHED DOWNLOADING


Please save the following instructions in Notepad. I have customed my instructions on the assumption that you have Notepad 'on'. It may lead to some confusion should you choose to do otherwise.

If there's anything that you don't understand, kindly ask your question(s) before proceeding with the fixes. There should not be any open browsers when you are carrying out the procedures below.


IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Click Start->Run - type SERVICES.MSC & then click on the OK button
 Locate the service - System Startup Service    
 Double-click on it to open the Properties dialog.
 Stop the service by using the Stop button.
 Change the Startup type to Disabled & then click on the OK button

 Then start HiJackThis & go to Config>Misc.Tools...> Delete an NT service...
 In the popup box that appears, type in SvcProc   & then click on the OK button


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Uninstall the following programs, if present, using Control Panel->Add/Remove Programs:
    Surf SideKick
    Clear Search
    HyperLinker
    Delfin
    Auto Update
    Ebates_MoeMoneyMaker  
    CxtPls  
    CSBB

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


CLOSE ALL OTHER PROGRAMS & ALL OPEN WINDOWS

Run a scan with HiJackThis & select/tick the following & click "Fix checked" :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.juno.com/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R3 - URLSearchHook: (no name) - _{37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - (no file)
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\Aprps\cxtpls.dll
O2 - BHO: (no name) - {1D079C8A-FE38-4AF4-976F-B1D23853FE71} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {20B26F76-C660-4812-A1EA-C3E6E7BC3946} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {633E2C79-740D-429A-8833-5DA47061910B} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: LinkTracker Class - {8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} - C:\WINDOWS\System32\qlink32.dll
O2 - BHO: (no name) - {BD7517A5-25E3-4EF7-B89D-5D82DC08614D} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {C139B39B-04C6-4E0D-9375-0126F8DC5190} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {C1BC42BA-F0CE-449E-B687-BFD6740144DC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {CBAAB196-EDF8-4BBA-8177-02A1649DA0E3} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll
O2 - BHO: (no name) - {F4194754-E51A-44CC-BEF7-61C834F9CC01} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {F499B2F2-37D9-4192-ABD2-0636A8B1AA20} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {F5D7B36C-1DB4-469B-BF8B-B151FFD4915A} - C:\Program Files\CSBB\CSBB.dll (file missing)
O4 - HKLM\..\Run: [cd1] c:\windows\system32\cd1.exe /nocomm
O4 - HKLM\..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKLM\..\Run: [kgnfct] c:\windows\system32\lgupasg.exe r
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [s3nU3FO] msnncode.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [d048RPipW] msinap.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - ms-its:mhtml:file://c:\nosunel.mht!http://daemonlinks.net/script/lc.chm::/bridge-c46.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - ms-its:mhtml:file://c:\nosunex.mht!http://daemonlinks.net/script/ys.chm::/ysb_regular.cab
O20 - AppInit_DLLs: repairs.dll
O23 - Service: System Startup Service - Unknown - C:\WINDOWS\svcproc.exe (file missing)  



= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Launch KillBox.exe & select the following options:
  • Replace on Reboot
  • Use Dummy
  • end Explorer shell while killing file
  • unregister dlll before deleting * if it's not grayed out
Select all the filenames below & then click on Notepad's 'Edit' menu & select Copy
    C:\WINDOWS\System32\picsvr\picsvr.exe
    C:\WINDOWS\System32\msnncode.exe
    C:\WINDOWS\System32\msinap.exe
    C:\WINDOWS\dsr.dll
    C:\WINDOWS\System32\qlink32.dll
    c:\windows\system32\cd1.exe
    C:\WINDOWS\dinst.exe
    c:\windows\system32\lgupasg.exe
    c:\nosunel.mht
    c:\nosunex.mht
    C:\WINDOWS\System32\repairs.dll
    C:\WINDOWS\svcproc.exe
         
*  Go to the File menu, and choose Paste from Clipboard
*  Click on the dropdown menu next to Full Path of File to Delete field.
*  Verify that the filenames you pasted are found there
*  Click the RED X button.
*  Click Yes at the Delete on Reboot prompt.
*  Click Yes at the 'Pending Operations prompt'.

# If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, download and run missingfilesetup.exe. Then try Killbox again.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Next, please reboot your computer in SafeMode by doing the following:
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


If you have not done so already, please enable the viewing of Hidden files
From Windows Explorer, go to Tools>Folder Options> View tab.
  • Tick - Show hidden files and folder
  • Untick - Hide file extensions for known types
  • Untick - Hide protected operating system files
Click Yes to confirm & then click OK

Locate and delete the following folders, if present:
  • C:\Program Files\AutoUpdate\
    C:\Program Files\Ebates_MoeMoneyMaker\
    C:\WINDOWS\System32\picsvr\
    C:\Program Files\PeDevice\
    C:\Program Files\Aprps\
    C:\Program Files\CSBB\
    C:\Program Files\SurfSideKick 3\        
Locate and delete the following files:
  • C:\WINDOWS\System32\repairs.dll

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Run Cleanup! using the following configuration:

1. Click Options...
2. Set the slider to Standard CleanUp!
3. Uncheck the following:
  • Delete Newsgroup cache
  • Delete Newsgroup Subscriptions
  • Scan local drives for temporary files
4. Click OK
5. Press the CleanUp! button to start the program. Reboot/logoff when prompted.
* CleanUp! will not create any backups!!


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Launch Ad-Aware & click on the Start button
Select "Perform smart system scan" and click Next.  
Once the scan finishes, click "Next" again. Select all objects found (right click anywhere in the list of found objects and click "Select All Objects").  Click "Next" one more time, then "OK" to confirm the removal.

You will be prompted to set Ad-Aware to run on reboot, click "OK".  


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Run Ewido with it's updated definitions:(...it's important that all windows must be closed)
  • Click Scanner
  • Click Complete System Scan to begin scanning.
  • Click OK when prompted to clean files
With the first file it prompts to clean, select the option:
  • "Perform action on all infections"
  • Choose clean and click OK.
Once finished, click the Save report button & save the report to your desktop

** Ewido scan would require at least an hour. I suggest that you go grab a cup of coffee & do something else while you wait for it to complete.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


REBOOT TO NORMAL MODE


Perform an online scan with Internet Explorer with  Panda ActiveScan
  1. Click [Scan your PC] & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
  2. Click [Scan Now]
  3. Enter your e-mail address & click [Scan Now] ...begins downloading 8 MB Panda's ActiveX controls  
  4. Begin the scan by selecting My Computer
    • If it finds any malware, it will offer you a report.
    • Click on see report. Then click Save report
Post the contents of the report in your next reply

*You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
*Turn off the real time scanner of any existing antivirus program while performing the online scan



= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Download Trend Micro
Logged

 
Reddy
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 6


Bookmark and Share

View Profile
« Reply #2 on: September 13, 2005, 07:40:20 PM »

Logfile of HijackThis v1.99.1
Scan saved at 2:18:24 PM, on 9/13/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\QUICKENW\QAGENT.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\rdso\eetu.exe
C:\WINDOWS\System32\r?ndll32.exe
C:\Program Files\ORiNOCO\Client Manager\CmLUC.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\c3JlZGR5\command.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\snmp.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = www.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie/button/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
O2 - BHO: SDWin32 Class - {4FCAC220-66DE-44FE-8F73-7DA79EE64EAF} - C:\WINDOWS\System32\ilwuu.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [CapFax] C:\Program Files\Classic PhoneTools\CapFax.EXE
O4 - HKLM\..\Run: [ConMgr.exe] "C:\Program Files\EarthLink 5.0\conmgr.exe"
O4 - HKLM\..\Run: [QAGENT] C:\Program Files\QUICKENW\QAGENT.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ysbinstall_1] C:\WINDOWS\System32\ysbinstall_1
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\JUSearch\juspc.exe" -w
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Aida] C:\Program Files\rdso\eetu.exe
O4 - HKCU\..\Run: [Kmf] C:\WINDOWS\System32\r?ndll32.exe
O4 - Global Startup: ORiNOCO Client Manager.lnk = C:\Program Files\ORiNOCO\Client Manager\CmLUC.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\Juno6\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\Juno6\qsacc\appres.dll/227
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.gitasupersite.iitk.ac.in/wfplayer/tdserver.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,72/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,15/mcgdmgr.cab
O20 - Winlogon Notify: H323TSP - C:\WINDOWS\system32\SLLWOA.DLL
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\c3JlZGR5\command.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

Logged

 
Reddy
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 6


Bookmark and Share

View Profile
« Reply #3 on: September 13, 2005, 07:42:31 PM »


---------------------------------------------------------
 ewido security suite - Scan report
---------------------------------------------------------

 + Created on:         11:00:30 AM, 9/13/2005
 + Report-Checksum:      593BEA16

 + Scan result:

   HKLM\SOFTWARE\Classes\CLSID\{B5AB638F-D76C-415B-A8F2-F3CEAC502212} -> Spyware.AproposMedia : Cleaned with backup
   HKLM\SOFTWARE\Classes\CLSID\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA} -> Spyware.AproposMedia : Cleaned with backup
   HKLM\SOFTWARE\Classes\Interface\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA} -> Spyware.AproposMedia : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility -> Spyware.Delfin : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinDH -> Spyware.DealHelper : Cleaned with backup
   HKLM\SOFTWARE\Mvu -> Spyware.Delfin : Cleaned with backup
   HKLM\SOFTWARE\Pinfo -> Dialer.Generic : Cleaned with backup
   HKLM\SOFTWARE\Pinfo\Dialers -> Dialer.Generic : Cleaned with backup
   HKLM\SOFTWARE\SecureWin -> Spyware.Adlogix : Cleaned with backup
   HKLM\SOFTWARE\skin -> Spyware.Delfin : Cleaned with backup
   HKLM\SOFTWARE\SurfSideKick2 -> Spyware.SurfSide : Cleaned with backup
   HKLM\SOFTWARE\SurfSideKick2\Internet Explorer -> Spyware.SurfSide : Cleaned with backup
   HKU\S-1-5-21-2941628662-881602179-1917617078-1006\Software\Bundles -> Spyware.SecondThought : Cleaned with backup
   HKU\S-1-5-21-2941628662-881602179-1917617078-1006\Software\Mvu -> Spyware.Delfin : Cleaned with backup
   HKU\S-1-5-21-2941628662-881602179-1917617078-1006\Software\Pinfo -> Dialer.Generic : Cleaned with backup
   HKU\S-1-5-21-2941628662-881602179-1917617078-1006\Software\Pinfo\Dialers -> Dialer.Generic : Cleaned with backup
   HKU\S-1-5-21-2941628662-881602179-1917617078-1006\Software\Pinfo\Dialers\HotBlondes -> Dialer.Generic : Cleaned with backup
   HKU\S-1-5-21-2941628662-881602179-1917617078-1006\Software\Pinfo\Dialers\Lisa -> Dialer.Generic : Cleaned with backup
   [200] C:\WINDOWS\system32\SLLWOA.DLL -> Spyware.Look2Me : Error during cleaning
   [1136] C:\WINDOWS\system32\DQDXOF.DLL -> Spyware.Look2Me : Error during cleaning
   C:\!Submit\dinst.exe -> TrojanDownloader.Intexp.d : Cleaned with backup
   C:\!Submit\repairs.dll -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\Documents and Settings\All Users\Application Data\wsxs\patchme.exe -> Spyware.Delfin : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\1001 s*x and more.rtf.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\3D Studio Max 6 3dsmax.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\ACDSee 10.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Adobe Photoshop 10 crack.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Adobe Photoshop 10 full.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Adobe Premiere 10.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Ahead Nero 8.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Altkins Diet.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\American Idol.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Arnold Schwarzenegger.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Best Matrix Screensaver new.scr -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney s*x xxx.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney Spears and Eminem p*rn.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney Spears blowjob.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney Spears cumshot.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney Spears ****.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney Spears full album.mp3.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney Spears p*rn.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney Spears s*xy archive.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney Spears Song text archive.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney Spears.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Britney Spears.mp3.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Clone DVD 6.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Cloning.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Cracks & Warez Archiv.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Dark Angels new.pif -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Dictionary English 2004 - France.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\DivX 8.0 final.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Doom 3 release 2.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\E-Book Archive2.rtf.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Eminem blowjob.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Eminem full album.mp3.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Eminem Poster.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Eminem s*x xxx.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Eminem s*xy archive.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Eminem Song text archive.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Eminem Spears p*rn.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Eminem.mp3.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Full album all.mp3.pif -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Gimp 1.8 Full with Key.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Harry Potter 1-6 book.txt.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Harry Potter 5.mpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Harry Potter all e.book.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Harry Potter e book.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Harry Potter game.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Harry Potter.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\How to hack new.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Internet Explorer 9 setup.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Kazaa Lite 4.0 new.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Kazaa new.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Keygen 4 all new.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Learn Programming 2004.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Lightwave 9 Update.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Magix Video Deluxe 5 beta.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Matrix.mpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Microsoft Office 2003 Crack best.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Microsoft WinXP Crack full.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\MS Service Pack 6.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\netsky source code.scr -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Norton Antivirus 2005 beta.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Opera 11.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Partitionsmagic 10 beta.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\p*rno Screensaver britney.scr -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\RFC compilation.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Ringtones.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Ringtones.mp3.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Saddam Hussein.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Screensaver2.scr -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Serials edition.txt.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Smashing the stack full.rtf.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Star Office 9.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Teen p*rn 15.jpg.pif -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\The Sims 4 beta.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Ulead Keygen 2004.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Visual Studio Net Crack all.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Win Longhorn re.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\WinAmp 13 full.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Windows 2000 Sourcecode.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Windows 2003 crack.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\Windows XP crack.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\WinXP eBook newest.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Documents\AOL Downloads\XXX hardcore pics.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ntdt.exe -> Trojan.Pakes : Cleaned with backup
   C:\dsQwCXZv.exe -> TrojanDownloader.Agent.fw : Cleaned with backup
   C:\lf_6A0.tmp -> TrojanDownloader.Dluca : Cleaned with backup
   C:\lf_6C8.tmp -> TrojanDownloader.Dluca : Cleaned with backup
   C:\lf_73C.tmp -> TrojanDownloader.Dluca : Cleaned with backup
   C:\lf_740.tmp -> TrojanDownloader.Dluca : Cleaned with backup
   C:\lf_770.tmp -> TrojanDownloader.Dluca : Cleaned with backup
   C:\lf_780.tmp -> TrojanDownloader.Dluca : Cleaned with backup
   C:\lf_798.tmp -> TrojanDownloader.Dluca : Cleaned with backup
   C:\Program Files\Common Files\Uninstall Information\RemoveDisplayUtility.exe -> Spyware.Delfin : Cleaned with backup
   C:\Program Files\EarthLink 5.0\santhoshreddy@earthlink.net\Cookies\sreddy@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
   C:\Program Files\EarthLink 5.0\santhoshreddy@earthlink.net\Cookies\sreddy@track-star[1].txt -> Spyware.Cookie.Track-star : Cleaned with backup
   C:\Program Files\HijackThis\backups\backup-20050912-201753-107.dll -> Spyware.QLF : Cleaned with backup
   C:\Program Files\HijackThis\backups\backup-20050912-201753-682.dll -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\Program Files\HijackThis\backups\backup-20050912-201754-628.dll -> TrojanDownloader.IstBar : Cleaned with backup
   C:\Program Files\HijackThis\backups\backup-20050912-201754-698.dll -> Spyware.WinAD : Cleaned with backup
   C:\Program Files\Windows Media Player\wmplayer.exe.tmp -> Spyware.Pacer : Cleaned with backup
   C:\Q8276112.exe -> TrojanDownloader.Agent.fw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP22\A0012634.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP22\A0013605.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP23\A0013618.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP23\A0013620.dll -> TrojanDownloader.Apropo.ad : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP24\A0013634.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP24\A0013636.exe -> TrojanDownloader.Apropo.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP24\A0013637.exe -> TrojanDownloader.Agent.ed : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP24\A0013642.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP24\A0013667.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP24\A0013672.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP24\A0013684.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP24\A0013691.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP24\A0013715.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP24\A0013718.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013727.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013733.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013737.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013741.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013743.dll -> TrojanDownloader.Apropo.ad : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013754.exe -> TrojanDownloader.Apropo.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013755.exe -> TrojanDownloader.Agent.ed : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013760.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013773.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013778.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP26\A0013798.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013804.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013810.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013818.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013820.dll -> TrojanDownloader.Apropo.ah : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013832.exe -> TrojanDownloader.Apropo.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013833.exe -> TrojanDownloader.Agent.ed : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013838.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013839.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013851.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013860.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013867.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP27\A0013869.dll -> TrojanDownloader.Apropo.ah : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP28\A0013893.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP28\A0013900.exe -> TrojanDownloader.Apropo.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP28\A0013901.exe -> TrojanDownloader.Agent.ed : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP28\A0013906.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP28\A0013907.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP28\A0013917.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP29\A0013920.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP29\A0013926.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP30\A0013938.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP30\A0014926.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP30\A0014945.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP31\A0015009.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP31\A0015021.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP31\A0015033.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP31\A0015040.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015055.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015059.exe -> Spyware.Apropos : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015064.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015076.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015081.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015091.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015094.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015098.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015107.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015111.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015121.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015127.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015138.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015141.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015148.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015152.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015158.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015211.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015216.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015222.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015227.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015240.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015245.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP32\A0015269.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP33\A0015271.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP34\A0015275.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP34\A0015279.dll -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP34\A0015281.exe -> Spyware.WebRebates : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP34\A0015297.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP34\A0015298.exe -> Spyware.WebRebates : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP34\A0015299.exe -> Spyware.WebRebates : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP34\A0015311.exe -> Trojan.Imiserv.c : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP36\A0015435.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP36\A0015438.exe -> Spyware.Apropos : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP36\A0015622.exe -> TrojanDownloader.OneClickSearch.k : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP36\A0015633.dll -> TrojanDownloader.Dyfuca.cn : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP36\A0015635.exe -> Spyware.Apropos : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP38\A0016650.exe -> Spyware.Apropos : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP38\A0016693.dll -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP38\A0016695.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP38\A0016704.exe -> Trojan.Imiserv.c : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP38\A0016726.exe -> Spyware.Apropos : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0016802.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0017794.exe -> TrojanDropper.Small.qn : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0017803.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0017808.exe -> Spyware.Pacer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0017811.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0017812.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0017813.ocx -> Spyware.Delfin : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0017814.dll -> Spyware.Delfin : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0017815.exe -> Spyware.Delfin : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0017818.exe -> TrojanDownloader.Delmed.b : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP40\A0017823.exe -> Spyware.Pacer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0017829.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018794.exe -> Spyware.ISearch : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018795.exe -> TrojanDropper.Agent.lu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018796.exe -> TrojanDownloader.Agent.hw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018798.exe -> TrojanDownloader.Delmed.a : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018800.exe -> TrojanDownloader.Qoologic.ad : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018802.exe -> Spyware.Apropos : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018808.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018809.exe -> Spyware.Adstart : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018810.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018811.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018812.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018814.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018819.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018820.exe -> Spyware.180Solutions : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018828.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018829.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018830.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018833.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018834.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018835.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018836.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0018839.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019824.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019829.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019833.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019835.dll -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019840.exe -> TrojanDownloader.Apropo.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019841.exe -> Spyware.Delfin : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019842.exe -> TrojanDownloader.IstBar.ij : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019843.exe -> TrojanDownloader.Agent.ro : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019845.dll -> Spyware.SideFind : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019846.dll -> Spyware.SideFind : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019847.exe -> TrojanDownloader.IstBar.jm : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019848.dll -> Spyware.YourSiteBar : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019849.exe -> TrojanDownloader.IstBar.gi : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019850.exe -> Spyware.Adstart : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019851.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019852.exe -> TrojanDownloader.IstBar : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019853.exe -> Spyware.WinAD : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019859.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019863.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019865.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019875.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019877.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0019879.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020873.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020877.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020881.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020894.exe -> Trojan.Stervis.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020895.dll -> Trojan.Agent.ic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020896.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020904.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020905.exe -> Trojan.Pakes : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020909.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020910.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP41\A0020926.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020928.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020944.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020948.exe -> Trojan.Pakes : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020950.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020955.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020956.exe -> Trojan.Stervis.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020957.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020959.exe -> TrojanDownloader.Apropo.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020974.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020978.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP42\A0020980.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0020981.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0020984.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0020989.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0021006.exe -> Trojan.Pakes : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0021008.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0021009.dll -> Trojan.Agent.ic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0021010.exe -> Trojan.Stervis.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0021011.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0021013.exe -> TrojanDownloader.Apropo.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0021028.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0021032.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP43\A0021034.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021035.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021038.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021043.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021060.exe -> Trojan.Pakes : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021062.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021063.dll -> Trojan.Agent.ic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021064.exe -> Trojan.Stervis.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021065.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021067.exe -> TrojanDownloader.Apropo.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021082.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021084.exe -> Trojan.Pakes : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021087.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021089.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021139.exe -> Spyware.SurfAccuracy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021140.exe -> Spyware.SurfAccuracy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021143.exe -> Spyware.Apropos : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021144.exe -> Adware.BetterInternet : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021145.exe -> Trojan.Stervis.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021146.dll -> Trojan.Agent.ic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021147.dll -> Spyware.SurfSide : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021148.dll -> Spyware.SurfSide : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021149.exe -> Spyware.SurfSide : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021153.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021156.exe -> Trojan.Pakes : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021158.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021164.dll -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021165.dll -> Spyware.QLF : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021168.dll -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021170.exe -> TrojanDownloader.Intexp.d : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021175.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021178.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021180.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021186.exe -> Trojan.Pakes : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021188.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021203.exe -> Spyware.180Solutions : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021208.exe -> TrojanDownloader.Apropo.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021388.exe -> TrojanDownloader.Agent.ro : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021389.exe -> Spyware.DelphinMediaViewer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021390.exe -> Spyware.Apropos : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021391.exe -> Spyware.PurityScan : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP44\A0021394.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\WINDOWS\bundles\adl_dh.exe -> Spyware.DealHelper : Cleaned with backup
   C:\WINDOWS\bundles\adl_mteststub.exe -> Adware.eZula : Cleaned with backup
   C:\WINDOWS\bundles\HelperInstaller.exe -> TrojanDropper.Delf.z : Cleaned with backup
   C:\WINDOWS\bundles\rop_marketing_1_168.exe -> TrojanDropper.Small.kz : Cleaned with backup
   C:\WINDOWS\bundles\runsearch.exe -> Spyware.MegaSearch.d : Cleaned with backup
   C:\WINDOWS\bundles\saie1101.exe -> TrojanDropper.Small.mr : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\1001 s*x and more.rtf.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\3D Studio Max 6 3dsmax.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\ACDSee 10.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Ahead Nero 8.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Altkins Diet.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\American Idol.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Arnold Schwarzenegger.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Best Matrix Screensaver new.scr -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney s*x xxx.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney Spears and Eminem p*rn.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney Spears blowjob.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney Spears cumshot.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney Spears ****.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney Spears full album.mp3.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney Spears p*rn.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney Spears s*xy archive.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney Spears Song text archive.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney Spears.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Britney Spears.mp3.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Clone DVD 6.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Cloning.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Cracks & Warez Archiv.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Dark Angels new.pif -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Dictionary English 2004 - France.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\DivX 8.0 final.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Doom 3 release 2.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\E-Book Archive2.rtf.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Eminem blowjob.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Eminem full album.mp3.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Eminem Poster.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Eminem s*x xxx.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Eminem s*xy archive.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Eminem Song text archive.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Eminem Spears p*rn.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Eminem.mp3.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\exe -> TrojanDownloader.Agent.fw : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Full album all.mp3.pif -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Gimp 1.8 Full with Key.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Harry Potter 1-6 book.txt.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Harry Potter 5.mpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Harry Potter all e.book.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Harry Potter e book.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Harry Potter game.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Harry Potter.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\How to hack new.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Internet Explorer 9 setup.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Kazaa Lite 4.0 new.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Kazaa new.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Keygen 4 all new.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Learn Programming 2004.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Lightwave 9 Update.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Magix Video Deluxe 5 beta.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Matrix.mpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Microsoft Office 2003 Crack best.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Microsoft WinXP Crack full.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\MS Service Pack 6.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\netsky source code.scr -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Norton Antivirus 2005 beta.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Opera 11.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Partitionsmagic 10 beta.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\p*rno Screensaver britney.scr -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\RFC compilation.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Ringtones.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Ringtones.mp3.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Saddam Hussein.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Screensaver2.scr -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Serials edition.txt.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Smashing the stack full.rtf.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Star Office 9.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Teen p*rn 15.jpg.pif -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\The Sims 4 beta.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Ulead Keygen 2004.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Visual Studio Net Crack all.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Win Longhorn re.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\WinAmp 13 full.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Windows 2000 Sourcecode.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Windows 2003 crack.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\Windows XP crack.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\WinXP eBook newest.doc.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\XXX hardcore pics.jpg.exe -> Worm.NetSky.q : Cleaned with backup
   C:\WINDOWS\dsr.exe -> Trojan.Imiserv.c : Cleaned with backup
   C:\WINDOWS\SYSTEM32\acywex.exe -> Trojan.Agent.ay : Cleaned with backup
   C:\WINDOWS\SYSTEM32\ASEBKEN.dll -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\WINDOWS\SYSTEM32\ATTMFNET.dll -> TrojanDownloader.Small.rn : Cleaned with backup
   C:\WINDOWS\SYSTEM32\audzfcmt.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\AUNPS2.dll -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\WINDOWS\SYSTEM32\aunuag.exe -> Trojan.Pakes : Cleaned with backup
   C:\WINDOWS\SYSTEM32\AUUTOD.dll -> TrojanDownloader.Small.rn : Cleaned with backup
   C:\WINDOWS\SYSTEM32\Cache\cxtpls_loader.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\WINDOWS\SYSTEM32\CTREATME.exe -> Trojan.Agent.x : Cleaned with backup
   C:\WINDOWS\SYSTEM32\datadx.dll -> TrojanDownloader.Qoologic.ad : Cleaned with backup
   C:\WINDOWS\SYSTEM32\digglf.exe -> Spyware.Adstart : Cleaned with backup
   C:\WINDOWS\SYSTEM32\doolsav.dat -> Spyware.EliteBar : Cleaned with backup
   C:\WINDOWS\SYSTEM32\dun.exe -> Spyware.DealHelper : Cleaned with backup
   C:\WINDOWS\SYSTEM32\ECENTLOG.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\WINDOWS\SYSTEM32\evwudaha.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\EWSVC.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\WINDOWS\SYSTEM32\fysldijb.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\gbaeqvlx.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\guard.tmp -> Spyware.Look2Me : Cleaned with backup
   C:\WINDOWS\SYSTEM32\HookPopup.dll -> Spyware.DealHelper : Cleaned with backup
   C:\WINDOWS\SYSTEM32\htvrefmq.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\hvashjsu.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\ilwuud.exe -> Spyware.Adstart : Cleaned with backup
   C:\WINDOWS\SYSTEM32\ilwuuf.exe -> Spyware.Adstart : Cleaned with backup
   C:\WINDOWS\SYSTEM32\iokoixo.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
   C:\WINDOWS\SYSTEM32\ldhswqvg.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\lgxdsrtq.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\MIIMTF.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\WINDOWS\SYSTEM32\Mqsctx.exe -> Spyware.DealHelper : Cleaned with backup
   C:\WINDOWS\SYSTEM32\mvqpsqjm.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\nkczmdmh.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\novihwak.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\nsvsvc\nsv.ocx -> Spyware.Delfin : Cleaned with backup
   C:\WINDOWS\SYSTEM32\nsvsvc\nsvs.dll -> Spyware.Delfin : Cleaned with backup
   C:\WINDOWS\SYSTEM32\nunffsro.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\OLDB5.tmp -> TrojanDownloader.Agent.fw : Cleaned with backup
   C:\WINDOWS\SYSTEM32\pdbgkytk.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\PRXYTKCEUI.exe -> Trojan.Agent.x : Cleaned with backup
   C:\WINDOWS\SYSTEM32\pvqvp.dat -> Trojan.Pakes : Cleaned with backup
   C:\WINDOWS\SYSTEM32\qkyiddxt.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\qvuixjro.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\rmerucvd.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\rtopbabi.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\schgskgh.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\SNTRX.exe -> Trojan.Agent.x : Cleaned with backup
   C:\WINDOWS\SYSTEM32\sukzmrsd.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\svdjwmad.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\thitsjnk.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\tksrv98.exe -> TrojanDownloader.Esepor.Q : Cleaned with backup
   C:\WINDOWS\SYSTEM32\TRADIDUI.dll -> TrojanDownloader.Small.rn : Cleaned with backup
   C:\WINDOWS\SYSTEM32\Uninstaller.exe -> Spyware.DealHelper : Cleaned with backup
   C:\WINDOWS\SYSTEM32\wintask.exe -> TrojanDownloader.Small.abd : Cleaned with backup
   C:\WINDOWS\SYSTEM32\WM2HELP.DLL -> Spyware.Look2Me : Cleaned with backup
   C:\WINDOWS\SYSTEM32\wrzjavrk.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\xghbo.dll -> Spyware.Adstart : Cleaned with backup
   C:\WINDOWS\SYSTEM32\xghbof.exe -> Spyware.Adstart : Cleaned with backup
   C:\WINDOWS\SYSTEM32\xplugin.dll -> TrojanDownloader.Esepor.w : Cleaned with backup
   C:\WINDOWS\SYSTEM32\zkcwderi.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\SYSTEM32\zqlatlpa.exe -> TrojanDownloader.Dluca : Cleaned with backup
   C:\WINDOWS\telnet.exe -> TrojanDownloader.Agent.fw : Cleaned with backup


::Report End
Logged

 
Reddy
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 6


Bookmark and Share

View Profile
« Reply #4 on: September 13, 2005, 07:45:57 PM »


Incident                      Status                        Location                                                                                                                                                                                                                                                        

Adware:Adware/PurityScan      No disinfected                C:\Program Files\rdso\eetu.exe                                                                                                                                                                                                                                  
Adware:adware/ezula           No disinfected                C:\WINDOWS\SYSTEM32\ezPopStub.exe                                                                                                                                                                                                                              
Adware:adware/superspider     No disinfected                C:\WINDOWS\SYSTEM32\services                                                                                                                                                                                                                                    
Adware:adware/portalscan      No disinfected                C:\WINDOWS\SYSTEM32\winupdt.bin                                                                                                                                                                                                                                
Spyware:spyware/surfsidekick  No disinfected                C:\DOCUMENTS AND SETTINGS\SREDDY\APPLICATION DATA\Sskcwrd.dll                                                                                                                                                                                                  
Spyware:spyware/betterinet    No disinfected                C:\WINDOWS\INF\biini.inf                                                                                                                                                                                                                                        
Adware:adware/enhsrch         No disinfected                C:\WINDOWS\dinst.exe                                                                                                                                                                                                                                            
Adware:adware/sidesearch      No disinfected                C:\PROGRAM FILES\Lycos                                                                                                                                                                                                                                          
Adware:adware/myway           No disinfected                C:\PROGRAM FILES\MySearch                                                                                                                                                                                                                                      
Spyware:spyware/search3       No disinfected                C:\PROGRAM FILES\SEARCH3 TOOLBAR                                                                                                                                                                                                                                
Adware:adware/dealhelper      No disinfected                C:\WINDOWS\SYSTEM32\Newmsrdk                                                                                                                                                                                                                                    
Adware:adware/delfinmedia     No disinfected                C:\WINDOWS\SYSTEM32\nsvsvc                                                                                                                                                                                                                                      
Adware:adware/tvmedia         No disinfected                C:\WINDOWS\bundles                                                                                                                                                                                                                                              
Adware:adware/elitebar        No disinfected                C:\WINDOWS\EliteSideBar                                                                                                                                                                                                                                        
Spyware:spyware/dyfuca        No disinfected                C:\WINDOWS\STWSI                                                                                                                                                                                                                                                
Adware:adware/savenow         No disinfected                C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\nsv                                                                                                                                                                                                        
Adware:adware/powerscan       No disinfected                Windows Registry                                                                                                                                                                                                                                                
Spyware:Spyware/Dluca         No disinfected                C:\lf_524.tmp                                                                                                                                                                                                     Activescan
                                             
Spyware:Spyware/Dluca         No disinfected                C:\lf_698.tmp                                                                                                                                                                                                                                                  
Spyware:Spyware/Dluca         No disinfected                C:\lf_A2C.tmp                                                                                                                                                                                                                                                  
Logged

 
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page August 21, 2018, 11:58:54 PM