Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Jacked

Started by dunkard , Nov 08 2005 08:47 PM

  • This topic is locked This topic is locked
17 replies to this topic

#1 dunkard

dunkard

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 08 November 2005 - 08:47 PM

Logfile of HijackThis v1.99.1
Scan saved at 9:35:32 PM, on 11/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\jgeh\vmfed.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\SYS98.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Copernic Summarizer\CSAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\??xplore.exe
C:\Program Files\rdso\eetu.exe
C:\Program Files\Common Files\Windows\services32.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Common Files\services.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MICROS~4\Office\OUTLOOK.EXE
C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE
C:\PROGRA~1\WebHost\webhost-v2.exe
C:\Program Files\Copernic Agent\CopernicAgent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\My Documents\Hijackthis\Thisfile\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://red.clientapp.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

http://red.clientapp...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {00000000-0000-46B2-BEC5-E1505113AC70} - C:\Program Files\y2g8q898\y2g8q898.dll
O2 - BHO: (no name) - {00000000-0000-4C1F-AF1A-1FBF2C2E90FB} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0

\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!

\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!

\Common\YIeTagBm.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-

xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN

Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton

SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: AdCom - {D7950AB4-67F5-458e-A37D-9F2DE7F250AC} - C:\WINDOWS\system32\AdCom.dll
O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program

Files\DNS\Catcher.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton

SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN

Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!

\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [mm_server] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\ssglsk.exe reg_run
O4 - HKLM\..\Run: [YourMonitor] C:\WINDOWS\SYS98
O4 - HKLM\..\Run: [vmfed] C:\WINDOWS\system32\jgeh\vmfed.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [CopernicSummarizerWatchdog] "C:\Program Files\Copernic Summarizer\CSAgent.exe"

/thisismandatory
O4 - HKCU\..\Run: [Desktop Weather 3] C:\PROGRA~1\THEWEA~1\THEWEA~1.EXE
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [services32] C:\Program Files\Common Files\Windows\mc-58-12-0000119.exe
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\mc-58-12-0000119.exe
O4 - HKCU\..\Run: [CMSystem] "C:\Program Files\CMSystem\CMSystem.exe"
O4 - HKCU\..\Run: [CAS2] "C:\Program Files\System Files\System.exe"
O4 - HKCU\..\Run: [Abdwa] C:\WINDOWS\system32\??xplore.exe
O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt rbnd
O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Google Search - res://c:\program

files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program

files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program

files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program

files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic

Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Similar Pages - res://c:\program

files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Summarize Using Copernic Summarizer - C:\Program Files\Copernic

Summarizer\Web\SummarizePage.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program

files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04

\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Summarize - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1

\COPERN~1\COPERN~1.EXE
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!

\Common\yiesrvc.dll
O9 - Extra button: LiveSummarizer - {6170AB22-F1E5-4D4F-8F6C-826C73838581} - C:\Program Files\Copernic

Summarizer\CopernicSummarizerApp.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1

\COPERN~1.EXE
O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra 'Tools' menuitem: Summarize Using Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} -

C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: http://cam.switch.ch
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) -

http://www.alternati.../00/alttiff.cab
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) -

http://www.snapfish....tlookImport.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

http://go.microsoft....k/?linkid=39204
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} - http://www.20x2p.com...70c94/enter.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -

http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -

http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) -

http://www.imgag.com...stall/AxCtp.cab
O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) -

http://download.akam...loadManager.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep....42037/sb02a.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -

http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -

http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -

http://camera.primor...sCamControl.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -

http://messenger.msn...pDownloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: hllnoajayuhk - Unknown owner - C:\WINDOWS\system32\ayuhk\hllnoaj.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: itloxelaobv - Unknown owner - C:\WINDOWS\system32\laobv\itloxe.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program

Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton

SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1

\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec

Shared\Security Center\SymWSC.exe
O23 - Service: yncjhupixyoa - Unknown owner - C:\WINDOWS\system32\ixyoa\yncjhup.exe

    Advertisements

Register to Remove

#2 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 12 November 2005 - 05:50 PM

Hello dunkard, welcome to the forum. Sorry about the delay in responding :( If you still need help, Scan again with HijackThis, and copy/paste" a new log file into this thread.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

#3 dunkard

dunkard

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 12 November 2005 - 09:24 PM

I purchased Spyware Detector during the time that I was waiting for a response to my first post. It should have modified this list substantially. It appears that I still have some browser helper junk popping up on my computer. Please help.

Best regards,

dave.

NEW SCAN

Logfile of HijackThis v1.99.1
Scan saved at 10:17:44 PM, on 11/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\jgeh\vmfed.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\SpywareDetectorSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\WINDOWS\system32\SDSystemTray.exe
C:\Program Files\SpywareDetector\SDMonitor.exe
C:\WINDOWS\SYS98.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Copernic Summarizer\CSAgent.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\??xplore.exe
C:\Program Files\rdso\eetu.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\My Documents\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {00000000-0000-46B2-BEC5-E1505113AC70} - C:\Program Files\y2g8q898\y2g8q898.dll
O2 - BHO: (no name) - {00000000-0000-4C1F-AF1A-1FBF2C2E90FB} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: BHOPopupSmasher Class - {702EA91C-1ACF-4772-8078-18F2B2EE1031} - C:\WINDOWS\system32\BlockActivex.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: AdCom - {D7950AB4-67F5-458e-A37D-9F2DE7F250AC} - C:\WINDOWS\system32\AdCom.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [mm_server] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\ssglsk.exe reg_run
O4 - HKLM\..\Run: [itfm] C:\WINDOWS\system32\vvwavf\itfm.exe
O4 - HKLM\..\Run: [SystemTraySD] C:\WINDOWS\system32\SDSystemTray.exe
O4 - HKLM\..\Run: [MonitorSD] C:\Program Files\SpywareDetector\SDMonitor.exe
O4 - HKLM\..\Run: [SDAutoLiveupdate] C:\WINDOWS\system32\LiveUpdateSD.exe -AUTO
O4 - HKLM\..\Run: [vmfed] C:\WINDOWS\system32\jgeh\vmfed.exe
O4 - HKLM\..\Run: [YourMonitor] C:\WINDOWS\SYS98
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CopernicSummarizerWatchdog] "C:\Program Files\Copernic Summarizer\CSAgent.exe" /thisismandatory
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Abdwa] C:\WINDOWS\system32\??xplore.exe
O4 - HKCU\..\Run: [adia] "C:\Program Files\rdso\eetu.exe" -vt rbnd
O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt rbnd
O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Summarize Using Copernic Summarizer - C:\Program Files\Copernic Summarizer\Web\SummarizePage.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Summarize - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: LiveSummarizer - {6170AB22-F1E5-4D4F-8F6C-826C73838581} - C:\Program Files\Copernic Summarizer\CopernicSummarizerApp.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra 'Tools' menuitem: Summarize Using Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: http://cam.switch.ch
O15 - Trusted Zone: *.moc.sgninniwyzarc.emarf (HKLM)
O15 - Trusted Zone: *.moc.tsebadmwa (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternati.../00/alttiff.cab
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish....tlookImport.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://www.imgag.com...stall/AxCtp.cab
O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) - http://download.akam...loadManager.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep....42037/sb02a.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera.primor...sCamControl.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: }E878F47EAB2C-658A-0F54-BCFA-14388A22{ - http://www.20x2p.com...70c94/enter.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: hllnoajayuhk - Unknown owner - C:\WINDOWS\system32\ayuhk\hllnoaj.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: itfmvvwavf - Unknown owner - C:\WINDOWS\system32\vvwavf\itfm.exe
O23 - Service: itloxelaobv - Unknown owner - C:\WINDOWS\system32\laobv\itloxe.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SpyDetectSVC - Max Secure Technologies - C:\WINDOWS\system32\SpywareDetectorSVC.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: vmfedjgeh - Unknown owner - C:\WINDOWS\system32\jgeh\vmfed.exe
O23 - Service: yncjhupixyoa - Unknown owner - C:\WINDOWS\system32\ixyoa\yncjhup.exe

#4 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 12 November 2005 - 09:35 PM

Download this file from the link to your desktop.
http://www.mvps.org/.../DelDomains.inf

Right-click on the deldomains.inf file and select 'Install'

Once it is finished your Zones should be reset.

Note, if you use SpywareBlaster and/or IE/Spyads, it will be necessary to re-install the protection both afford. For SpywareBlaster, run the program and re-protect all items. For IE/Spyads, run the batch file and reinstall the protection


Next:

Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/
Install it, and update the definitions to the newest files. Do NOT run a scan yet.


Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


Then please run Ewido, click on the Scanner run a full scan and let it clean everything it finds. Save the logfile from the scan.


Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

#5 dunkard

dunkard

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 13 November 2005 - 11:04 AM

I have done what you asked me to do and the two scan results are pasted below.

Thanks you for your continuing help.

Best regards,

dave.


Logfile of HijackThis v1.99.1
Scan saved at 11:51:59 AM, on 11/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\jgeh\vmfed.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\SpywareDetectorSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\SDSystemTray.exe
C:\Program Files\SpywareDetector\SDMonitor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Copernic Summarizer\CSAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\??xplore.exe
C:\Program Files\rdso\eetu.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
C:\PROGRA~1\MICROS~4\Office\OUTLOOK.EXE
C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\My Documents\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {00000000-0000-46B2-BEC5-E1505113AC70} - C:\Program Files\y2g8q898\y2g8q898.dll (file missing)
O2 - BHO: (no name) - {00000000-0000-4C1F-AF1A-1FBF2C2E90FB} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: BHOPopupSmasher Class - {702EA91C-1ACF-4772-8078-18F2B2EE1031} - C:\WINDOWS\system32\BlockActivex.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: AdCom - {D7950AB4-67F5-458e-A37D-9F2DE7F250AC} - C:\WINDOWS\system32\AdCom.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [mm_server] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [itfm] C:\WINDOWS\system32\vvwavf\itfm.exe
O4 - HKLM\..\Run: [SystemTraySD] C:\WINDOWS\system32\SDSystemTray.exe
O4 - HKLM\..\Run: [MonitorSD] C:\Program Files\SpywareDetector\SDMonitor.exe
O4 - HKLM\..\Run: [SDAutoLiveupdate] C:\WINDOWS\system32\LiveUpdateSD.exe -AUTO
O4 - HKLM\..\Run: [vmfed] C:\WINDOWS\system32\jgeh\vmfed.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CopernicSummarizerWatchdog] "C:\Program Files\Copernic Summarizer\CSAgent.exe" /thisismandatory
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Abdwa] C:\WINDOWS\system32\??xplore.exe
O4 - HKCU\..\Run: [adia] "C:\Program Files\rdso\eetu.exe" -vt rbnd
O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt rbnd
O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Summarize Using Copernic Summarizer - C:\Program Files\Copernic Summarizer\Web\SummarizePage.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Summarize - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: LiveSummarizer - {6170AB22-F1E5-4D4F-8F6C-826C73838581} - C:\Program Files\Copernic Summarizer\CopernicSummarizerApp.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra 'Tools' menuitem: Summarize Using Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternati.../00/alttiff.cab
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish....tlookImport.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://www.imgag.com...stall/AxCtp.cab
O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) - http://download.akam...loadManager.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera.primor...sCamControl.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: }E878F47EAB2C-658A-0F54-BCFA-14388A22{ - http://www.20x2p.com...70c94/enter.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: hllnoajayuhk - Unknown owner - C:\WINDOWS\system32\ayuhk\hllnoaj.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: itfmvvwavf - Unknown owner - C:\WINDOWS\system32\vvwavf\itfm.exe
O23 - Service: itloxelaobv - Unknown owner - C:\WINDOWS\system32\laobv\itloxe.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SpyDetectSVC - Max Secure Technologies - C:\WINDOWS\system32\SpywareDetectorSVC.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: vmfedjgeh - Unknown owner - C:\WINDOWS\system32\jgeh\vmfed.exe
O23 - Service: yncjhupixyoa - Unknown owner - C:\WINDOWS\system32\ixyoa\yncjhup.exe



---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 11:41:16 AM, 11/13/2005
+ Report-Checksum: EC7CB84E

+ Scan result:

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{640B39C1-D713-464F-92C3-75BD972B95EE} -> Spyware.SideStep : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000010-6F7D-442C-93E3-4A4827C2E4C8} -> Spyware.InternetOptimizer : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{86227D9C-0EFE-4F8A-AA55-30386A3F5686} -> Spyware.YourSiteBar : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} -> Spyware.MoneyTree : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0} -> Spyware.Webhancer : Cleaned with backup
HKU\S-1-5-21-1005828819-1585953905-3904133661-1007\Software\DNS -> Adware.Shorty : Cleaned with backup
HKU\S-1-5-21-1005828819-1585953905-3904133661-1007\Software\share_bwp -> Spyware.BigWebPortal : Cleaned with backup
HKU\S-1-5-21-1005828819-1585953905-3904133661-1007\Software\share_bwp\ffffaaa -> Spyware.BigWebPortal : Cleaned with backup
HKU\S-1-5-21-1005828819-1585953905-3904133661-1007\Software\share_bwp\iiii -> Spyware.BigWebPortal : Cleaned with backup
HKU\S-1-5-21-1005828819-1585953905-3904133661-1007\Software\share_bwp\kkkk -> Spyware.BigWebPortal : Cleaned with backup
HKU\S-1-5-21-1005828819-1585953905-3904133661-1007\Software\share_bwp\pppp -> Spyware.BigWebPortal : Cleaned with backup
HKU\S-1-5-21-1005828819-1585953905-3904133661-1007\Software\share_bwp\ssss -> Spyware.BigWebPortal : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000010-6F7D-442C-93E3-4A4827C2E4C8} -> Spyware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{86227D9C-0EFE-4F8A-AA55-30386A3F5686} -> Spyware.YourSiteBar : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} -> Spyware.MoneyTree : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0} -> Spyware.Webhancer : Cleaned with backup
C:\Documents and Settings\Administrator.D8MLHJ41\Cookies\administrator@linksynergy[2].txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
C:\Documents and Settings\Administrator.D8MLHJ41\Cookies\administrator@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Administrator.D8MLHJ41\Cookies\administrator@qksrv[2].txt -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Documents and Settings\Administrator.D8MLHJ41\Cookies\administrator@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Documents and Settings\Administrator.D8MLHJ41\Local Settings\Temp\qdelwbi.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\rikn.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@adbrite[1].txt -> Spyware.Cookie.Adbrite : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@as-us.falkag[2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@hypertracker[2].txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@questionmarket[2].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@revenue[2].txt -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@trafficmp[2].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@www.epilot[1].txt -> Spyware.Cookie.Epilot : Cleaned with backup
C:\Documents and Settings\user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Gummy.class-421ef8d2-27001277.class -> Trojan.Java.Femad : Cleaned with backup
C:\Documents and Settings\user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5ef20017-54cad1f4.zip/Gummy.class -> Trojan.Java.Femad : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\lf_16B4.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_16E4.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_184.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_1DBC.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_2C0.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_2E8.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_3E4.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_428.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_4A0.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_5DC.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_760.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_830.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_838.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_8F4.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_95C.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_AF0.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_BE8.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_C0.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_E08.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\lf_EC4.tmp -> TrojanDownloader.Dluca : Cleaned with backup
C:\Program Files\Dxnowaf\Xwhhjau.exe -> Trojan.Small.cy : Cleaned with backup
C:\Program Files\Hijackthis\backups\backup-20051015-090124-666.dll -> Spyware.ClearSearch : Cleaned with backup
C:\Program Files\Hijackthis\backups\backup-20051015-090125-413.dll -> Spyware.NewDotNet : Cleaned with backup
C:\Program Files\y2g8q898\i05vdprk.DLL -> Spyware.ClearSearch : Cleaned with backup
C:\Program Files\y2g8q898\lk53ws89.DLL -> Spyware.ClearSearch : Cleaned with backup
C:\Program Files\y2g8q898\n3qt8xtw.DLL -> Spyware.ClearSearch : Cleaned with backup
C:\Program Files\y2g8q898\shdppp5m.DLL -> Spyware.ClearSearch : Cleaned with backup
C:\Program Files\y2g8q898\y2g8q898.dll -> Spyware.ClearSearch : Cleaned with backup
C:\Program Files\y2g8q898\y2g8q898.exe -> Backdoor.Ruledor.g : Cleaned with backup
C:\Program Files\y2g8q898\y2g8q8981\y2g8q8981.dll -> Spyware.ClearSearch : Cleaned with backup
C:\Program Files\y2g8q898\y2g8q8981\y2g8q8981.exe -> Spyware.ClearSearch : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\20051105054353.zip/WINDOWS/NDNuninstall6_90.exe -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\20051105054357.zip/WINDOWS/webhdll.dll -> Spyware.WebHancer : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\20051105054400.zip/WINDOWS/system32/activeds.exe -> Spyware.UrlSpy : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5A.tmp -> TrojanSpy.Globar.d : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5E.tmp -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5F.tmp -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq60.tmp -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq63.tmp -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6B.tmp -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6E.tmp -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq70.tmp -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq75.tmp -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq78.tmp -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq79.tmp -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7B.tmp -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7C.tmp -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7D.tmp -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD3C.tmp -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD3E.tmp -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD3F.tmp -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD41.tmp -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD42.tmp -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD43.tmp -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD44.tmp -> Spyware.Cookie.Bridgetrack : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD45.tmp -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD46.tmp -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD48.tmp -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD49.tmp -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD4A.tmp -> Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD50.tmp -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD51.tmp -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD52.tmp -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD53.tmp -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD54.tmp -> Spyware.Cookie.Targetnet : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD55.tmp -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD56.tmp -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD57.tmp -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\RECYCLER\NPROTECT\00475909.EXE -> Spyware.Maxifiles : Cleaned with backup
C:\RECYCLER\NPROTECT\00475910.exe -> Spyware.Maxifiles : Cleaned with backup
C:\RECYCLER\NPROTECT\00475917.exe -> Spyware.Pacer : Cleaned with backup
C:\RECYCLER\NPROTECT\00475919.exe -> Spyware.Pacer : Cleaned with backup
C:\RECYCLER\NPROTECT\00475920.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup
C:\RECYCLER\NPROTECT\00475922.dat -> TrojanDownloader.Qoologic.ac : Cleaned with backup
C:\RECYCLER\NPROTECT\00475970.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475971.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475972.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475973.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475974.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475975.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475976.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475977.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475978.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475979.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475982.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475984.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475985.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475991.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475992.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475993.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475994.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475996.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475997.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475998.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00475999.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476028.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476029.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476030.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476031.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476032.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476034.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476037.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476039.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476040.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476041.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476043.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476052.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476063.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476065.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476067.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476068.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476070.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476073.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476075.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476076.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476077.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476079.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476081.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476082.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476083.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476084.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476085.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476086.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476087.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476088.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476089.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476090.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476091.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00476333.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00476334.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00476335.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00476336.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00476337.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00476415.TXT -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\RECYCLER\NPROTECT\00476416.TXT -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\RECYCLER\NPROTECT\00476417.TXT -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\RECYCLER\NPROTECT\00476425.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476426.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476427.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476428.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476502.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476503.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476504.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476505.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476506.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476507.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00476508.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477103.dat -> TrojanDownloader.Qoologic.ac : Cleaned with backup
C:\RECYCLER\NPROTECT\00477400.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00477401.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00477402.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00477403.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00477404.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00477406.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477407.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477408.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477505.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477506.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477507.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477508.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477509.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477510.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477511.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477515.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477516.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477517.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477518.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477696.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477697.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477698.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477701.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477704.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477705.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477707.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477708.TXT -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\RECYCLER\NPROTECT\00477713.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477715.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477716.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477717.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477722.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477723.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477724.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477758.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00477759.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00477760.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00477761.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00477762.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00477763.TXT -> Spyware.Cookie.Falkag : Cleaned with backup
C:\RECYCLER\NPROTECT\00477764.TXT -> Spyware.Cookie.Falkag : Cleaned with backup
C:\RECYCLER\NPROTECT\00477765.TXT -> Spyware.Cookie.Falkag : Cleaned with backup
C:\RECYCLER\NPROTECT\00477766.TXT -> Spyware.Cookie.Falkag : Cleaned with backup
C:\RECYCLER\NPROTECT\00477767.TXT -> Spyware.Cookie.Falkag : Cleaned with backup
C:\RECYCLER\NPROTECT\00477768.TXT -> Spyware.Cookie.Falkag : Cleaned with backup
C:\RECYCLER\NPROTECT\00477769.TXT -> Spyware.Cookie.Falkag : Cleaned with backup
C:\RECYCLER\NPROTECT\00477792.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477794.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477796.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477797.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477799.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477820.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477822.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477824.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00477825.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00478067.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00478068.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00478069.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00478070.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00478071.TXT -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\RECYCLER\NPROTECT\00478073.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00478074.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00478075.TXT -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP532\A0059994.dll -> TrojanDownloader.Qoologic.ak : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP532\A0059995.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP532\A0059996.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060060.dll -> TrojanDownloader.Qoologic.ak : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060061.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060062.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060102.exe -> Spyware.ClearSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060103.dll -> Spyware.ClearSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060105.dll -> Spyware.ClearSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060108.exe -> Adware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060109.exe -> Adware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060111.exe -> Spyware.MediaTickets : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060124.exe -> Spyware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060128.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060132.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060133.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060167.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060168.ocx -> Spyware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060171.exe -> Spyware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060716.dll -> Trojan.EliteBar.c : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060722.exe -> Spyware.WebHancer : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060724.exe -> Spyware.SafeSurfing : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060725.dll -> Spyware.SafeSurfing : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060740.exe -> Spyware.WebHancer : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060741.dll -> Spyware.WebHancer : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060753.exe -> Spyware.CASClient : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060754.dll -> Spyware.CASClient : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060756.exe -> Spyware.WinAD : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060761.exe -> TrojanDownloader.VB.hj : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060762.exe -> TrojanDownloader.VB.hw : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060763.exe -> Trojan.Small.cy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060764.exe -> TrojanDropper.Agent.mu : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060765.exe -> Trojan.Small.cy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060766.exe -> TrojanDropper.Agent.hl : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060767.exe/WhAgent.exe -> Spyware.WebHancer : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060769.exe -> TrojanDropper.Agent.xw : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0060776.dll -> Spyware.SafeSurfing : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0061971.dll -> TrojanDownloader.Dyfuca.dt : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0061972.exe -> TrojanDownloader.Dyfuca.dp : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0061973.exe -> TrojanDownloader.Dyfuca.dp : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063021.dll -> Trojan.EliteBar.c : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063055.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063068.exe -> Spyware.WinAD : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063070.exe -> TrojanDropper.Agent.hl : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063165.dll -> Spyware.SurfSide : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063171.exe -> Spyware.SurfSide : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063173.dll -> Spyware.SurfSide : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063174.dll -> Spyware.SurfSide : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063198.exe -> Adware.Saha : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063426.exe -> Spyware.Xupiter : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063427.exe -> TrojanDownloader.TSUpdate.k : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063428.exe -> TrojanDownloader.TSUpdate.j : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063429.exe -> TrojanDownloader.TSUpdate.l : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063634.exe -> TrojanDownloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063645.exe -> TrojanDownloader.Small.abd : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0063661.exe -> TrojanDropper.Agent.hl : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064085.dll -> Spyware.YourSiteBar : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064102.exe -> TrojanDownloader.Agent.rv : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064104.dll/gui.exe -> TrojanDownloader.Agent.rv : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064119.exe -> Spyware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064121.dll -> Spyware.HotSearchBar : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064140.exe -> TrojanDownloader.Agent.lg : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064142.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064143.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064145.EXE -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064148.exe -> TrojanDownloader.Agent.lg : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064149.dll -> TrojanDownloader.Small : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064150.exe -> TrojanDropper.Agent.hl : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064151.exe -> TrojanDropper.Agent.hl : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064157.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064161.exe -> Adware.CommAd : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064162.dll -> Spyware.CommAd : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064167.exe -> TrojanDownloader.Small.abd : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064168.exe -> TrojanDropper.Agent.hl : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064169.exe -> Spyware.ISearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064171.exe -> TrojanDownloader.Agent.qg : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064177.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064178.exe -> Spyware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064180.exe -> TrojanDownloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064181.exe -> TrojanDownloader.Small.abd : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064182.exe -> TrojanDropper.Agent.hl : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064189.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064192.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064194.dll -> TrojanDownloader.Qoologic.ak : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064200.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064481.exe -> Spyware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064543.dll -> Spyware.ClearSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064544.exe -> Spyware.ClearSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064553.exe -> Spyware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064649.exe -> TrojanDownloader.Qoologic.al : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064657.exe -> Spyware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064660.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064661.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064662.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064683.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064698.exe -> Spyware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064724.dll -> Spyware.ClearSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064725.exe -> Spyware.ClearSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064731.dll -> Spyware.180Solutions : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064735.dll -> Spyware.ClearSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP533\A0064736.DLL -> Spyware.ClearSearch : Cleaned with backup<

#6 dunkard

dunkard

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 13 November 2005 - 11:08 AM

continuation of previous post \A0067896.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0067897.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0067902.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0067904.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0067917.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0067935.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0067936.exe -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0068860.exe -> TrojanDownloader.Qoologic.al : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0068865.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0069865.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0069907.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0069908.exe -> TrojanDownloader.VB.jl : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0069911.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0069915.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0069916.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0069918.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0069972.ocx -> Spyware.MediaMotor : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0069974.exe -> Adware.SaveNow : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0069983.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070065.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070067.exe -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070860.exe -> TrojanDownloader.Qoologic.al : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070865.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070890.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070897.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070898.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070899.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070903.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070904.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070906.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070913.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070920.ocx -> Spyware.MediaMotor : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070931.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070932.exe -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070942.exe -> TrojanDownloader.Qoologic.al : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070946.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070948.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070949.dll -> TrojanDownloader.Qoologic.ak : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070950.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070976.exe -> Trojan.Pakes : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070981.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0070986.dll -> TrojanDownloader.Qoologic.ak : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071006.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071013.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071048.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071079.ocx -> Spyware.MediaMotor : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071088.exe/WhAgent.exe -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071136.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071139.exe -> TrojanDownloader.Qoologic.al : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071140.dll -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071141.exe -> Adware.BetterInternet : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071147.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071149.exe -> Trojan.Pakes : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071150.dll -> TrojanDownloader.Qoologic.ak : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071157.exe -> TrojanDownloader.Dyfuca.dp : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071158.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071159.exe -> TrojanDownloader.Dyfuca.dp : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071161.exe -> Spyware.NewDotNet : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071162.exe -> Adware.NewDotNet : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071164.exe -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071166.dll -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071167.exe -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071169.dll -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071170.exe -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071173.dll -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071174.exe -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071176.exe -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071216.exe -> Spyware.NewDotNet : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071217.dll -> TrojanDownloader.Dyfuca : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071225.dll -> Spyware.NewDotNet : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071233.exe -> Trojan.Pakes : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071235.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071238.dll -> TrojanDownloader.Qoologic.ak : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071241.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071244.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071252.dll -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071412.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071413.exe -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071426.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071519.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071522.DLL -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071525.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071527.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071528.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071529.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071530.exe -> Trojan.Pakes : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071531.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071532.exe -> Trojan.Pakes : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071533.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071534.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071535.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071536.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071537.DLL -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071538.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071539.DLL -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071541.exe -> TrojanDownloader.Dluca.bp : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0071938.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072017.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072022.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072034.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072042.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072043.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072044.DLL -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072045.dll/gui.exe -> TrojanDownloader.Agent.rv : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072049.exe -> TrojanDownloader.Agent.rv : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072054.exe -> Spyware.Delfin : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072055.exe -> Spyware.DelphinMediaViewer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072056.exe -> TrojanDownloader.Small.abd : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072057.exe -> TrojanDownloader.Small.abd : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072058.exe -> Spyware.MediaMotor : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072059.exe -> TrojanDownloader.TSUpdate.k : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072060.EXE -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072061.exe -> TrojanDownloader.TSUpdate.l : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072062.exe -> TrojanDownloader.TSUpdate.j : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072118.exe -> TrojanDownloader.Qoologic.al : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072122.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072124.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072131.exe -> Trojan.Pakes : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072132.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072133.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072138.dll -> TrojanDownloader.Small : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0072139.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073121.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073122.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073128.exe -> TrojanDownloader.Qoologic.al : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073129.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073132.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073134.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073135.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073138.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073140.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073144.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073145.exe -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073236.exe -> TrojanDownloader.Qoologic.al : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073240.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073252.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073253.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073254.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073270.exe -> Trojan.Pakes : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073271.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073272.dll -> TrojanDownloader.Qoologic.ak : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073277.dll -> TrojanDownloader.Small : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073278.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073280.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073293.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073294.exe -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073295.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073297.exe -> TrojanDownloader.Qoologic.al : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073313.exe -> Trojan.Pakes : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073318.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073320.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073323.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073356.exe -> Spyware.PurityScan : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073358.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073359.exe -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073361.exe -> TrojanDownloader.Qoologic.al : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073366.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073367.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073368.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073369.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073370.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073527.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073528.DLL -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073529.dll -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073530.DLL -> Spyware.ClearSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073532.EXE -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073537.exe -> TrojanDownloader.TSUpdate.l : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073538.exe -> TrojanDownloader.TSUpdate.j : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073539.exe -> TrojanDownloader.TSUpdate.k : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073540.exe -> Spyware.Xupiter : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073545.EXE -> Spyware.WinAD : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073549.EXE -> Adware.Saha : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073555.exe -> Spyware.MediaMotor : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073557.ocx -> Spyware.MediaMotor : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073558.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073559.exe -> Spyware.MediaMotor : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073560.exe -> TrojanDownloader.Small.abd : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073562.exe -> TrojanDownloader.Agent.qg : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073563.exe -> TrojanDownloader.Small.abd : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073565.ocx -> Spyware.Delfin : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073566.dll -> Spyware.DelphinMedia.Viewer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073567.exe -> Spyware.Delfin : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073568.dll -> Spyware.HotSearchBar : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073569.exe -> Adware.SAHA : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073572.dll -> TrojanDownloader.Small : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073577.exe -> Spyware.DelphinMediaViewer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073578.exe -> TrojanDownloader.Small.abd : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073580.EXE/WhAgent.exe -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073581.EXE -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073582.dll -> TrojanDownloader.Dyfuca.dt : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073647.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073648.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073649.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073650.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073651.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0073719.EXE -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074248.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074249.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074250.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074251.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074252.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074828.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074829.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074830.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074831.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074832.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074862.dll -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0074901.EXE -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0075106.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0075107.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0075108.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0075894.exe -> TrojanDownloader.VB.hw : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076545.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076546.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076547.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076548.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076549.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076550.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076551.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076552.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076553.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076554.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076555.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076556.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076557.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076558.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076559.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076560.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076561.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076562.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076563.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076564.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076565.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076566.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076567.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076568.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076569.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076570.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076571.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076572.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076573.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076574.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076575.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076576.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076577.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076578.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076579.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076580.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076581.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076582.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076583.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076584.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076585.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076586.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076587.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076588.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076589.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076590.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076591.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076592.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076593.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076594.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076595.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076596.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076597.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076598.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076599.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076600.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076601.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076602.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076603.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076605.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076606.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076607.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076608.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076609.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076610.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076611.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076612.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076613.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076614.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076615.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076616.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076617.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076618.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076619.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076620.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076621.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076622.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076623.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076624.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076625.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076626.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076627.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076628.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076629.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076630.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076631.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076632.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076633.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076634.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076635.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076636.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076637.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076638.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076639.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076640.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076641.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076642.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076643.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076644.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076645.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076646.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076647.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076648.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076649.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076650.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076651.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076652.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076653.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076654.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076655.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076656.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076657.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076658.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076659.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076660.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076661.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076662.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076663.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076664.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076665.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076666.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076667.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076668.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076669.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076670.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076671.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076672.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076673.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076674.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076675.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076676.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076677.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076678.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076679.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076680.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076681.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076682.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076683.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076684.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076685.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076686.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076687.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076688.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076689.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076690.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076691.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076692.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076693.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076694.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076695.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076696.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076697.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076698.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076699.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076700.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076701.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076702.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076703.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076704.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076705.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076706.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076707.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076708.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076709.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076710.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076711.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076712.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076713.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076714.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076715.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076716.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076717.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076718.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076719.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076720.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_rest

#7 dunkard

dunkard

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 13 November 2005 - 11:11 AM

\A0076895.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076896.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076897.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076898.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076899.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076900.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076901.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076902.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076903.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076904.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076905.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076906.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076907.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076908.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076909.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076910.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076911.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076914.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076917.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076918.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076919.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076920.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076921.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076922.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076923.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076925.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0076926.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077456.dll -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077457.dll -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077458.exe -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077459.dll -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077463.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077464.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077465.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077466.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077467.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077503.dll -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077504.exe -> Adware.CommAd : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077508.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077509.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077510.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077511.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077592.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077593.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077594.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077595.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077596.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077770.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077771.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077772.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077773.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077774.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077780.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077781.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077782.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077783.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077784.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077978.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077979.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077980.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077981.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0077982.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078759.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078760.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078761.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078762.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078767.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078827.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078828.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078829.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078830.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078831.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078884.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078885.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078886.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078887.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP537\A0078888.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079213.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079214.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079215.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079216.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079217.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079703.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079704.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079705.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079706.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079708.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079974.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079975.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079976.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079977.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0079982.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080037.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080038.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080039.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080040.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080041.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080072.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080073.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080075.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080076.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080077.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080097.DLL -> Spyware.SideSearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080098.exe -> Trojan.Pakes : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080119.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080120.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080121.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080122.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080123.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080124.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080134.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080234.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080235.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080259.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080260.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080261.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080267.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080268.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080269.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080270.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080271.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080272.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080273.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080274.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080275.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080276.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080278.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080279.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080280.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080281.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080282.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080285.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080288.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080289.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080302.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080313.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080315.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080316.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080317.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080318.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080319.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080320.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080321.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080322.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080323.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080324.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080325.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080326.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080327.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080328.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080329.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080330.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080331.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080332.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080333.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080334.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080335.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080336.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080337.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080338.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080339.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080340.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080341.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080342.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080343.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080344.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080349.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080350.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080351.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080352.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080353.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080354.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080355.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080370.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080371.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080372.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080373.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080374.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080377.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080383.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080388.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080456.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080458.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080459.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080460.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080461.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080462.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080463.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080464.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080486.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080487.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080488.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080489.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080490.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080491.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080514.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080527.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080529.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080653.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080654.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080656.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080657.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080658.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080745.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080746.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080747.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080748.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080749.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080750.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080751.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080752.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080753.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080754.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080755.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080857.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080871.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080873.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080874.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080875.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080877.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080878.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080879.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080880.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080881.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080882.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080883.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080884.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080885.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080886.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080887.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080888.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080889.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080890.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080891.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080892.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080893.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080894.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080895.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080896.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080897.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080898.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080899.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080900.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080901.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080902.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080906.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080907.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080908.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080909.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080978.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080979.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080980.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080981.EXE -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080996.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0080997.exe -> Spyware.VirtualBouncer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081004.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081005.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081006.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081011.EXE -> Spyware.VirtualBouncer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081013.dll -> Spyware.CASClient : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081027.EXE -> Spyware.VirtualBouncer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081028.dll -> Spyware.CommAd : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081030.exe -> TrojanDropper.Agent.xw : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081032.EXE -> TrojanDownloader.VB.jl : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081033.EXE -> Spyware.ISearch : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081034.dll -> Spyware.VirtualBouncer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081035.dll -> Spyware.VirtualBouncer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081036.dll -> Spyware.VirtualBouncer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081037.dll -> Spyware.VirtualBouncer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081039.cpl -> TrojanDownloader.Qoologic.ad : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081040.dll -> TrojanDownloader.Small : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081046.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081047.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081049.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081055.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081059.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081060.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081061.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081062.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081063.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081065.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081082.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081087.exe -> Adware.EZula : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081109.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081110.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081111.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081112.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081113.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081352.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081353.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081354.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081355.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081370.dll -> Adware.eZula : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081390.dll -> Adware.eZula : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081408.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081409.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081410.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081411.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP538\A0081412.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP540\A0081612.exe -> Adware.Saha : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP540\A0081613.dll -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP540\A0081614.dll -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP540\A0081615.exe -> Spyware.SurfSide : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP540\A0081620.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP540\A0081621.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP540\A0081622.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP540\A0081626.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP540\A0081627.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP541\A0083616.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP541\A0083617.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP541\A0083618.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP541\A0083619.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP541\A0083620.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP543\A0083766.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP543\A0083767.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP543\A0083768.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP543\A0083769.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP543\A0084645.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP543\A0084646.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP543\A0084647.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP543\A0084648.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP543\A0084649.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0084861.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0084863.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0084866.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0084867.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0084868.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0084872.DLL -> Spyware.SafeSurfing : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0084894.exe -> Spyware.SafeSurfing : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0084899.dll -> Spyware.SafeSurfing : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085301.exe -> Adware.Saha : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085307.exe -> Adware.SaveNow : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085308.dll -> Adware.BetterInternet : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085309.exe -> TrojanDownloader.VB.if : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085373.dll -> TrojanSpy.Globar.d : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085375.EXE -> Adware.NewDotNet : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085376.dll -> Spyware.WebHancer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085377.exe -> Spyware.UrlSpy : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085452.dll -> Adware.Saha : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085500.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085501.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085502.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085503.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP544\A0085504.exe -> Spyware.Maxifiles : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP545\A0085956.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP545\A0085957.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP545\A0085958.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP545\A0085959.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086036.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086037.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086038.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086039.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086141.exe -> Spyware.Pacer : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086151.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086152.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086154.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086155.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086229.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086231.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086232.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086234.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086396.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086397.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086398.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086399.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086425.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086426.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086427.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086428.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086513.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086515.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086517.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP546\A0086518.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\COMSETUP.LOG:jdxug -> TrojanDownloader.Agent.bq : Cleaned with backup C:\WINDOWS\CopernicSummarizerUninstall.exe:ceiza -> Backdoor.Small.dc : Cleaned with backup C:\WINDOWS\CopernicSummarizerUninstall.exe:ceizat -> Backdoor.Small.dc : Cleaned with backup C:\WINDOWS\ICG32.DLL:jizvpo -> Spyware.OneMoreSearch : Cleaned with backup C:\WINDOWS\KB823182.log:pegdc -> TrojanDownloader.Small.ajr : Cleaned with backup C:\WINDOWS\ru.exe -> Spyware.PurityScan : Cleaned with backup C:\WINDOWS\SYS98.exe -> Trojan.VB.tg : Cleaned with backup C:\WINDOWS\SYSTEM32\AdCom186.exe -> Spyware.UrlSpy : Cleaned with backup C:\WINDOWS\SYSTEM32\adcomplusanalytic.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\allinone.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\app2bundle.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\blizex6.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\CAPESNPN.exe -> Spyware.UrlSpy : Cleaned with backup C:\WINDOWS\SYSTEM32\cashplusmedia1.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\cwpggva\nbctmnp.exe -> TrojanDownloader.Agent.lg : Cleaned with backup C:\WINDOWS\SYSTEM32\dipain.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\SYSTEM32\dmnbmco.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\SYSTEM32\eanja.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\SYSTEM32\eetu.exe -> Spyware.PurityScan : Cleaned with backup C:\WINDOWS\SYSTEM32\exe.1foSP -> Spyware.Pacer : Cleaned with backup C:\WINDOWS\SYSTEM32\fsjssdg.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\SYSTEM32\ihrsx.exe -> Spyware.DealHelper : Cleaned with backup C:\WINDOWS\SYSTEM32�

#8 dunkard

dunkard

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 13 November 2005 - 11:19 AM

It did not look like the previous page went to the end of my session. Here is the end of the EWIDO scan C:\WINDOWS\COMSETUP.LOG:jdxug -> TrojanDownloader.Agent.bq : Cleaned with backup C:\WINDOWS\CopernicSummarizerUninstall.exe:ceiza -> Backdoor.Small.dc : Cleaned with backup C:\WINDOWS\CopernicSummarizerUninstall.exe:ceizat -> Backdoor.Small.dc : Cleaned with backup C:\WINDOWS\ICG32.DLL:jizvpo -> Spyware.OneMoreSearch : Cleaned with backup C:\WINDOWS\KB823182.log:pegdc -> TrojanDownloader.Small.ajr : Cleaned with backup C:\WINDOWS\ru.exe -> Spyware.PurityScan : Cleaned with backup C:\WINDOWS\SYS98.exe -> Trojan.VB.tg : Cleaned with backup C:\WINDOWS\SYSTEM32\AdCom186.exe -> Spyware.UrlSpy : Cleaned with backup C:\WINDOWS\SYSTEM32\adcomplusanalytic.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\allinone.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\app2bundle.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\blizex6.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\CAPESNPN.exe -> Spyware.UrlSpy : Cleaned with backup C:\WINDOWS\SYSTEM32\cashplusmedia1.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\cwpggva\nbctmnp.exe -> TrojanDownloader.Agent.lg : Cleaned with backup C:\WINDOWS\SYSTEM32\dipain.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\SYSTEM32\dmnbmco.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\SYSTEM32\eanja.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\SYSTEM32\eetu.exe -> Spyware.PurityScan : Cleaned with backup C:\WINDOWS\SYSTEM32\exe.1foSP -> Spyware.Pacer : Cleaned with backup C:\WINDOWS\SYSTEM32\fsjssdg.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\SYSTEM32\ihrsx.exe -> Spyware.DealHelper : Cleaned with backup C:\WINDOWS\SYSTEM32\kwefw.dll -> TrojanDownloader.Qoologic.ak : Cleaned with backup C:\WINDOWS\SYSTEM32\lorioko.dll -> TrojanDownloader.Qoologic.af : Cleaned with backup C:\WINDOWS\SYSTEM32\medgs1.exe -> Spyware.Hijacker.Generic : Cleaned with backup C:\WINDOWS\SYSTEM32\MediaGateway.exe -> Spyware.WinAD : Cleaned with backup C:\WINDOWS\SYSTEM32\mѕconfig.exe -> Spyware.PurityScan : Cleaned with backup C:\WINDOWS\SYSTEM32\NNSCAA638.EXE -> Spyware.NewDotNet : Cleaned with backup C:\WINDOWS\SYSTEM32\oins.exe -> Spyware.MediaTickets : Cleaned with backup C:\WINDOWS\SYSTEM32\qool3.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\sav2.exe -> TrojanDownloader.Agent.vp : Cleaned with backup C:\WINDOWS\SYSTEM32\ssglsk.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\SYSTEM32\SSK3_B5 Seedcorn 4.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\uci.exe -> TrojanDropper.Agent.hl : Cleaned with backup C:\WINDOWS\SYSTEM32\wkapk.dat -> TrojanDownloader.Qoologic.ac : Cleaned with backup C:\WINDOWS\SYSTEM32\yoto\uuceuh.exe -> TrojanDownloader.Agent.lg : Cleaned with backup C:\WINDOWS\SYSTEM32\ysystt2d.exe -> Spyware.ZenoSearch : Cleaned with backup C:\WINDOWS\SYSTEM32\yxcmenos\howv.exe -> TrojanDownloader.Agent.lg : Cleaned with backup C:\WINDOWS\Temp\99_app99.exe -> TrojanDropper.Agent.xw : Cleaned with backup C:\WINDOWS\Temp\Cookies\system@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup C:\WINDOWS\UNWISE.EXE:eugdnl -> TrojanDownloader.Small.ajr : Cleaned with backup ::Report End

#9 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 13 November 2005 - 01:11 PM

You might want to print this out.


Go to Start > Run and type in Services.msc then click OK

Click the Extended tab.

Scroll down until you find hllnoajayuhk

Click once on the service to highlight it.

Click Stop

Right-Click on the service.

Click on 'Properties'

Select the 'General' tab

Click the Arrow-down tab on the right-hand side on the 'Start-up Type' box

From the drop-down menu, click on 'Disabled'

Click the 'Apply' tab, then click 'OK'

The service is now stopped and disabled.


Do the same for all of these:
itfmvvwavf
itloxelaobv
vmfedjgeh
yncjhupixyoa


Run HiJackThis then:

1. Click "Config..."
2. Click "Misc Tools"
3. Click "Delete a NT Service"

In the Delete window, enter, hllnoajayuhk and press OK.
Do the same for all of these: itfmvvwavf, itloxelaobv, vmfedjgeh and yncjhupixyoa

OK any prompts,

close HijackThis,




Double-click My Computer.
Click the Tools menu, and then click Folder Options.
Click the View tab.
Clear "Hide file extensions for known file types."
Under the "Hidden files" folder, select "Show hidden files and folders."
Clear "Hide protected operating system files."
Click Apply, and then click OK.


Please do not delete anything unless instructed to.



Run hijackthis. Hit None of the above, Click Do a System Scan Only. Put a Check in the box on the left side on these:

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {00000000-0000-46B2-BEC5-E1505113AC70} - C:\Program Files\y2g8q898\y2g8q898.dll (file missing)

O2 - BHO: (no name) - {00000000-0000-4C1F-AF1A-1FBF2C2E90FB} - (no file)

O2 - BHO: BHOPopupSmasher Class - {702EA91C-1ACF-4772-8078-18F2B2EE1031} - C:\WINDOWS\system32\BlockActivex.dll

O2 - BHO: AdCom - {D7950AB4-67F5-458e-A37D-9F2DE7F250AC} - C:\WINDOWS\system32\AdCom.dll

O4 - HKLM\..\Run: [itfm] C:\WINDOWS\system32\vvwavf\itfm.exe

O4 - HKLM\..\Run: [vmfed] C:\WINDOWS\system32\jgeh\vmfed.exe

O4 - HKCU\..\Run: [Abdwa] C:\WINDOWS\system32\??xplore.exe

O4 - HKCU\..\Run: [adia] "C:\Program Files\rdso\eetu.exe" -vt rbnd

O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt rbnd

O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE

O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone

O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternati.../00/alttiff.cab

O16 - DPF: }E878F47EAB2C-658A-0F54-BCFA-14388A22{ - http://www.20x2p.com...70c94/enter.cab

O23 - Service: hllnoajayuhk - Unknown owner - C:\WINDOWS\system32\ayuhk\hllnoaj.exe

O23 - Service: itfmvvwavf - Unknown owner - C:\WINDOWS\system32\vvwavf\itfm.exe

O23 - Service: itloxelaobv - Unknown owner - C:\WINDOWS\system32\laobv\itloxe.exe

O23 - Service: vmfedjgeh - Unknown owner - C:\WINDOWS\system32\jgeh\vmfed.exe

O23 - Service: yncjhupixyoa - Unknown owner - C:\WINDOWS\system32\ixyoa\yncjhup.exe

Close ALL windows and browsers except HijackThis and click "Fix checked"





Restart in Safe Mode:
Restart your computer.

Press F8 after the Power-On Self Test (POST) is done. If the Windows Advanced Options Menu does not appear, try restarting and then pressing F8 several times after the POST screen.
Choose the Safe Mode option from the Windows Advanced Options Menu then press Enter.



delete these folders if listed:
C:\WINDOWS\system32\vvwavf
C:\WINDOWS\system32\jgeh
C:\Program Files\rdso
C:\WINDOWS\system32\ayuhk
C:\WINDOWS\system32\laobv


delete these files if listed:
C:\WINDOWS\system32\??xplore.exe <--Be very careful with this one. ONLY delete this file with the two ?? if listed.



Open C:\Windows\Prefetch\ Delete ALL files in this folder.



Do this also if these Temp Folders are part of your OS.

Also in safe mode navigate to the C:\Windows\Temp folder. Open the Temp folder and go to Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder.


Next navigate to the C:\Documents and Settings\(EVERY LISTED PROFILE USER)\Local Settings\Temp folder. Open the Temp folder and go to Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder.

Finally go to Control Panel > Internet Options. On the General tab under "Temporary Internet Files" Click "Delete Files". Put a check by "Delete Offline Content" and click OK. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply then OK.


Empty the Recycle Bin

Reboot and "copy/paste" a new HijackThis log file into this thread.

Also please describe how your computer behaves at the moment.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

#10 dunkard

dunkard

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 13 November 2005 - 03:13 PM

Dear LDTate,

Thank you very much as what you asked me to do appears to have resolved my issues with windows opening for everything imaginable. I'm using Norton Antivirus and Spyware Detector now with the Microsoft firewall. Is this sufficient to keep me out of trouble for a while? I have been living with all of this "stuff" for quite a while. Your instructions were great! I'll certainly be making a donation to TomCoyote. I'm thinking $40, which is what I spent on the Spyware Detector.

Any additional advise would be greatly appreciated.

Best regards,

dave.






Logfile of HijackThis v1.99.1
Scan saved at 3:56:47 PM, on 11/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\SDSystemTray.exe
C:\Program Files\SpywareDetector\SDMonitor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Copernic Summarizer\CSAgent.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\SpywareDetectorSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\My Documents\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -

C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} -

C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN

Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -

c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -

C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -

C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -

C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program

Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -

C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH

Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft

Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH

Jukebox\mmtask.exe
O4 - HKLM\..\Run: [mm_server] C:\Program Files\MUSICMATCH\MUSICMATCH

Jukebox\mm_server.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec

Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec

Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1

\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05

\bin\jusched.exe
O4 - HKLM\..\Run: [SystemTraySD] C:\WINDOWS\system32\SDSystemTray.exe
O4 - HKLM\..\Run: [MonitorSD] C:\Program Files\SpywareDetector\SDMonitor.exe
O4 - HKLM\..\Run: [SDAutoLiveupdate] C:\WINDOWS\system32\LiveUpdateSD.exe -

AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe"

/background
O4 - HKCU\..\Run: [CopernicSummarizerWatchdog] "C:\Program Files\Copernic

Summarizer\CSAgent.exe" /thisismandatory
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe

-quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton

SystemWorks\Norton Utilities\SYSDOC32.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program

Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program

files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program

files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program

Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program

files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program

files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program

Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Similar Pages - res://c:\program

files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Summarize Using Copernic Summarizer -

C:\Program Files\Copernic Summarizer\Web\SummarizePage.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program

files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program

Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!

\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!

\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-

00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Summarize - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} -

C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} -

C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-

AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -

C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: LiveSummarizer - {6170AB22-F1E5-4D4F-8F6C-826C73838581} -

C:\Program Files\Copernic Summarizer\CopernicSummarizerApp.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} -

C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} -

C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra 'Tools' menuitem: Summarize Using Copernic Summarizer - {B533C4C2

-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -

C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-

00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import

ActiveX Control) - http://www.snapfish....tlookImport.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage

Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus

scanner) -

http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -

http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX

Plug-in) - http://www.imgag.com...stall/AxCtp.cab
O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) -

http://download.akam...ode/IE_1070/Dow

nloadManager.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility

Class) -

http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -

http://a840.g.akamai...icro.com/housec

all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -

http://camera.primor...sCamControl.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}

(MsnMessengerSetupDownloadControl Class) -

http://messenger.msn...pDownloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec

Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program

Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program

Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec

Corporation - C:\Program Files\Norton SystemWorks\Norton

AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec

Corporation - C:\Program Files\Norton SystemWorks\Norton

Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -

C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec

Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SpyDetectSVC - Max Secure Technologies - C:\WINDOWS\system32

\SpywareDetectorSVC.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

:D :D

    Advertisements

Register to Remove

#11 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 13 November 2005 - 03:29 PM

Backup your Registry...
- Press "CTRL - ALT - DEL" keys all at the same time to start "Task Manager"
- In the Task Manager window click on "File", then from the drop-down menu select "New Task (Run...)"
- In the "Create New Task" window enter\type "regedit" (without quotes)
- Once Regedit opens click on the FILE menu and select Export
- Save the file as backup. Save the file somewhere you will remember and not delete.
IMPORTANT: make sure to set the export range to ALL



I recommend you download RegSeeker. Extract it to it's own folder, open and double click RegSeeker.exe to start the program. Maximize the window and click clean registry. Check all sections and click OK. When the scan is complete, verify the backup box in lower left corner is checked and click the select all button, then select all again. Then right click within the search results and select delete. Run it again and again, deleting everything it finds until it finds nothing. Reboot and make sure your programs are working properly, control panel and add/remove programs windows open, etc (basically just do a quick check of everything). In the event anything was 'broken', you can open RegSeeker, click backups and double click any/all files to put the information back. A reboot may be required for the effects to be seen. Reboot When done.


Post a new HJT log and please uncheck Wordwrap in Notepad.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

#12 dunkard

dunkard

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 13 November 2005 - 05:43 PM

Dear LDTate,

I had a couple of casino windows open up before I did the last set of tasks.

Had four registry items that would not delete.

Here is the HJT with wordwrap off.

Everything seems to work OK and much faster.

Best regards,

dave.


Logfile of HijackThis v1.99.1
Scan saved at 6:39:05 PM, on 11/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\SDSystemTray.exe
C:\Program Files\SpywareDetector\SDMonitor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Copernic Summarizer\CSAgent.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\SpywareDetectorSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\My Documents\Hijackthis\HijackThis.exe
C:\PROGRA~1\MICROS~4\Office\OUTLOOK.EXE
C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [mm_server] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [SystemTraySD] C:\WINDOWS\system32\SDSystemTray.exe
O4 - HKLM\..\Run: [MonitorSD] C:\Program Files\SpywareDetector\SDMonitor.exe
O4 - HKLM\..\Run: [SDAutoLiveupdate] C:\WINDOWS\system32\LiveUpdateSD.exe -AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CopernicSummarizerWatchdog] "C:\Program Files\Copernic Summarizer\CSAgent.exe" /thisismandatory
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Summarize Using Copernic Summarizer - C:\Program Files\Copernic Summarizer\Web\SummarizePage.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Summarize - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: LiveSummarizer - {6170AB22-F1E5-4D4F-8F6C-826C73838581} - C:\Program Files\Copernic Summarizer\CopernicSummarizerApp.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra 'Tools' menuitem: Summarize Using Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish....tlookImport.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://www.imgag.com...stall/AxCtp.cab
O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) - http://download.akam...loadManager.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera.primor...sCamControl.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SpyDetectSVC - Max Secure Technologies - C:\WINDOWS\system32\SpywareDetectorSVC.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

#13 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 13 November 2005 - 06:13 PM

Max Secure Spyware Detector, bogus "Spyware remover" - for more information, search the Spywarewarrior_List of non-Recommended anti parasite sites/software for "spywaredetector.net"
http://www.spywarewa...nti-spyware.htm

Use Add/Remove Programs and remove:
SpywareDetector


I suggest you do this:

Run hijackthis. Hit None of the above, Click Do a System Scan Only. Put a Check in the box on the left side on these:

O4 - HKLM\..\Run: [MonitorSD] C:\Program Files\SpywareDetector\SDMonitor.exe

Close ALL windows and browsers except HijackThis and click "Fix checked"


Empty Recycle Bin

Reboot and "copy/paste" a new log file into this thread.
Also please describe how your computer behaves at the moment.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

#14 dunkard

dunkard

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 13 November 2005 - 09:32 PM

Dear LDTate,

My system shuts down now when I ask it to shut down and it is fast. It also comes up fast and has not shown any surprize windows. I ditched Spyware Detector and will try to get my money back. I found it recommended on this TomCoyote site, so I thought that it must be good. See the upper left box where it compares anti spyware at www.pctools.com. SD came out ahead of the other four tools with a perfect score of all possible stars.

Now I think that I can get on with the rest of my life once you say OK to this HJT log.

Best regards,

dave.

Logfile of HijackThis v1.99.1
Scan saved at 10:21:37 PM, on 11/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Copernic Summarizer\CSAgent.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MICROS~4\Office\OUTLOOK.EXE
C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\My Documents\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [mm_server] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CopernicSummarizerWatchdog] "C:\Program Files\Copernic Summarizer\CSAgent.exe" /thisismandatory
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Summarize Using Copernic Summarizer - C:\Program Files\Copernic Summarizer\Web\SummarizePage.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Summarize - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: LiveSummarizer - {6170AB22-F1E5-4D4F-8F6C-826C73838581} - C:\Program Files\Copernic Summarizer\CopernicSummarizerApp.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra 'Tools' menuitem: Summarize Using Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~2\COPERN~2.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish....tlookImport.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://www.imgag.com...stall/AxCtp.cab
O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) - http://download.akam...loadManager.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera.primor...sCamControl.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

#15 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 13 November 2005 - 09:38 PM

Good Job :thumbup:


Log looks good :D :thumbup: How is it running any issues?

Note: This will remove all previous Restore Points

Turn off System Restore:

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Restart your computer, turn it back on.

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Remove the Check Turn off System Restore.
Click Apply, and then click OK.

Click Start> My Computer, select the Tools menu and then Folder Options, after the new window appears select the View tab…]
This time select the: Restore Defaults
Select: Apply, and click OK




If you dont have these three programs I would recommend that you get them. Spywareblaster, Spywareguard and IESPY AD. They will add 1000's of sites to your resticted zone and block some hijacks from happening. I also have a FREE FIREWALL and FREE ANTI VIRUS if you need one.

It is critical to have both a firewall and anti virus to protect your system.

Keep your system up to date and run Adaware & Spybot, once a week works, and hopefully you will be ok from here on. Both are available below.

Safe Surfing. :D

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·