Here is my copy, I can not find hjk this program again please help thanks


ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 6:24:42 PM 7/10/2006

+ Scan result:



C:\WINDOWS\Downloaded Program Files\turbo.inf -> Adware.BetterInternet : No action taken.
C:\Documents and Settings\default\Application Data\Casino.exe -> Adware.Casino : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{1B7868F3-747F-F324-23F0-1A3EC3D2C170} -> Adware.CoolWebSearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{3C6CC514-0686-8D4A-3795-115CE35C21E9} -> Adware.CoolWebSearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{434697B1-B0A0-8A25-A2B0-15519E338038} -> Adware.CoolWebSearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{A72CF6EF-6CF2-42D8-2DB0-27CB6FCBFF6A} -> Adware.CoolWebSearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{B4FCB695-7281-8955-B77A-8A16A746575E} -> Adware.CoolWebSearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{F81B8540-E2E4-2BF8-72B3-D53F9FC767C1} -> Adware.CoolWebSearch : No action taken.
C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1048] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[1088] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1136] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[120] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1344] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[1380] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[1412] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1488] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[1520] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1568] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1652] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1700] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1848] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[184] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[200] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[212] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[2168] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[2368] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[2420] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[244] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[260] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[288] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[3252] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[3380] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[3440] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[372] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[3744] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[420] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[492] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[608] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[688] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[700] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[816] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[872] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[892] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[988] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
HKLM\SOFTWARE\Classes\AppID\{4F5E5D72-C915-4f3b-908B-527D064B0FAA} -> Adware.SysProtect : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{EF130E77-0A34-4365-BFB7-218FD3DDCD5F} -> Adware.SysProtect : No action taken.
HKLM\SOFTWARE\Classes\Interface\{02946FD1-2D99-46E6-A790-3A089714EDD9} -> Adware.SysProtect : No action taken.
HKLM\SOFTWARE\Classes\TypeLib\{7EACF70B-302F-4049-AC68-2D62EB43E473} -> Adware.SysProtect : No action taken.
C:\WINDOWS\Temp\win78.tmp.exe -> Adware.Virtumonde : No action taken.
C:\WINDOWS\system32\yayvvts.dll -> Adware.Virtumonde : No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\xupiter -> Adware.Xupiter : No action taken.
C:\WINDOWS\g10286203.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1029703.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g10321968.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g10530062.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1283671.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1293203.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1423562.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g14370906.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1506531.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g15572796.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g16895078.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1759750.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g18096265.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g19296859.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g2625609.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g2828828.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g2955562.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g2956750.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g4154375.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g46544125.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g5358328.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g6563250.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g7906687.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g8006843.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g9113750.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g9208984.dll -> Downloader.Delf.amb : No action taken.
[1632] C:\WINDOWS\g1029703.dll -> Downloader.Delf.amb : No action taken.
[640] C:\WINDOWS\g1029703.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\Temp\win6F.tmp.exe -> Downloader.Obfuscated.a : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N76M1005NetInstaller.ex e -> Downloader.Small : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USYP_0001_N76M1005NetInstaller.ex e -> Downloader.Small : No action taken.
C:\WINDOWS\Downloaded Program Files\USYP_0001_N76M1005NetInstaller.exe -> Downloader.Small : No action taken.
C:\WINDOWS\Temp\win11D.tmp.exe -> Downloader.Small.cvw : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA6P_0001_N73M0604NetInstaller.e xe -> Not-A-Virus.Downloader.Win32.WinFixer.f : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA6P_0001_N73M0604NetInstaller.e xe -> Not-A-Virus.Downloader.Win32.WinFixer.f : No action taken.
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N73M0604NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.f : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N822M1605NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\Documents and Settings\default\Cookies\default@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.18:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Advertising : No action taken.
:mozilla.30:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\default\Cookies\default@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\default\Cookies\default@bfast[2].txt -> TrackingCookie.Bfast : No action taken.
C:\Documents and Settings\default\Cookies\default@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : No action taken.
C:\Documents and Settings\default\Cookies\default@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : No action taken.
C:\Documents and Settings\default\Cookies\default@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\default\Cookies\default@www.burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.35:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\default\Cookies\default@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.11:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.12:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.13:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.15:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\default\Cookies\default@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\default\Cookies\default@media.fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\default\Cookies\default@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\default\Cookies\default@ehg-nestleusainc.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\default\Cookies\default@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.6:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\default\Cookies\default@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\default\Cookies\default@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.26:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Qksrv : No action taken.
C:\Documents and Settings\default\Cookies\default@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\default\Cookies\default@stats1.reliablest ats[1].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\default\Cookies\default@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\default\Cookies\default@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\default\Cookies\default@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.25:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Targetnet : No action taken.
C:\Documents and Settings\default\Cookies\default@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\default\Cookies\default@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.33:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.34:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\default\Cookies\default@statse.webtrendsl ive[1].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\WINDOWS\Temp\win68.tmp.exe -> Trojan.Dialer.oy : No action taken.
C:\WINDOWS\system32\1024 -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5105.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld69CD.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld79F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldEEC8.tmp -> Trojan.Small : No action taken.


::Report end

Originally Posted by VopThis

NOTE: Running IE7.0 BETA can be a very risky thing to do at this point. Best advised to download a backup alternate browser just in case:

Mozilla Firefox: http://www.mozilla.org/products/firefox/




You are not running HijackThis (HJT) from a desired location. You really need to setup a dedicated folder for HJT items – to avoid horrible clutter and/or potential lost backup issues.

It's best that the HijackThis tool NOT be located in its current location (particularly on your Desktop or in a TEMP folder). This way you can more easily undo any changes if something goes wrong.

• Create a new folder in your C: Drive.
• Name the FOLDER HijackThis (or HJT) such as C:\Program Files\HijackThis or C:\HJT and move the HijackThis.exe file into it.
• Run HJT from there (and revise your shortcut accordingly).

Download and install Ewido anti-spyware 4.0 (uninstall any previous version first).

• Click the Download BUTTON. On the next page click the Download now BUTTON.
• Save and then install (Run) from the save location.
• Open/Run ewido anti-spyware
• Wait a few moments and Ewido should Auto update itself (note date of last update). If it doesn't update, click the update ICON at top of screen:
• This is very important to get the LATEST updates
• Click on the Status ICON
  • Under "Your computers Security"
    Click change status on Resident shield to inactive (ONLY consider activation of that feature once you are clean)
• Click on the Scanner ICON at the top of the window
  
  
• Click on the Settings tab then select Recommended Actions and choose Quarantine

Close ALL open Windows / Programs / Folders. Please start Ewido, and run a full scan:

• Click on the default Status ICON and select the Scan now LINK.
  
  OR
• Click on the Scanner ICON . Select the Scan TAB.
  • Select Complete System Scan. Ewido will now begin to scan your system.

• If Ewido finds anything it will list them in the Preview WINDOW:
  • Make sure that Set all elements to: shows Quarantine, if not click on the link and choose Quarantine from the popup menu.
  • Select Apply all actions at the bottom of the window (and the items found will be quarantined – and recoverable, if any items are needed back).
• When the scan has completed, click on the Save Scan Report button and save the scan to your Desktop where it can be easily found.
• Copy and paste the EWIDO scan results into your next post and a revised HijackThis LOG.
• Close Ewido.

Use the HijackThis load instructions found here to install to a correct DEFAULT location (see the last set of instructions):
http://www.d-a-l.com/help/showthread.php?t=32403


Re-run EWIDO as per directions previously given and select 'quarantine' as your action to apply to all items found. Post the EWIDO log and latest HijackThis LOG.

Hi as per your requesthere are the hijackthis and ewido reports thank you
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 10:12:41 PM 7/10/2006
+ Scan result:

C:\WINDOWS\Downloaded Program Files\turbo.inf -> Adware.BetterInternet : No action taken.
C:\Documents and Settings\default\Application Data\Casino.exe -> Adware.Casino : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{1B7868F3-747F-F324-23F0-1A3EC3D2C170} -> Adware.CoolWebSearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{3C6CC514-0686-8D4A-3795-115CE35C21E9} -> Adware.CoolWebSearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{434697B1-B0A0-8A25-A2B0-15519E338038} -> Adware.CoolWebSearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{A72CF6EF-6CF2-42D8-2DB0-27CB6FCBFF6A} -> Adware.CoolWebSearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{B4FCB695-7281-8955-B77A-8A16A746575E} -> Adware.CoolWebSearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{F81B8540-E2E4-2BF8-72B3-D53F9FC767C1} -> Adware.CoolWebSearch : No action taken.
C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1024] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1044] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1080] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1132] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[1200] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1220] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[1248] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1336] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1452] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[1588] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1596] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1704] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[1716] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1788] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1832] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[1868] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[1972] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[2012] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[2120] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[2164] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[3084] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[320] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[352] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : No action taken.
[4012] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[428] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[688] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[700] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[764] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[816] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[872] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[892] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[912] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
[984] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : No action taken.
HKLM\SOFTWARE\Classes\AppID\{4F5E5D72-C915-4f3b-908B-527D064B0FAA} -> Adware.SysProtect : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{EF130E77-0A34-4365-BFB7-218FD3DDCD5F} -> Adware.SysProtect : No action taken.
HKLM\SOFTWARE\Classes\Interface\{02946FD1-2D99-46E6-A790-3A089714EDD9} -> Adware.SysProtect : No action taken.
HKLM\SOFTWARE\Classes\TypeLib\{7EACF70B-302F-4049-AC68-2D62EB43E473} -> Adware.SysProtect : No action taken.
C:\WINDOWS\Temp\win78.tmp.exe -> Adware.Virtumonde : No action taken.
C:\WINDOWS\system32\yayvvts.dll -> Adware.Virtumonde : No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\xupiter -> Adware.Xupiter : No action taken.
C:\WINDOWS\g10286203.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1029703.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g10321968.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g10530062.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1283671.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1293203.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1423562.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g14370906.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1506531.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g15572796.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g16895078.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g1759750.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g18096265.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g19296859.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g2625609.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g2828828.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g2955562.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g2956750.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g4154375.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g46544125.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g5358328.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g6563250.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g7906687.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g8006843.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g9113750.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\g9208984.dll -> Downloader.Delf.amb : No action taken.
[208] C:\WINDOWS\g1029703.dll -> Downloader.Delf.amb : No action taken.
[640] C:\WINDOWS\g1029703.dll -> Downloader.Delf.amb : No action taken.
C:\WINDOWS\Temp\win6F.tmp.exe -> Downloader.Obfuscated.a : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N76M1005NetInstaller.ex e -> Downloader.Small : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USYP_0001_N76M1005NetInstaller.ex e -> Downloader.Small : No action taken.
C:\WINDOWS\Downloaded Program Files\USYP_0001_N76M1005NetInstaller.exe -> Downloader.Small : No action taken.
C:\WINDOWS\Temp\win11D.tmp.exe -> Downloader.Small.cvw : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA6P_0001_N73M0604NetInstaller.e xe -> Not-A-Virus.Downloader.Win32.WinFixer.f : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA6P_0001_N73M0604NetInstaller.e xe -> Not-A-Virus.Downloader.Win32.WinFixer.f : No action taken.
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N73M0604NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.f : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N822M1605NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\Documents and Settings\default\Cookies\default@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.18:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Advertising : No action taken.
:mozilla.30:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\default\Cookies\default@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\default\Cookies\default@bfast[2].txt -> TrackingCookie.Bfast : No action taken.
C:\Documents and Settings\default\Cookies\default@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : No action taken.
C:\Documents and Settings\default\Cookies\default@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : No action taken.
C:\Documents and Settings\default\Cookies\default@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\default\Cookies\default@www.burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.35:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\default\Cookies\default@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.11:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.12:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.13:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.15:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\default\Cookies\default@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\default\Cookies\default@media.fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\default\Cookies\default@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\default\Cookies\default@ehg-nestleusainc.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\default\Cookies\default@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.6:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\default\Cookies\default@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\default\Cookies\default@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.26:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Qksrv : No action taken.
C:\Documents and Settings\default\Cookies\default@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\default\Cookies\default@stats1.reliablest ats[1].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\default\Cookies\default@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\default\Cookies\default@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\default\Cookies\default@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.25:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Targetnet : No action taken.
C:\Documents and Settings\default\Cookies\default@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\default\Cookies\default@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.33:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.34:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\default\Cookies\default@statse.webtrendsl ive[1].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\WINDOWS\Temp\win68.tmp.exe -> Trojan.Dialer.oy : No action taken.
C:\WINDOWS\system32\1024 -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5105.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld69CD.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld79F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldEEC8.tmp -> Trojan.Small : No action taken.

::Report end


Logfile of HijackThis v1.99.1
Scan saved at 9:38:24 PM, on 7/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ICO.EXE
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\056c4617.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\Pelmiced.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\WINZIP\wzqkpick.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = yahoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://weatheroffice.ec.gc.ca/city/p..._metric_e.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Link...cid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = ftp=64.247.148.129:110;gopher=64.247.148.129:110;h ttps=64.247.148.130:110
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.yahoo.com/"); (C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\prefs.j s)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\prefs.j s)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - blank (file missing)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printra y.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [056c4617.exe] C:\WINDOWS\system32\056c4617.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunServices: [Windows Network Service] winvc32.exe
O4 - HKCU\..\Run: [056c4617.exe] C:\Documents and Settings\default\Local Settings\Application Data\056c4617.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Program Files\PartyGaming\PartyGammon\RunBackGammon.exe
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Program Files\PartyGaming\PartyGammon\RunBackGammon.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .asx: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdspl ay.dll
O12 - Plugin for .wmv: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdspl ay.dll
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/game...s/y/blt1_x.cab
O16 - DPF: TruePass EPF 7,0,100,717 - https://blrscr3.egs-seg.gc.ca/applet...applet-epf.cab
O16 - DPF: Yahoo! Canasta - http://download.games.yahoo.com/game...ts/y/yt1_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/game...ts/y/zt3_x.cab
O16 - DPF: Yahoo! Hearts - http://download.games.yahoo.com/game...ts/y/ht1_x.cab
O16 - DPF: Yahoo! Tic-Tac-Toe - http://download.games.yahoo.com/game...ts/y/ft3_x.cab
O16 - DPF: Yahoo! Towers 2.0 - http://download.games.yahoo.com/game...s/y/ywt0_x.cab
O16 - DPF: {00000000-0000-0000-0000-100000000003} - http://code.trasferimento.biz/l/c894...33afd94_35.exe
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/e...rInstaller.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {352797A0-EFD0-4FA6-B229-145120EA4B8A} (Walt Disney Internet Group Hardware Control) - https://disneyblast.go.com/v3/setup/...areControl.cab
O16 - DPF: {405BBF5B-2FD8-4614-AC51-D8566F635B94} (SafeWallet Class) - http://idsm.citadelprocessing.com/Sa.../WalletCab.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource...scbase5059.cab
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgCA2404.exe
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} - http://activex.microgaming.com/DLhel...7/dlhelper.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../installer.exe
O20 - AppInit_DLLs: notepad.dll C:\WINDOWS\system32\notepad.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Xpoint PCRadmin Server (PCRadminServer) - Unknown owner - C:\PROGRA~1\Xpoint\PE\pcradmin.exe (file missing)
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Win32 Usb Driver - Unknown owner - C:\WINDOWS\System32\AvpG.exe" -netsvcs (file missing)
O23 - Service: Xpoint Admin Server (XPadminServer) - Unknown owner - C:\PROGRA~1\Xpoint\xpadmin\xpadmin.exe (file missing)
O23 - Service: Xpoint Agent Server (xpAgentServer) - Unknown owner - C:\PROGRA~1\Xpoint\agent\Xpagent.exe (file missing)

VOPTHIS is out of town for a few days.

Re-run EWIDO as per directions previously given and select 'quarantine' as your action to apply to all items found. Post the EWIDO log and latest HijackThis LOG.

You must select quarantine to get rid of all infections Ewido has found. Thanks.

Hi there here is the new copies of hijackthis and ewido thank you Donna
Logfile of HijackThis v1.99.1
Scan saved at 6:30:39 PM, on 7/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ICO.EXE
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\056c4617.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\Pelmiced.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = yahoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://weatheroffice.ec.gc.ca/city/p..._metric_e.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Link...cid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = ftp=64.247.148.129:110;gopher=64.247.148.129:110;h ttps=64.247.148.130:110
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.yahoo.com/"); (C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\prefs.j s)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\prefs.j s)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - blank (file missing)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printra y.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [056c4617.exe] C:\WINDOWS\system32\056c4617.exe
O4 - HKLM\..\RunServices: [Windows Network Service] winvc32.exe
O4 - HKCU\..\Run: [056c4617.exe] C:\Documents and Settings\default\Local Settings\Application Data\056c4617.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Program Files\PartyGaming\PartyGammon\RunBackGammon.exe
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Program Files\PartyGaming\PartyGammon\RunBackGammon.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .asx: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdspl ay.dll
O12 - Plugin for .wmv: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdspl ay.dll
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/game...s/y/blt1_x.cab
O16 - DPF: TruePass EPF 7,0,100,717 - https://blrscr3.egs-seg.gc.ca/applet...applet-epf.cab
O16 - DPF: Yahoo! Canasta - http://download.games.yahoo.com/game...ts/y/yt1_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/game...ts/y/zt3_x.cab
O16 - DPF: Yahoo! Hearts - http://download.games.yahoo.com/game...ts/y/ht1_x.cab
O16 - DPF: Yahoo! Tic-Tac-Toe - http://download.games.yahoo.com/game...ts/y/ft3_x.cab
O16 - DPF: Yahoo! Towers 2.0 - http://download.games.yahoo.com/game...s/y/ywt0_x.cab
O16 - DPF: {00000000-0000-0000-0000-100000000003} - http://code.trasferimento.biz/l/c894...33afd94_35.exe
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/e...rInstaller.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {352797A0-EFD0-4FA6-B229-145120EA4B8A} (Walt Disney Internet Group Hardware Control) - https://disneyblast.go.com/v3/setup/...areControl.cab
O16 - DPF: {405BBF5B-2FD8-4614-AC51-D8566F635B94} (SafeWallet Class) - http://idsm.citadelprocessing.com/Sa.../WalletCab.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource...scbase5059.cab
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgCA2404.exe
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} - http://activex.microgaming.com/DLhel...7/dlhelper.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../installer.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/def...ploader_v6.cab
O20 - AppInit_DLLs: notepad.dll C:\WINDOWS\system32\notepad.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Xpoint PCRadmin Server (PCRadminServer) - Unknown owner - C:\PROGRA~1\Xpoint\PE\pcradmin.exe (file missing)
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Win32 Usb Driver - Unknown owner - C:\WINDOWS\System32\AvpG.exe" -netsvcs (file missing)
O23 - Service: Xpoint Admin Server (XPadminServer) - Unknown owner - C:\PROGRA~1\Xpoint\xpadmin\xpadmin.exe (file missing)
O23 - Service: Xpoint Agent Server (xpAgentServer) - Unknown owner - C:\PROGRA~1\Xpoint\agent\Xpagent.exe (file missing)

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 6:24:28 PM 7/11/2006

+ Scan result:



C:\WINDOWS\Downloaded Program Files\turbo.inf -> Adware.BetterInternet : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Application Data\Casino.exe -> Adware.Casino : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{1B7868F3-747F-F324-23F0-1A3EC3D2C170} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{3C6CC514-0686-8D4A-3795-115CE35C21E9} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{434697B1-B0A0-8A25-A2B0-15519E338038} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{A72CF6EF-6CF2-42D8-2DB0-27CB6FCBFF6A} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{B4FCB695-7281-8955-B77A-8A16A746575E} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{F81B8540-E2E4-2BF8-72B3-D53F9FC767C1} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
[1032] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1056] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1068] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1080] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1104] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1136] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1248] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1364] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1448] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[144] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1456] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1528] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1572] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1636] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[164] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1668] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1704] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1792] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1832] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[1840] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[2016] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[2028] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[2116] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[2204] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[2300] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[232] C:\WINDOWS\System32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[3648] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[544] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[664] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[688] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[700] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[740] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[872] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[892] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
[984] C:\WINDOWS\system32\notepad.dll -> Adware.PurityScan : Error during cleaning.
HKLM\SOFTWARE\Classes\AppID\{4F5E5D72-C915-4f3b-908B-527D064B0FAA} -> Adware.SysProtect : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{EF130E77-0A34-4365-BFB7-218FD3DDCD5F} -> Adware.SysProtect : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Interface\{02946FD1-2D99-46E6-A790-3A089714EDD9} -> Adware.SysProtect : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TypeLib\{7EACF70B-302F-4049-AC68-2D62EB43E473} -> Adware.SysProtect : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win78.tmp.exe -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\yayvvts.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\xupiter -> Adware.Xupiter : Cleaned with backup (quarantined).
C:\WINDOWS\g10286203.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g1029703.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g10321968.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g10530062.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g1283671.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g1293203.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g1423562.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g14370906.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g1506531.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g15572796.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g16895078.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g1759750.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g18096265.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g19296859.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g2625609.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g2828828.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g2955562.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g2956750.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g4154375.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g46544125.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g5358328.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g6563250.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g7906687.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g8006843.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g9113750.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\g9208984.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
[1844] C:\WINDOWS\g1029703.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
[640] C:\WINDOWS\g1029703.dll -> Downloader.Delf.amb : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win6F.tmp.exe -> Downloader.Obfuscated.a : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N76M1005NetInstaller.ex e -> Downloader.Small : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USYP_0001_N76M1005NetInstaller.ex e -> Downloader.Small : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\USYP_0001_N76M1005NetInstaller.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win11D.tmp.exe -> Downloader.Small.cvw : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Local Settings\Temporary Internet Files\Content.IE5\IHG395NA\popcaploader_v6[1].cab/PopCapLoader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA6P_0001_N73M0604NetInstaller.e xe -> Not-A-Virus.Downloader.Win32.WinFixer.f : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA6P_0001_N73M0604NetInstaller.e xe -> Not-A-Virus.Downloader.Win32.WinFixer.f : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N73M0604NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.f : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWA6P_0001_N822M1605NetInstaller. exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N822M1605NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.18:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.30:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@bfast[2].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.35:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.11:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.12:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.13:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.15:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@ehg-nestleusainc.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.6:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@stats1.reliablest ats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.33:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.34:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\cookies .txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\default\Cookies\default@statse.webtrendsl ive[1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win68.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ld5105.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ld69CD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ld79F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ldEEC8.tmp -> Trojan.Small : Cleaned with backup (quarantined).


::Report end

Excellent, thanks now we are getting some where. Let's see if we can get rid of Purity scan next.



Go to Start>Control Panel>Add/Remove Programs and look for PuritySCAN By OIN, , OIN or similar or Click Spring , click on it and click remove.

If not listed, download and run this uninstaller:
http://www.outerinfo.com/OiUninstaller.exe

Tutorial for the uninstaller if needed

Reboot when done and delete this folder if found:
C:\Program Files\PurityScan


Then after the above do the below please...


Go here BitDefender and run an online scan with BitDefender (you will need to use Internet Explorer for this scan). When the ActiveX Control has loaded, click on "Click here to scan" and grab a coffee.

When BitDefender completes the scan, select the "Detected Problems" tab. Click on "Click here to export scan". Save the file as an HTML to your Desktop. Then click on the saved file and allow it to open with your browser. Go to Edit - Select All then copy/paste that log back here. Post back and let us know what it found (post the log).

And post a new HJT log also..


Also...



Open Hijackthis.

Click the "Open the Misc Tools" section Button.

Click the "Open Uninstall Manager" Button.

Click the "Save list..." Button.

Save it to your desktop. Copy and paste the contents into your reply.

here is the hjt and the bit defender logs thank you

Logfile of HijackThis v1.99.1
Scan saved at 4:51:50 PM, on 7/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ICO.EXE
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\056c4617.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\Pelmiced.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = yahoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://weatheroffice.ec.gc.ca/city/pages/nt-30_metric_e.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/yme/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = ftp=64.247.148.129:110;gopher=64.247.148.129:110;h ttps=64.247.148.130:110
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.yahoo.com/"); (C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\prefs.j s)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\89upgciv.slt\prefs.j s)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - blank (file missing)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printra y.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [056c4617.exe] C:\WINDOWS\system32\056c4617.exe
O4 - HKLM\..\RunServices: [Windows Network Service] winvc32.exe
O4 - HKCU\..\Run: [056c4617.exe] C:\Documents and Settings\default\Local Settings\Application Data\056c4617.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Program Files\PartyGaming\PartyGammon\RunBackGammon.exe
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Program Files\PartyGaming\PartyGammon\RunBackGammon.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .asx: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdspl ay.dll
O12 - Plugin for .wmv: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdspl ay.dll
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: TruePass EPF 7,0,100,717 - https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab
O16 - DPF: Yahoo! Canasta - http://download.games.yahoo.com/games/clients/y/yt1_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/games/clients/y/zt3_x.cab
O16 - DPF: Yahoo! Hearts - http://download.games.yahoo.com/games/clients/y/ht1_x.cab
O16 - DPF: Yahoo! Tic-Tac-Toe - http://download.games.yahoo.com/games/clients/y/ft3_x.cab
O16 - DPF: Yahoo! Towers 2.0 - http://download.games.yahoo.com/games/clients/y/ywt0_x.cab
O16 - DPF: {00000000-0000-0000-0000-100000000003} - http://code.trasferimento.biz/l/c89441c08db2dbc03bfcee4aa33afd94_35.exe
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/errn2004/installers/default/ErrorNukerInstaller.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {352797A0-EFD0-4FA6-B229-145120EA4B8A} (Walt Disney Internet Group Hardware Control) - https://disneyblast.go.com/v3/setup/activex/DIGHardwareControl.cab
O16 - DPF: {405BBF5B-2FD8-4614-AC51-D8566F635B94} (SafeWallet Class) - http://idsm.citadelprocessing.com/SafeCommon/downloads/WalletCab.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase5059.cab
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgCA2404.exe
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} - http://activex.microgaming.com/DLhelper/version7/dlhelper.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install3.5/installer.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O20 - AppInit_DLLs: notepad.dll C:\WINDOWS\system32\notepad.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Xpoint PCRadmin Server (PCRadminServer) - Unknown owner - C:\PROGRA~1\Xpoint\PE\pcradmin.exe (file missing)
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Win32 Usb Driver - Unknown owner - C:\WINDOWS\System32\AvpG.exe" -netsvcs (file missing)
O23 - Service: Xpoint Admin Server (XPadminServer) - Unknown owner - C:\PROGRA~1\Xpoint\xpadmin\xpadmin.exe (file missing)
O23 - Service: Xpoint Agent Server (xpAgentServer) - Unknown owner - C:\PROGRA~1\Xpoint\agent\Xpagent.exe (file missing)


BitDefender Online Scanner




Scan report generated at: Thu, Jul 13, 2006 - 16:28:14







Scan path: A:\;C:\;D:\;











Statistics

Time

01:59:30

Files

408954

Folders

6234

Boot Sectors

2

Archives

9109

Packed Files

25069





Results

Identified Viruses

36

Infected Files

107

Suspect Files

71

Warnings

0

Disinfected

0

Deleted Files

346





Engines Info

Virus Definitions

407687

Engine build

AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins

13

Archive plugins

39

Unpack plugins

5

E-mail plugins

6

System plugins

1





Scan Settings

First Action

Disinfect

Second Action

Delete

Heuristics

Yes

Enable Warnings

Yes

Scanned Extensions

*;

Exclude Extensions



Scan Emails

Yes

Scan Archives

Yes

Scan Packed

Yes

Scan Files

Yes

Scan Boot

Yes





Scanned File

Status

C:\Documents and Settings\default\Local Settings\Application Data\056c4617.exe

Suspected of: BehavesLike:Trojan.Downloader

C:\Documents and Settings\default\Local Settings\Application Data\056c4617.exe

Disinfection failed

C:\Documents and Settings\default\Local Settings\Application Data\056c4617.exe

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\0025023B.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.6Sear.A

C:\Program Files\Norton AntiVirus\Quarantine\0025023B.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\0025023B.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\047D2EBC.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\047D2EBC.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\047D2EBC.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\06D67DDE.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\06D67DDE.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\06D67DDE.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\07DC528F.exe=>(Quarantine-2)

Infected with: Trojan.Dloader.HK

C:\Program Files\Norton AntiVirus\Quarantine\07DC528F.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\07DC528F.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\07DC528F.fr3=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.BF

C:\Program Files\Norton AntiVirus\Quarantine\07DC528F.fr3=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\07DC528F.fr3=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\08905404.cla=>(Quarantine-2)

Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\08905404.cla=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\08905404.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\08905404.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\08905404.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\08905404.wmf=>(Quarantine-2)

Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\08905404.wmf=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\08905404.wmf=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\08937E01.cla=>(Quarantine-2)

Infected with: Trojan.Java.ClassLoader.D

C:\Program Files\Norton AntiVirus\Quarantine\08937E01.cla=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\089627FD.wmf=>(Quarantine-2)

Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\089627FD.wmf=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\089627FD.wmf=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\0897023E.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\0897023E.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\0897023E.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\09820D75.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.PurityScan.CQ

C:\Program Files\Norton AntiVirus\Quarantine\09820D75.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\09820D75.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\0988616E.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\Program Files\Norton AntiVirus\Quarantine\0988616E.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\0988616E.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\098C0B6B.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\Program Files\Norton AntiVirus\Quarantine\098C0B6B.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\098C0B6B.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\098F3567.exe=>(Quarantine-2)

Infected with: MemScan:Trojan.Downloader.PurityScan.CQ

C:\Program Files\Norton AntiVirus\Quarantine\098F3567.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\098F3567.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\09925F63.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\Program Files\Norton AntiVirus\Quarantine\09925F63.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\09925F63.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\09F20A29.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\09F20A29.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\09F20A29.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\0A252A47.wmf=>(Quarantine-2)

Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\0A252A47.wmf=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\0A252A47.wmf=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\0F6B521F.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\0F6B521F.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\0F6B521F.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\0F847AF2.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.BJ

C:\Program Files\Norton AntiVirus\Quarantine\0F847AF2.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\0F847AF2.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\0F8824EF.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.BJ

C:\Program Files\Norton AntiVirus\Quarantine\0F8824EF.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\0F8824EF.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\13FD4526.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\13FD4526.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\13FD4526.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\141C2E43.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Agent.CK

C:\Program Files\Norton AntiVirus\Quarantine\141C2E43.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\141C2E43.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\1422023C.fr3=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.BF

C:\Program Files\Norton AntiVirus\Quarantine\1422023C.fr3=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\1422023C.fr3=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\184264FA.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\184264FA.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\184264FA.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\1A0345CF.dll=>(Quarantine-2)

Infected with: Trojan.WinAd.22528

C:\Program Files\Norton AntiVirus\Quarantine\1A0345CF.dll=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\1A0345CF.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\1A066FCC.fr4=>(Quarantine-2)

Infected with: Trojan.Winad.V

C:\Program Files\Norton AntiVirus\Quarantine\1A066FCC.fr4=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\1A066FCC.fr4=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\1A0A19C8.fr7=>(Quarantine-2)

Infected with: Trojan.Winad.AE

C:\Program Files\Norton AntiVirus\Quarantine\1A0A19C8.fr7=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\1A0A19C8.fr7=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\1A0D43C5.frC=>(Quarantine-2)

Infected with: Trojan.Winad.71680.DLL

C:\Program Files\Norton AntiVirus\Quarantine\1A0D43C5.frC=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\1A0D43C5.frC=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\1DCA16EA.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\1DCA16EA.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\1DCA16EA.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\1FF609EA.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\1FF609EA.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\1FF609EA.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\21D0235A.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\21D0235A.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\21D0235A.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\242A2AC3.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.MY

C:\Program Files\Norton AntiVirus\Quarantine\242A2AC3.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\242A2AC3.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\24317EBC.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.MY

C:\Program Files\Norton AntiVirus\Quarantine\24317EBC.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\24317EBC.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\243428B8.fr9=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.BF

C:\Program Files\Norton AntiVirus\Quarantine\243428B8.fr9=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\243428B8.fr9=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\243752B5.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.MY

C:\Program Files\Norton AntiVirus\Quarantine\243752B5.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\243752B5.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\251814E6.tmp=>(Quarantine-2)

Infected with: Trojan.Dialer.OG

C:\Program Files\Norton AntiVirus\Quarantine\251814E6.tmp=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\251814E6.tmp=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\26C85CC3.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\26C85CC3.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\26C85CC3.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\293B00E0.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\293B00E0.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\293B00E0.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\293F2ADC.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\293F2ADC.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\293F2ADC.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2EC71540.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\Program Files\Norton AntiVirus\Quarantine\2EC71540.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2EC71540.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\305E4556.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\305E4556.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\305E4556.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\34031AB4.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\34031AB4.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\34031AB4.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\366B70F4.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\366B70F4.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\366B70F4.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\37027233.exe=>(Quarantine-2)

Infected with: Backdoor.RBot.D2AEA388

C:\Program Files\Norton AntiVirus\Quarantine\37027233.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\39FE3BF0.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Crypter.A

C:\Program Files\Norton AntiVirus\Quarantine\39FE3BF0.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\39FE3BF0.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\3D5350C4.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\3D5350C4.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\3D5350C4.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\3DAE313D.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\3DAE313D.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\3DAE313D.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\3EAD6CCA.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Crypter.A

C:\Program Files\Norton AntiVirus\Quarantine\3EAD6CCA.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\3EAD6CCA.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\3F4D2363.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Agent.HW

C:\Program Files\Norton AntiVirus\Quarantine\3F4D2363.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\3F4D2363.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\3F504D60.exe=>(Quarantine-2)

Infected with: Dropped:Application.ProcKill.Jk

C:\Program Files\Norton AntiVirus\Quarantine\3F504D60.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\3F504D60.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\3F5D4807.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Crypter.A

C:\Program Files\Norton AntiVirus\Quarantine\3F5D4807.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\3F5D4807.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\3FDE0A48.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\3FDE0A48.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\3FDE0A48.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\402A4714.exe=>(Quarantine-2)

Infected with: Trojan.Spy.Sheriff.C

C:\Program Files\Norton AntiVirus\Quarantine\402A4714.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\402A4714.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\427D5280.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\427D5280.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\427D5280.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\44B95784.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\44B95784.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\44B95784.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\44C35579.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\44C35579.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\44C35579.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\44C81D26.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\44C81D26.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\44C81D26.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\45E70D3D.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\Program Files\Norton AntiVirus\Quarantine\45E70D3D.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\45E70D3D.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4A76741F.exe=>(Quarantine-2)

Infected with: Trojan.Dropper.Agent.AZ

C:\Program Files\Norton AntiVirus\Quarantine\4A76741F.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\4A76741F.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4B7F1726.wmf=>(Quarantine-2)

Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\4B7F1726.wmf=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\4B7F1726.wmf=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4B800FC7.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\4B800FC7.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\4B800FC7.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4E080392.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\4E080392.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\4E080392.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4FA11183.tmp=>(Quarantine-2)

Infected with: Trojan.Dialer.OG

C:\Program Files\Norton AntiVirus\Quarantine\4FA11183.tmp=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\4FA11183.tmp=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\52F8385D.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\52F8385D.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\52F8385D.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5526765B.cla=>(Quarantine-2)

Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton AntiVirus\Quarantine\5526765B.cla=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\57535DAE.exe=>(Quarantine-2)

Infected with: Trojan.Dropper.Agent.AZ

C:\Program Files\Norton AntiVirus\Quarantine\57535DAE.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\57535DAE.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5C210408.exe=>(Quarantine-2)

Infected with: Trojan.Dropper.Agent.AZ

C:\Program Files\Norton AntiVirus\Quarantine\5C210408.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\5C210408.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\60164033.wmf=>(Quarantine-2)

Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\60164033.wmf=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\60164033.wmf=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\6036693A.exe=>(Quarantine-2)

Infected with: Trojan.Favadd.C

C:\Program Files\Norton AntiVirus\Quarantine\6036693A.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\603C3D33.dll=>(Quarantine-2)

Infected with: Trojan.Downloader.OM

C:\Program Files\Norton AntiVirus\Quarantine\603C3D33.dll=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\603C3D33.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\61BE0EB0.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\61BE0EB0.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\61BE0EB0.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\63AE41BB.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\63AE41BB.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\63AE41BB.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\652B34A2.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\652B34A2.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\652B34A2.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\68A277F6.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\68A277F6.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\68A277F6.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\6A3304E4.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.HK

C:\Program Files\Norton AntiVirus\Quarantine\6A3304E4.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\6A3304E4.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\6A402CD6.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.HK

C:\Program Files\Norton AntiVirus\Quarantine\6A402CD6.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\6A402CD6.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\72EB638C.ocx=>(Quarantine-2)

Infected with: Trojan.Clicker.Adpower.A

C:\Program Files\Norton AntiVirus\Quarantine\72EB638C.ocx=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\72EB638C.ocx=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\72EE0D88.ocx=>(Quarantine-2)

Infected with: Trojan.Clicker.Adpower.A

C:\Program Files\Norton AntiVirus\Quarantine\72EE0D88.ocx=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\72EE0D88.ocx=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\74F16A09.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.IstBar.NX

C:\Program Files\Norton AntiVirus\Quarantine\74F16A09.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\74F16A09.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\74FB67FF.dll=>(Quarantine-2)

Infected with: Trojan.WinAd.AE

C:\Program Files\Norton AntiVirus\Quarantine\74FB67FF.dll=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\74FB67FF.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\74FE11FB.dll=>(Quarantine-2)

Infected with: Trojan.Downloader.IstBar.NZ

C:\Program Files\Norton AntiVirus\Quarantine\74FE11FB.dll=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\74FE11FB.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\75005CA4.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\75005CA4.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\75005CA4.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\75310990.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\75310990.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\75310990.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\756E15E9.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\756E15E9.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\756E15E9.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\77492666.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\Program Files\Norton AntiVirus\Quarantine\77492666.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\77492666.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\7E94614A.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\Program Files\Norton AntiVirus\Quarantine\7E94614A.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\7E94614A.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\7E9A3543.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\Program Files\Norton AntiVirus\Quarantine\7E9A3543.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\7E9A3543.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\7E9E5F3F.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\Program Files\Norton AntiVirus\Quarantine\7E9E5F3F.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\7E9E5F3F.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\7EA1093C.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\Program Files\Norton AntiVirus\Quarantine\7EA1093C.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\7EA1093C.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\7EA43338.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\Program Files\Norton AntiVirus\Quarantine\7EA43338.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\7EA43338.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\7F2F4513.exe=>(Quarantine-2)

Infected with: Trojan.Sillydl.DS

C:\Program Files\Norton AntiVirus\Quarantine\7F2F4513.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\7F2F4513.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\7F401A44.tmp=>(Quarantine-2)

Infected with: Trojan.Dialer.OG

C:\Program Files\Norton AntiVirus\Quarantine\7F401A44.tmp=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\7F401A44.tmp=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234299.exe

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234299.exe

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234299.exe

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234300.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.6Sear.A

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234300.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234300.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234301.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234301.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234301.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234302.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234302.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234302.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234303.exe=>(Quarantine-2)

Infected with: Trojan.Dloader.HK

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234303.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234303.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234304.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234304.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234304.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234305.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234305.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234305.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234306.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.PurityScan.CQ

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234306.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234306.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234307.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234307.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234307.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234308.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234308.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234308.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234309.exe=>(Quarantine-2)

Infected with: MemScan:Trojan.Downloader.PurityScan.CQ

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234309.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234309.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234310.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234310.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234310.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234311.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234311.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234311.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234312.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234312.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234312.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234313.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.BJ

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234313.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234313.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234314.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.BJ

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234314.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234314.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234315.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234315.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234315.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234316.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Agent.CK

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234316.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234316.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234317.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234317.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234317.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234318.dll=>(Quarantine-2)

Infected with: Trojan.WinAd.22528

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234318.dll=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234318.dll=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234319.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234319.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234319.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234320.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234320.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234320.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234321.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234321.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234321.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234322.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.MY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234322.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234322.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234323.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.MY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234323.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234323.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234324.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.MY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234324.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234324.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234325.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234325.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234325.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234326.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234326.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234326.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234327.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234327.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234327.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234328.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234328.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234328.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234329.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234329.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234329.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234330.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234330.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234330.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234331.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234331.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234331.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234332.exe=>(Quarantine-2)

Infected with: Backdoor.RBot.D2AEA388

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234332.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234333.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Crypter.A

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234333.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234333.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234334.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234334.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234334.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234335.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234335.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234335.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234336.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Crypter.A

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234336.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234336.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234337.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Agent.HW

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234337.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234337.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234338.exe=>(Quarantine-2)

Infected with: Dropped:Application.ProcKill.Jk

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234338.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234338.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234339.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Crypter.A

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234339.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234339.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234340.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234340.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234340.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234341.exe=>(Quarantine-2)

Infected with: Trojan.Spy.Sheriff.C

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234341.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234341.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234342.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234342.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234342.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234343.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234343.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234343.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234344.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234344.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234344.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234345.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234345.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234345.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234346.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234346.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234346.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234347.exe=>(Quarantine-2)

Infected with: Trojan.Dropper.Agent.AZ

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234347.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234347.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234348.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234348.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234348.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234349.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234349.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234349.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234350.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234350.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234350.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234351.exe=>(Quarantine-2)

Infected with: Trojan.Dropper.Agent.AZ

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234351.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234351.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234352.exe=>(Quarantine-2)

Infected with: Trojan.Dropper.Agent.AZ

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234352.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234352.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234353.exe=>(Quarantine-2)

Infected with: Trojan.Favadd.C

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234353.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234354.dll=>(Quarantine-2)

Infected with: Trojan.Downloader.OM

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234354.dll=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234354.dll=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234355.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234355.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234355.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234356.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234356.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234356.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234357.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234357.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234357.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234358.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234358.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234358.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234359.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.HK

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234359.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234359.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234360.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.HK

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234360.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234360.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234361.ocx=>(Quarantine-2)

Infected with: Trojan.Clicker.Adpower.A

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234361.ocx=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234361.ocx=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234362.ocx=>(Quarantine-2)

Infected with: Trojan.Clicker.Adpower.A

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234362.ocx=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234362.ocx=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234363.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.IstBar.NX

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234363.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234363.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234364.dll=>(Quarantine-2)

Infected with: Trojan.WinAd.AE

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234364.dll=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234364.dll=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234365.dll=>(Quarantine-2)

Infected with: Trojan.Downloader.IstBar.NZ

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234365.dll=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234365.dll=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234366.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234366.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234366.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234367.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234367.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234367.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234368.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234368.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234368.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234369.exe=>(Quarantine-2)

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234369.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234369.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234370.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234370.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234370.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234371.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234371.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234371.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234372.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234372.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234372.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234373.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234373.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234373.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234374.exe=>(Quarantine-2)

Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234374.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234374.exe=>(Quarantine-2)

Deleted

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234375.exe=>(Quarantine-2)

Infected with: Trojan.Sillydl.DS

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234375.exe=>(Quarantine-2)

Disinfection failed

C:\System Volume Information\_restore{CB74E2FF-E2C9-49BA-B6AC-A08561DCDC0B}\RP995\A0234375.exe=>(Quarantine-2)

Deleted

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 2)

Infected with: JS.Winshow.U

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 2)

Disinfection failed

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 2)

Deleted

C:\WINDOWS\sseditor.gif=>:defan:$DATA

Updated

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 16)

Infected with: JS.Winshow.U

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 16)

Disinfection failed

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 16)

Deleted

C:\WINDOWS\sseditor.gif=>:defan:$DATA

Updated

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 30)

Infected with: JS.Winshow.U

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 30)

Disinfection failed

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 30)

Deleted

C:\WINDOWS\sseditor.gif=>:defan:$DATA

Updated

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 46)

Infected with: JS.Winshow.U

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 46)

Disinfection failed

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 46)

Deleted

C:\WINDOWS\sseditor.gif=>:defan:$DATA

Updated

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 191)

Infected with: Trojan.Downloader.Winshow.AK

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 191)

Disinfection failed

C:\WINDOWS\sseditor.gif=>:defan:$DATA=>(JAVASCRIPT 191)

Deleted

C:\WINDOWS\sseditor.gif=>:defan:$DATA

Updated

C:\WINDOWS\sseditor.gif

Update failed

C:\WINDOWS\system32\056c4617.exe

Suspected of: BehavesLike:Trojan.Downloader

C:\WINDOWS\system32\056c4617.exe

Disinfection failed

C:\WINDOWS\system32\056c4617.exe

Delete failed

C:\WINDOWS\system32\1scenichp.exe

Infected with: Trojan.StartPage.AGS

C:\WINDOWS\system32\1scenichp.exe

Deleted