Hijack!!(Adwre.InternetOptimizr.SysPr otect.Ezula.Adlogix.Generic)and on! (RESOLVED)

**Lloyd** · 06-05-2006

Hello again,
Thank you again for helping me with my computer. But now im at my sisters computer after I told her how you helped me at my girls house, and oh boy!!!! Her's is MESSED UP!! I couldnt even get on the internet to get here without first going into safe mode and running a couple of hackthis sessions 5 to be exact, I also ran 1 kasperspy and 1 ewido. but i will list those in new post after i tell you what i did first. . And even typing this to you is still very hard because there are constant pop-ups that are hard to close down like this url right here ___http://www.ad-w-a-r-e.com/cgi-bin/PopupV2A?type=masked&region=homes/newhouseregion.rgn&flash=homes/newHouse.swf&keyword=homes___.I ran in safe mode hackthis once to see if there was anything immediately recognizable to me that i could delete. and saved 4 log files, the first one is before any changes the 2nd log is just to see what actually deleted on the 1st fix. then i saw that some that i recognized didn't delete so i checked them off again and tried to delete them and saved another log file being the 3rd. Then i tried running the smitfraud or smitrem and the atf cleaner then i ran a hijackthis to see if anything had dissapeared and saved another being the 4th, to get them, off all while in safe mode.. Now I go out of safe mode and I run ewido and tried to delete them and saved a log file of that. After which I run the kaspersky online and save that log file and a new hijackthis being the 5th hijack log so that now I can update you on whats on the computer right now, but 1st im going to post the very 1st hijackthis log to show you what i came into on this computer then i will post the rest of the log files in their chronological order so that you may best help me and everyone is able to understand what all these logs are, but here it goes the 1st hijack this:

Logfile of HijackThis v1.99.1
Scan saved at 11:12:40 AM, on 5/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Desktop\new hack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system32\nccqf.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,xwiuqkw. exe
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\system32\jkhhf.dll
O2 - BHO: RieMon Class - {70F6A776-579A-4C95-BA88-134253907752} - C:\WINDOWS\system32\irsmpqen.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB57.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [keyboard] C:\\keyboard17.exe
O4 - HKLM\..\Run: [mousepad] C:\\mousepad17.exe
O4 - HKLM\..\Run: [newname] C:\\newname17.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [sys0260036125-4] C:\WINDOWS\sys0260036125-4.exe
O4 - HKLM\..\Run: [w00d223e.dll] RUNDLL32.EXE w00d223e.dll,I2 000a3e2d000d223e
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\system32\rwinkqaf.exe FI002
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [Aqamq] C:\Program Files\Plodhv\Dlhkurz.exe
O4 - HKLM\..\Run: [pntgmc] C:\WINDOWS\system32\pntgmc.exe
O4 - HKLM\..\Run: [guarnset] C:\WINDOWS\system32\guarnset.exe
O4 - HKLM\..\Run: [dugjvc] C:\WINDOWS\system32\dugjvc.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [irssyncd] C:\WINDOWS\system32\irssyncd.exe
O4 - HKCU\..\Run: [CAS2] "C:\Program Files\System Files\System.exe"
O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\rwinkqaf.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll (file missing)
O9 - Extra button: Verizon Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sd...ad/tgctlcm.cab
O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ThereInstallHel per.2.0.2106.0.dll
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} (elitectl.DemoCtl) - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.traffic-advance.net/1054722.exe
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seek...d63afe00899bbe
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/35/...l/gtdownde.cab
O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} - http://deposito.hostance.net/dialer/3953-23.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{083C83DF-C207-41C0-A7D9-83983AE0F785}: NameServer = 85.255.116.38,85.255.112.95
O17 - HKLM\System\CCS\Services\Tcpip\..\{39EA928E-1E5F-425B-BC55-456303C67DB7}: NameServer = 85.255.116.38,85.255.112.95
O17 - HKLM\System\CCS\Services\Tcpip\..\{846C01AB-6A40-4A5E-A2BE-B10CA2D03381}: NameServer = 85.255.116.38,85.255.112.95
O17 - HKLM\System\CS1\Services\Tcpip\..\{083C83DF-C207-41C0-A7D9-83983AE0F785}: NameServer = 85.255.116.38,85.255.112.95
O17 - HKLM\System\CS2\Services\Tcpip\..\{083C83DF-C207-41C0-A7D9-83983AE0F785}: NameServer = 85.255.116.38,85.255.112.95
O17 - HKLM\System\CS3\Services\Tcpip\..\{083C83DF-C207-41C0-A7D9-83983AE0F785}: NameServer = 85.255.116.38,85.255.112.95
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: URL - C:\WINDOWS\system32\enn8l15u1.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\Q2Vl\command.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe

Thank you again for taking the time to review my problems. I appriciate very much what this site is about and what it does for us less fortunate in knowledge. And im positive my sister will be very appriciative when she 's all done with getting these viruses off her computer!
Once again thank you very much, I will now post the rest of the log files in chronological order and then tell you the last two which are the hackthis and kaspersky that are the most recent and ask you what i should do from there. Thank you....!!!

**Lloyd** · 06-05-2006

Ok here goes Hackthis logfile 2 the clean after the first fix:

Logfile of HijackThis v1.99.1
Scan saved at 11:23:42 AM, on 5/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Desktop\new hack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system32\nccqf.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,xwiuqkw. exe
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\system32\jkhhf.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [keyboard] C:\\keyboard17.exe
O4 - HKLM\..\Run: [mousepad] C:\\mousepad17.exe
O4 - HKLM\..\Run: [newname] C:\\newname17.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [sys0260036125-4] C:\WINDOWS\sys0260036125-4.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [CAS2] "C:\Program Files\System Files\System.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O9 - Extra button: Verizon Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sd...ad/tgctlcm.cab
O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ThereInstallHel per.2.0.2106.0.dll
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: URL - C:\WINDOWS\system32\enn8l15u1.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\Q2Vl\command.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe

and the next after i noticed that it didn't delete a few things. :

Logfile of HijackThis v1.99.1
Scan saved at 11:28:29 AM, on 5/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\Administrator\Desktop\new hack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\system32\jkhhf.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.ex e
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [keyboard] C:\\keyboard17.exe
O4 - HKLM\..\Run: [mousepad] C:\\mousepad17.exe
O4 - HKLM\..\Run: [newname] C:\\newname17.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [CAS2] "C:\Program Files\System Files\System.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O9 - Extra button: Verizon Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sd...ad/tgctlcm.cab
O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper Class) - file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ThereInstallHel per.2.0.2106.0.dll
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Program Files\System Files\plugin.dll
O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: URL - C:\WINDOWS\system32\enn8l15u1.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\Q2Vl\command.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe

**Lloyd** · 06-05-2006

Then I ran the other programs like atf cleaner and smitfraud and smitrem and then i ran the ewido progam and saved a log file so here it goes:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:42:27 PM, 5/6/2006
+ Report-Checksum: 9E13A9EC

+ Scan result:

HKLM\SOFTWARE\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Classes\AppID\{4F5E5D72-C915-4f3b-908B-527D064B0FAA} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware\CLSID -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware\CurVer -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Adware.1 -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider\CLSID -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider\CurVer -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\BHO.Hider.1 -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog\CLSID -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog\CurVer -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\Bho8.adlog.1 -> Adware.Adlogix : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC} -> Adware.Generic : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{6001CDF7-6F45-471b-A203-0225615E35A7} -> Adware.Generic : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{C5AF2622-8C75-4dfb-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
HKLM\SOFTWARE\Classes\CLSID\{EF130E77-0A34-4365-BFB7-218FD3DDCD5F} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Classes\Interface\{02946FD1-2D99-46E6-A790-3A089714EDD9} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Classes\TypeLib\{7EACF70B-302F-4049-AC68-2D62EB43E473} -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Netstat -> Adware.Ezula : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\AMeOpt -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\DyFuCA -> Adware.MoneyTree : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Internet Optimizer -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Kapabout -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Rotue -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned without backup
HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned without backup
HKLM\SOFTWARE\SysProtect -> Adware.SysProtect : Cleaned without backup
HKLM\SOFTWARE\webhancer -> Adware.WebHancer : Cleaned without backup
HKLM\SOFTWARE\webhancer\CC -> Adware.WebHancer : Cleaned without backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Ext\Stats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Ext\ Stats\{55BE9F0D-6CAF-4C3E-B125-5A13A8C9D0EC} -> Adware.Generic : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Ext\ Stats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Poli cies\AMeOpt -> Adware.InternetOptimizer : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned without backup
HKU\S-1-5-21-1214440339-413027322-1801674531-500\Software\SysProtect -> Adware.SysProtect : Cleaned without backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned without backup
[1588] VM_009B0000 -> Downloader.Agent.uj : Error during cleaning
[1184] VM_003E0000 -> Downloader.Agent.uj : Error during cleaning
[1348] VM_00A70000 -> Downloader.Agent.uj : Error during cleaning
[1392] VM_00B70000 -> Downloader.Agent.uj : Error during cleaning
[1144] VM_009A0000 -> Downloader.Agent.uj : Error during cleaning
[992] VM_00BF0000 -> Downloader.Agent.uj : Error during cleaning
[2080] VM_009A0000 -> Downloader.Agent.uj : Error during cleaning
[2152] VM_003A0000 -> Downloader.Agent.uj : Error during cleaning
[2172] VM_01190000 -> Downloader.Agent.uj : Error during cleaning
[2208] C:\Program Files\outlook\outlook.exe -> Worm.VB.dw : Cleaned without backup
[2256] VM_00330000 -> Downloader.Agent.uj : Error during cleaning
[2372] C:\mousepad17.exe -> Downloader.VB.aci : Cleaned without backup
[2440] C:\Program Files\Internet Optimizer\optimize.exe -> Downloader.Dyfuca.ei : Cleaned without backup
[2484] C:\WINDOWS\SYSC00.exe -> Trojan.VB.tg : Cleaned without backup
[2520] C:\Program Files\winupdates\winupdates.exe -> Worm.VB.an : Cleaned without backup
[3004] VM_00A50000 -> Downloader.Agent.uj : Error during cleaning
[3080] VM_009B0000 -> Downloader.Agent.uj : Error during cleaning
[3368] VM_009B0000 -> Downloader.Agent.uj : Error during cleaning
C:\ac2_0003.exe -> Downloader.Small.cpu : Cleaned without backup
C:\dist13.exe -> Downloader.Agent.aaf : Cleaned without backup
C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\Cache\ 71F545FEd01 -> Trojan.Fakealert : Cleaned without backup
:mozilla.13:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.14:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.15:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.16:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Doubleclick : Cleaned without backup
:mozilla.20:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.22:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.23:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.24:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.25:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.26:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.27:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.29:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.30:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.31:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.34:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.51:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexcounter : Cleaned without backup
:mozilla.54:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Atdmt : Cleaned without backup
:mozilla.60:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.61:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.62:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.63:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.64:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.65:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.66:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.67:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.68:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.69:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Reliablestats : Cleaned without backup
:mozilla.82:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Paycounter : Cleaned without backup
:mozilla.92:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.93:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.94:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.95:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.96:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.97:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.98:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Sexlist : Cleaned without backup
:mozilla.130:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.131:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.134:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Tribalfusion : Cleaned without backup
:mozilla.143:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Cpvfeed : Cleaned without backup
:mozilla.146:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.147:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.148:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.149:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.150:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.151:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.152:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Hitbox : Cleaned without backup
:mozilla.153:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.155:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.160:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Questionmarket : Cleaned without backup
:mozilla.161:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Questionmarket : Cleaned without backup
:mozilla.162:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Bluestreak : Cleaned without backup
:mozilla.168:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Adserver : Cleaned without backup
:mozilla.169:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Adserver : Cleaned without backup
:mozilla.175:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.176:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.184:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Mediaplex : Cleaned without backup
:mozilla.189:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.190:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.191:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.192:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.193:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.194:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Ru4 : Cleaned without backup
:mozilla.198:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Valueclick : Cleaned without backup
:mozilla.199:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Valueclick : Cleaned without backup
:mozilla.200:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.201:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.206:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Com : Cleaned without backup
:mozilla.207:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Com : Cleaned without backup
:mozilla.208:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Com : Cleaned without backup
:mozilla.209:C:\Documents and Settings\Administrator\Application Data\Netscape\NSB\Profiles\ad3o19s5.default\cookie s.txt -> TrackingCookie.Zedo : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@adver tising[1].txt -> TrackingCookie.Advertising : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@cpvfe ed[1].txt -> TrackingCookie.Cpvfeed : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@doubl eclick[1].txt -> TrackingCookie.Doubleclick : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@stats 1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned without backup
C:\Documents and Settings\Administrator\Cookies\administrator@zedo[1].txt -> TrackingCookie.Zedo : Cleaned without backup
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112031-305.dll -> Adware.SafeSurfing : Cleaned without backup
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112032-695.dll -> Adware.Mirar : Cleaned without backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\CT9F2V8J\WinFixer2006FreeInstall[1].cab/UWFX6_0001_N69M1503NetInstaller.exe -> Trojan.Fakealert : Cleaned without backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\PX72U6MM\installerwnus[1].exe -> Downloader.Qoologic.at : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@c.goclick[1].txt -> TrackingCookie.Goclick : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned without backup
C:\Documents and Settings\LocalService\Cookies\system@server.iad.li veperson[2].txt -> TrackingCookie.Liveperson : Cleaned without backup
C:\drsmartload1.exe -> Downloader.VB.aad : Cleaned without backup
C:\drsmartload45a.exe -> Downloader.Adload.aw : Cleaned without backup
C:\drsmartload46a.exe -> Downloader.Adload.aw : Cleaned without backup
C:\ForeThought.exe -> Adware.MDH : Cleaned without backup
C:\Installer.exe -> Adware.Look2Me : Cleaned without backup
C:\installerwnus.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\keyboard16.exe -> Downloader.VB.zg : Cleaned without backup
C:\keyboard17.exe -> Downloader.VB.aci : Cleaned without backup
C:\LottoFun.exe -> Dropper.Agent.hl : Cleaned without backup
C:\mousepad16.exe -> Trojan.VB.ali : Cleaned without backup
C:\mousepad17.exe -> Downloader.VB.aci : Cleaned without backup
C:\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Cleaned without backup
C:\newname16.exe -> Downloader.VB.vr : Cleaned without backup
C:\newname17.exe -> Downloader.VB.aci : Cleaned without backup
C:\NNSCAA638.EXE -> Adware.NewDotNet : Cleaned without backup
C:\Program Files\Cas2Stub\cas2stub.exe -> Downloader.Agent.aaf : Cleaned without backup
C:\Program Files\Internet Optimizer -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Internet Optimizer\optimize.exe -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Internet Optimizer\update -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Internet Optimizer\update\rogue.exe -> Adware.InternetOptimizer : Cleaned without backup
C:\Program Files\Network Monitor\netmon.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Cleaned without backup
C:\Program Files\outlook\outlook.exe -> Worm.VB.dw : Cleaned without backup
C:\Program Files\outlook\p.zip/Setup.exe -> Worm.VB.dw : Cleaned without backup
C:\Program Files\outlook\v.tmp -> Worm.VB.dw : Cleaned without backup
C:\Program Files\Plodhv\Dlhkurz.exe -> Trojan.Small.cy : Cleaned without backup
C:\Program Files\System Files\plugin.dll -> Adware.CASClient : Cleaned without backup
C:\Program Files\System Files\System.exe -> Adware.CASClient : Cleaned without backup
C:\Program Files\Windows Plus\auxe.exe -> Downloader.Small.ajc : Cleaned without backup
C:\Program Files\Windows Plus\hove.dll -> Downloader.Small.ctp : Cleaned without backup
C:\Program Files\winupdates\a.tmp -> Worm.VB.an : Cleaned without backup
C:\Program Files\winupdates\a.zip/Setup.exe -> Worm.VB.an : Cleaned without backup
C:\Program Files\winupdates\winupdates.exe -> Worm.VB.an : Cleaned without backup
C:\SS1001.exe -> Dropper.Small.qn : Cleaned without backup
C:\stub_113_4_0_4_0.exe -> Downloader.TSUpdate.o : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP24\A0006018.exe -> Adware.Trymedia : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP28\A0007279.exe -> Not-A-Virus.Downloader.Win32.DigStream : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP37\A0012161.exe -> Trojan.Fakealert : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP38\A0012513.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP42\A0014945.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP43\A0015973.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP53\A0024969.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0029238.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031217.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031241.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031242.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031243.exe -> Adware.ZenoSearch : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031244.exe -> Adware.ZenoSearch : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP57\A0031247.exe -> Trojan.LowZones.am : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031295.dll -> Adware.SideFind : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031326.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031327.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0031328.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033786.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033787.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033788.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033834.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033835.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033836.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033908.exe -> Adware.Trymedia : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP61\A0039870.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP61\A0040936.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP67\A0042035.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP67\A0042036.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP67\A0042037.exe -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042296.exe -> Downloader.VB.tw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042297.exe -> Downloader.VB.tw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042298.exe -> Adware.Enbrow : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042299.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042300.dll -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042311.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042333.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042336.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042337.dll -> Adware.SideFind : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042338.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042348.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042393.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042404.exe -> Worm.VB.an : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042410.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042426.dll -> Adware.Surfside : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042427.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042445.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043436.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043455.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0044455.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0044477.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0045455.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0045470.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046461.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046475.exe -> Hijacker.VB.ij : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046476.exe -> Downloader.VB.nw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046477.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0047455.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0047460.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048462.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048478.dll -> Downloader.Small.ctp : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048479.exe -> Hijacker.Agent.gp : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048480.exe -> Downloader.Small.ajc : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0049468.exe -> Adware.Adstart : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0049471.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0050459.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051464.exe -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051465.exe -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051477.exe -> Adware.Winfixer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051485.dll -> Adware.Softomate : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051486.dll -> Adware.Softomate : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051489.exe -> Adware.Surfside : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051491.exe -> Downloader.TSUpdate.n : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051492.exe -> Downloader.TSUpdate.p : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051493.exe -> Downloader.TSUpdate.l : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051494.exe -> Downloader.TSUpdate.f : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051495.dll -> Adware.TargetServer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051502.dll -> Downloader.Dyfuca.dt : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051504.exe -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051505.dll -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051506.exe -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051511.dll -> Adware.NewDotNet : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051512.dll -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051513.exe -> Adware.WebHancer : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051514.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051518.dll -> Downloader.Dyfuca : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051519.dll -> Adware.PurityScan : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051520.exe -> Adware.PurityScan : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051521.exe -> Downloader.PurityScan.be : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051552.exe -> Worm.VB.an : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051554.exe -> Worm.VB.an : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051557.dll -> Downloader.Agent.agw : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051558.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051559.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051560.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051561.dll -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051563.exe -> Downloader.Qoologic.bj : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051564.exe -> Trojan.Qoologic : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051565.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051579.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051585.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051590.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051606.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051608.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051613.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051650.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051657.dll -> Adware.SafeSurfing : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051659.dll -> Adware.Mirar : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051663.dll -> Adware.Look2Me : Cleaned without backup
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051669.dll -> Adware.Look2Me : Cleaned without backup
C:\visfx500.exe -> Dropper.Agent.aie : Cleaned without backup
C:\WHCC2.exe/whAgent.exe -> Adware.WebHancer : Cleaned without backup
C:\WINDOWS\876057.exe -> Adware.Mirar : Cleaned without backup
C:\WINDOWS\ac2_0002.exe -> Downloader.Small.cpu : Cleaned without backup
C:\WINDOWS\DH.dll -> Hijacker.Small.jf : Cleaned without backup
C:\WINDOWS\DH.dll_ -> Hijacker.Small.jf : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\1054722.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\3953-23.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\ClientAX.dll -> Adware.180Solutions : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\3953-23.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\elite.ocx -> Adware.MediaMotor : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWFX6_0001_N69M1503NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.10\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.10\USYP_0001_N76M2004NetInstaller.e xe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.11\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.11\USYP_0001_N76M2004NetInstaller.e xe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.12\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.12\USYP_0001_N76M2004NetInstaller.e xe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.13\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.14\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.15\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.16\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.17\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.18\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.19\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\3953-23.exe -> Heuristic.Win32.Dialer : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWFX6_0001_N69M1503NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.20\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.21\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.22\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.23\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.24\USYP_0001_N69M1703NetInstaller.e xe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.6\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.6\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.7\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.7\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.8\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.8\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.9\USYP_0001_N69M1703NetInstaller.ex e -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.9\USYP_0001_N76M2004NetInstaller.ex e -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\elite.ocx -> Adware.MediaMotor : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\USYP_0001_N69M1703NetInstaller.exe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\USYP_0001_N76M2004NetInstaller.exe -> Downloader.Small : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N68M2301NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned without backup
C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N69M1503NetInstaller.exe -> Trojan.Fakealert : Cleaned without backup
C:\WINDOWS\elitemediapop.exe -> Trojan.LowZones.am : Cleaned without backup
C:\WINDOWS\eliteunstall.exe -> Adware.EliteMedia : Cleaned without backup
C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned without backup
C:\WINDOWS\installerwnus.exe -> Downloader.Qoologic.at : Cleaned without backup
C:\WINDOWS\keyboard15.exe -> Downloader.Adload.ay : Cleaned without backup
C:\WINDOWS\keyboard16.exe -> Downloader.VB.zg : Cleaned without backup
C:\WINDOWS\keyboard17.exe -> Downloader.VB.aci : Cleaned without backup
C:\WINDOWS\mousepad15.exe -> Hijacker.VB.mo : Cleaned without backup
C:\WINDOWS\mousepad16.exe -> Trojan.VB.ali : Cleaned without backup
C:\WINDOWS\mousepad17.exe -> Downloader.VB.aci : Cleaned without backup
C:\WINDOWS\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Cleaned without backup
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned without backup
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned without backup
C:\WINDOWS\newname15.exe -> Downloader.Adload.ay : Cleaned without backup
C:\WINDOWS\newname16.exe -> Downloader.VB.vr : Cleaned without backup
C:\WINDOWS\newname17.exe -> Downloader.VB.aci : Cleaned without backup
C:\WINDOWS\pf79.exe -> Downloader.Dyfuca.ei : Cleaned without backup
C:\WINDOWS\Q2Vl\asappsrv.dll -> Adware.CommAd : Cleaned without backup
C:\WINDOWS\Q2Vl\command.exe -> Adware.CommAd : Cleaned without backup
C:\WINDOWS\qoojfey.exe -> Hijacker.VB.ij : Cleaned without backup
C:\WINDOWS\SS1001.exe -> Dropper.Small.qn : Cleaned without backup
C:\WINDOWS\stub_113_4_0_4_0.exe -> Downloader.TSUpdate.o : Cleaned without backup
C:\WINDOWS\sys0260036125-4.exe -> Adware.Enbrow : Cleaned without backup
C:\WINDOWS\SYSC00.exe -> Trojan.VB.tg : Cleaned without backup
C:\WINDOWS\system32\ad.html -> Hijacker.Agent.e : Cleaned without backup
C:\WINDOWS\system32\aza6l7ds1.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\M3I9EVGL\AppWrap[1].exe -> Adware.AdURL : Cleaned without backup
C:\WINDOWS\system32\copbk32.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dEd8thk.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dflayx.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dugjv.dll -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dugjvc.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dugjvd.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dugjvf.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\dwcpmon.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\dwdsregt.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\explorer.exe -> Downloader.Small.cts : Cleaned without backup
C:\WINDOWS\system32\fplm0331e.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\hfiwyck.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hhiteaj.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hiijyba.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hjiteel.sys -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hqidyfc.vxd -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\hr0605dse.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\hrifygf.dll -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\ikmpagnt.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\irismon.dll -> Adware.SafeSurfing : Cleaned without backup
C:\WINDOWS\system32\irssyncd.exe -> Adware.SafeSurfing : Cleaned without backup
C:\WINDOWS\system32\kedlt.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\kt0sl7d71.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\l2l6lc3s1f.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\lv0o09d3e.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\mv6ml9j11.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\mwinpqaf.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\nkshrui.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\nseE.dll -> Adware.EZula : Cleaned without backup
C:\WINDOWS\system32\pfofmap.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\pjdsregp.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\pntgm.dll -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\pntgmc.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\pntgmd.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\pntgmf.exe -> Adware.Adstart : Cleaned without backup
C:\WINDOWS\system32\q0rqla951d.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\q4860elsehq60.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\r2p8lc7u1f.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\rwinkqaf.exe -> Adware.ZenoSearch : Cleaned without backup
C:\WINDOWS\system32\ssqpo.dll -> Adware.Virtumonde : Cleaned without backup
C:\WINDOWS\system32\s_install_ID8.exe -> Downloader.Small.aav : Cleaned without backup
C:\WINDOWS\system32\unpack.exe -> Trojan.Painwin.a : Cleaned without backup
C:\WINDOWS\system32\w00d223e.dll -> Downloader.Agent.ahv : Cleaned without backup
C:\WINDOWS\system32\w0e3bfd5.dll -> Downloader.Agent.ahv : Cleaned without backup
C:\WINDOWS\system32\weadmoe.dll -> Adware.Look2Me : Cleaned without backup
C:\WINDOWS\system32\WinDmy.dll -> Adware.Mirar : Cleaned without backup
C:\WINDOWS\system32\winlog.exe -> Backdoor.Rbot : Cleaned without backup
C:\WINDOWS\system32\WinNB57.dll -> Adware.Mirar : Cleaned without backup
C:\WINDOWS\temp\bw2.com -> Adware.AdURL : Cleaned without backup
C:\WINDOWS\unin101.exe -> Trojan.VB.tg : Cleaned without backup
C:\WINDOWS\uni_eh.exe -> Trojan.VB.tg : Cleaned without backup
C:\WINDOWS\unwn.exe -> Trojan.Qoologic : Cleaned without backup
C:\WINDOWS\visfx500.exe -> Dropper.Agent.aie : Cleaned without backup
C:\WINDOWS\wallpap.exe -> Hijacker.Agent.gp : Cleaned without backup
C:\WINDOWS\wnu_179.exe -> Trojan.Qoologic : Cleaned without backup
C:\WINDOWS\ZIFI002.exe -> Adware.ZenoSearch : Cleaned without backup
C:\ZICORN004.exe -> Adware.ZenoSearch : Cleaned without backup

::Report End
After which I ran the Kaspersky online and did thre reports. . the kaspersky and 2 hijackthis logs; 1 to see what was on the computer left and one right before i began to type in to so the log would be the most up to date.

So here is the Kaspersky:
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, May 06, 2006 2:00:47 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 6/05/2006
Kaspersky Anti-Virus database records: 192114
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 43029
Number of viruses found: 68
Number of infected objects: 234
Number of suspicious objects: 0
Duration of the scan process: 00:29:24

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112031-788.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-112642-759.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\Documents and Settings\Administrator\Desktop\new hack\backups\backup-20060506-113055-239.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\nsw4.tmp\KillProcDLL.dll Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Documents and Settings\Administrator\mc-110-12-0000137.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.p skipped
C:\Documents and Settings\Administrator\mc-110-12-0000137.exe NSIS: infected - 1 skipped
C:\mc-110-12-0000137.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.p skipped
C:\mc-110-12-0000137.exe NSIS: infected - 1 skipped
C:\Program Files\RGB\GalleryPlayer_small.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\Program Files\Windows\WinUpdate.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Program Files\Windows\WinUpdate.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\Program Files\Windows\WinUpdate.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\Program Files\Windows\WinUpdate.exe NSIS: infected - 3 skipped
C:\sk02.exe/data0002 Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\sk02.exe NSIS: infected - 1 skipped
C:\SnowballWarsInstaller.exe/data0006 Infected: Trojan-Downloader.Win32.PurityScan.cf skipped
C:\SnowballWarsInstaller.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi/ESPNInst/WISE0010.BIN/WISE0008.BIN Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi/ESPNInst/WISE0010.BIN Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi/ESPNInst Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000001.msi Embedded: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi/ESPNInst/WISE0010.BIN/WISE0008.BIN Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi/ESPNInst/WISE0010.BIN Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi/ESPNInst Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP1\A0000002.msi Embedded: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE/WISE0010.BIN/WISE0008.BIN Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE/WISE0010.BIN Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE WiseSFX: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000131.EXE WiseSFX Dropper: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI/ESPNInst/WISE0010.BIN/WISE0008.BIN Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI/ESPNInst/WISE0010.BIN Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI/ESPNInst Infected: not-a-virus

ownloader.Win32.DigStream skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP2\A0000133.MSI Embedded: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP43\A0017002.exe/data0003 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP43\A0017002.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033810.exe/data0003 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP58\A0033810.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033960.exe/data0007 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033960.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033962.exe/data0003 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP60\A0033962.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042307.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042332.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042332.exe/stream Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042332.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042347.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042353.exe NSIS: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042356.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042356.exe/stream Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP68\A0042356.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042392.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042399.exe NSIS: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0042441.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043447.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe/stream/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043476.exe NSIS: infected - 3 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043477.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043477.exe/stream Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0043477.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0044470.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0045469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0046470.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0047471.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0048470.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0049469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0050469.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051461.exe Infected: Trojan-Downloader.Win32.Dyfuca.ez skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051462.exe Infected: Trojan-Downloader.Win32.Dyfuca.ez skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051490.exe/InpB/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051490.exe/InpB Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051490.exe CAB: infected - 2 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051522.exe/data0002 Infected: Trojan.Win32.Scapur.k skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051522.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051604.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051678.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051684.exe Infected: P2P-Worm.Win32.VB.dw skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051685.exe Infected: Trojan-Downloader.Win32.Dyfuca.ei skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051686.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051687.exe Infected: Worm.Win32.VB.an skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051688.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051689.exe Infected: Trojan-Downloader.Win32.Agent.aaf skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051690.dll Infected: not-a-virus:AdWare.Win32.SafeSurfing.z skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051691.dll Infected: not-a-virus:AdWare.Win32.Mirar.e skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051692.exe Infected: Trojan-Downloader.Win32.VB.aad skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051693.exe Infected: Trojan-Downloader.Win32.Adload.az skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051694.exe Infected: Trojan-Downloader.Win32.Adload.az skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051695.exe Infected: not-a-virus:AdWare.Win32.MDH.e skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051696.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051697.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051698.exe Infected: Trojan-Downloader.Win32.VB.zg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051699.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051700.exe Infected: Trojan-Dropper.Win32.Agent.hl skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051701.exe Infected: Trojan.Win32.VB.ali skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051702.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051703.exe Infected: Trojan-Downloader.Win32.VB.vr skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051704.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051705.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051706.exe Infected: Trojan-Downloader.Win32.Agent.aaf skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051707.exe Infected: Trojan.Win32.Small.cy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051708.exe Infected: Trojan.Win32.Small.cy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051709.exe Infected: not-a-virus:AdWare.Win32.CASClient.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051710.exe Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051711.dll Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051712.exe Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051713.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051714.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051715.exe RarSFX: infected - 5 skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051716.exe Infected: not-a-virus:AdWare.Win32.Mirar.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051717.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051718.dll Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051719.exe Infected: Trojan.Win32.LowZones.am skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051721.exe Infected: Trojan-Downloader.Win32.Adload.ay skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051722.exe Infected: Trojan-Downloader.Win32.VB.zg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051723.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051724.exe Infected: Trojan-Clicker.Win32.VB.mo skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051725.exe Infected: Trojan.Win32.VB.ali skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051726.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051727.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051728.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051729.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051730.exe Infected: Trojan-Downloader.Win32.Adload.ay skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051731.exe Infected: Trojan-Downloader.Win32.VB.vr skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051732.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051733.exe Infected: Trojan-Downloader.Win32.Dyfuca.ei skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051734.dll Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051735.exe Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051736.exe Infected: Trojan-Clicker.Win32.VB.ij skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051737.exe Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051738.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051740.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051741.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051742.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051743.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051744.dll Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051745.exe Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051746.exe Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051747.exe Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051748.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051749.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051750.exe Infected: Trojan-Downloader.Win32.Small.cts skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051751.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051752.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051753.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051754.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051755.sys Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051756.vxd Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051757.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051758.dll Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051759.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051760.dll Infected: not-a-virus:AdWare.Win32.SafeSurfing.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051761.exe Infected: not-a-virus:AdWare.Win32.SafeSurfing.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051762.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051763.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051764.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051765.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051766.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051768.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051769.dll Infected: not-a-virus:AdWare.Win32.EZula.bn skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051770.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051771.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051772.dll Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051773.exe Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051774.exe Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051775.exe Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051776.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051777.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051778.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051780.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051781.exe Infected: Trojan-Downloader.Win32.Small.aav skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051782.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051783.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051784.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051785.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051786.dll Infected: not-a-virus:AdWare.Win32.Mirar.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051787.exe Infected: Backdoor.Win32.EggDrop.v skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051788.dll Infected: not-a-virus:AdWare.Win32.Mirar.b skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051789.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051790.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051791.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051792.exe Infected: Trojan-Clicker.Win32.Agent.gp skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051793.exe Infected: Trojan-Downloader.Win32.Qoologic.c skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051794.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051795.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051797.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051798.exe Infected: not-a-virus:Monitor.Win32.NetMon.a skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051799.dll Infected: not-a-virus:AdWare.Win32.CASClient.d skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051801.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051808.exe Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051812.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{6C8DC286-C30D-4547-9C95-A35CA4AA6292}\RP70\A0051819.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\VSL02.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\VSL02.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\VSL02.exe NSIS: infected - 2 skipped
C:\WINDOWS\DHU.exe/data0001 Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\WINDOWS\DHU.exe NSIS: infected - 1 skipped
C:\WINDOWS\icont.exe Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\WINDOWS\justin2a.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\WINDOWS\justin2a.exe/stream Infected: not-a-virus:AdWare.Win32.SideFind.a skipped
C:\WINDOWS\justin2a.exe NSIS: infected - 2 skipped
C:\WINDOWS\pf78.exe/data0002 Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\WINDOWS\pf78.exe/data0003 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe/data0006 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe/data0007 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe NSIS: infected - 4 skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\M3I9EVGL\AppWrap[1].exe Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0004 Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\WINDOWS\system32\install_id6.exe/stream/data0008 Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\WINDOWS\system32\install_id6.exe/stream Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\WINDOWS\system32\install_id6.exe NSIS: infected - 5 skipped
C:\WINDOWS\system32\jkhhf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\WINDOWS\system32\mc-110-12-0000137.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.p skipped
C:\WINDOWS\system32\mc-110-12-0000137.exe NSIS: infected - 1 skipped
C:\WINDOWS\temp\bw2.com Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\WINDOWS\WPRE.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\WINDOWS\WPRE.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\WINDOWS\WPRE.exe NSIS: infected - 2 skipped
C:\WINDOWS\YOINSI.exe/data0002 Infected: Trojan.Win32.Scapur.k skipped
C:\WINDOWS\YOINSI.exe NSIS: infected - 1 skipped

Scan process completed.

**Lloyd** · 06-05-2006