Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HJT log


  • Please log in to reply
5 replies to this topic

#1 angel_eyz

angel_eyz

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 07 September 2005 - 06:44 PM

My brother contacted me about a problem with his (my parent's) computer. Something called SIXA dialer takes over his internet connection. We ran Norton Anti Virus, AVG Anti Virus, Spy Sweeper, Ad Aware SE, and Spybot S&D. It just keeps coming back. From what I have gathered from the little info there is out there, this dialer racks up your phone bill with 900 numbers. So any help to spare my parents from a high phone bill and no access to internet would be great. This is my first time posting and I don't have advanced computer knowledge, so the more detailed the directions on how to fix this problem the better.

Thanks
Shawna


Here is the Hijack This log from their computer:

Logfile of HijackThis v1.99.1
Scan saved at 6:40:40 PM, on 9/6/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\netinfo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\pait\lnmr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alltheweb.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alltheweb.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\nzxcp.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer customized for Verizon Online
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\cfgmgr52.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [<H] c:\WINDOWS\System32\<HEAD>
O4 - HKLM\..\Run: [</H] c:\WINDOWS\System32\</HTML>
O4 - HKLM\..\Run: [<B] c:\WINDOWS\System32\<BODY>
O4 - HKLM\..\Run: [<A HREF="http://www.gandi.net/">GANDI</A> then par] c:\WINDOWS\System32\<A HREF="http://www.gandi.net/">GANDI</A> then parked.
O4 - HKLM\..\Run: [</B] c:\WINDOWS\System32\</BODY>
O4 - HKLM\..\Run: [var strT] c:\WINDOWS\System32\var strTemp;
O4 - HKLM\..\Run: [var strP] c:\WINDOWS\System32\var strPort;
O4 - HKLM\..\Run: [Dzzuoq] C:\Program Files\Hcge\Kwbfy.exe
O4 - HKLM\..\Run: [Nwjonh] C:\Program Files\Ljxpu\Tfees.exe
O4 - HKLM\..\Run: [lsass] C:\windows\system32\elitemwb32.exe
O4 - HKLM\..\Run: [msmc] C:\WINDOWS\System32\msmc.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\RunServices: [Micr Update] soundblaster.exe
O4 - HKLM\..\RunServices: [Win Drivers SSL32] hpwsnnsbc.exe
O4 - HKLM\..\RunServices: [MDN] MDNS.exe
O4 - HKLM\..\RunServices: [PPPOEO] pingppac.exe
O4 - HKLM\..\RunServices: [MediaXPServicePack] mxpsp.exe
O4 - HKLM\..\RunServices: [CPU Temp Control] wuitgurd.exe
O4 - HKLM\..\RunServices: [Internet Explorer 7] i8.exe
O4 - HKCU\..\Run: [<H] c:\WINDOWS\System32\<HEAD>
O4 - HKCU\..\Run: [</H] c:\WINDOWS\System32\</HTML>
O4 - HKCU\..\Run: [<B] c:\WINDOWS\System32\<BODY>
O4 - HKCU\..\Run: [] c:\WINDOWS\System32\}
O4 - HKCU\..\Run: [<A HREF="http://www.gandi.net/">GANDI</A> then par] c:\WINDOWS\System32\<A HREF="http://www.gandi.net/">GANDI</A> then parked.
O4 - HKCU\..\Run: [</B] c:\WINDOWS\System32\</BODY>
O4 - HKCU\..\Run: [var strT] c:\WINDOWS\System32\var strTemp;
O4 - HKCU\..\Run: [var strP] c:\WINDOWS\System32\var strPort;
O4 - HKCU\..\Run: [Win Drivers SSL32] hpwsnnsbc.exe
O4 - HKCU\..\Run: [Micr Update] soundblaster.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Arue] C:\Program Files\pait\lnmr.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunServices: [Win Drivers SSL32] hpwsnnsbc.exe
O4 - HKCU\..\RunServices: [MediaXPServicePack] mxpsp.exe
O4 - HKCU\..\RunServices: [Internet Explorer 7] i8.exe
O9 - Extra button: Control Pad - {28D44DAC-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Dial 4.0\ControlPad\Misc\a_menu.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {666DDE35-E955-11D0-A707-000000521958} - http://69.56.176.227/webplugin.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {C852B12E-3F08-4099-AF8E-32FD327B88EA} (msnloader Class) - http://rockstar.messenger.msn.com/rockstar.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - C:\WINDOWS\System32\vbsys2.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: netinfo - Unknown owner - C:\WINDOWS\netinfo.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\UpdateXP6.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Windows Mess Service - Unknown owner - C:\WINDOWS\winmsd.exe
O23 - Service: Remote Procedure Call (RPC) Helper (%AF) - Unknown owner - C:\WINDOWS\system32\mfciq.exe (file missing)

BC AdBot (Login to Remove)

 


m

#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:59 PM

Posted 09 September 2005 - 11:49 AM

Wow this is a mess :thumbsup: Quite a few infections here. I will tackle some with this step and then we will clean up the rest:


Please follow the instructions provided, you may want to print out these instructions and use them as a reference.

First:
Please download ewido security suite it is a trial version of the program.
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Launch ewido, there should be an icon on your desktop double-click it.
  • The program will now go to the main screen
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Then click on Start Update
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update ewido.
http://www.ewido.net/en/download/updates/

Once the updates are installed close the Ewido program.

Reboot your computer into Safe Mode

Once in safe mode, start Ewido and do the following:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • While the scan is in progress you will be prompted to clean files, click OK
  • When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report.txt file to your desktop.
Now close ewido security suite.

Reboot back to normal mode, open report.txt and post it as a reply to this post along with a new hijackthis log.

#3 angel_eyz

angel_eyz
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 20 September 2005 - 08:15 PM

Sorry it took a while to reply, but I have to find time to drive to my brother's house and run these programs on his computer then come back home to use my working internet connection, since his is disabled. I ran Ewido Security Suite and it found 884 infections! Since I ran this program, I get a System Configuration Utility dialog box when I start Windows. The message says "You have used the System Configuration Utility to make changes to the way Windows starts. The Sys. Config. Util. is currently in Diagnostic or Selective Startup mode causing this message to be displayed and the utility to run everytime Windows starts. Choose normal startup on the General Tab to start Windows normally and undo the changes made in System Configuration Utility." I'm not sure what to do here. If I choose to start windows normally won't it undo everything that Ewido fixed? I would appreciate any advice you have on this. Also, here is the report from the Ewido scan followed by the Hijack This log:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 9:38:43 PM, 9/15/2005
+ Report-Checksum: 60CB051C

+ Scan result:

HKLM\SOFTWARE\Altnet -> Spyware.Altnet : Error during cleaning
HKLM\SOFTWARE\Altnet\Dashboard -> Spyware.Altnet : Error during cleaning
HKLM\SOFTWARE\Altnet\Dashboard\Settings -> Spyware.Altnet : Error during cleaning
HKLM\SOFTWARE\AnimeToolbar -> Spyware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3E627C24-9568-0685-9082-70CE4F9DCD1E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} -> Spyware.GameSpyArcade : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A6C8BED8-E31F-6041-4D51-7AC396F2F8F7} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B5AB638F-D76C-415B-A8F2-F3CEAC502212} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{930A2B79-855E-4A18-80BB-4C0595B40798} -> Spyware.CometCursor : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{E61A0304-C605-441F-BD57-2833B65A69F1} -> Spyware.CometCursor : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{666DDE35-E955-11D0-A707-000000521958} -> Spyware.IEPlugin : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} -> Spyware.GameSpyArcade : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTbarISTbar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\NIX Solutions -> Spyware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\NIX Solutions\AnimeToolbar -> Spyware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\skin -> Spyware.Delfin : Cleaned with backup
C:\2ws45.exe -> Dialer.Generic : Cleaned with backup
C:\7841.exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Family\Local Settings\Temp\ezTTstub.exe -> Adware.eZula : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@cz6.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wfkiclcjwcp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wfkigndzahp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wfkyoic5wgo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjk4okc5mho.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjkochajodp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjkocnajoeo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjkycgcjgdp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjkygnd5eep.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjkyshc5clp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjkyugdjofp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjl4qlajafp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjl4soajakp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjl4uhazeco.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjliokcpkgo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjloskcjwlp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjlyciazalq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjlykhdzcgp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjmickc5sdo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjmykkc5ggp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@e-2dj6wjnyuncpifo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@vip.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@www.myaffiliateprogram[1].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Heusis'\Cookies\heusis'@yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\721368_2624_1972_1988_63.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\appC9.tmp -> Spyware.DelphinMediaViewer : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\asfjkk32.tmp -> Spyware.SafeSurfing : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\Cookies\heusis'@e-2dj6wjnyomdjcgp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\i5D.tmp -> Spyware.SurfSide : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\ICD3.tmp\ysbactivex.dll -> TrojanDownloader.IstBar : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\iinstall.exe -> TrojanDownloader.IstBar.lp : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\ms5A.tmp -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\optimize.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\sahagent.exe -> Adware.SAHA : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\Temporary Internet Files\Content.IE5\40JGZVWX\ashley2[1].png -> Trojan.LowZones : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\Temporary Internet Files\Content.IE5\40JGZVWX\defrag[1].exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\Temporary Internet Files\Content.IE5\40JGZVWX\plugn[1].exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\Documents and Settings\Heusis'\Local Settings\Temp\whenu.exe -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\0PQF45UJ\adult1[1].exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\0PQF45UJ\adult1[2].exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\0PQF45UJ\adult1[3].exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\0PQF45UJ\lgs[1].exe/kans.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\0PQF45UJ\lgs[1].exe/kansup.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\0PQF45UJ\m11[1].jpg/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\8J2KZ23W\adult1[1].exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\8J2KZ23W\adult1[2].exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\8J2KZ23W\adult1[3].exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\8J2KZ23W\gc[1].exe/kans.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\8J2KZ23W\gc[1].exe/kansup.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\8J2KZ23W\lgs[1].exe/kans.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\8J2KZ23W\lgs[1].exe/kansup.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\OCQ1Q36O\adult1[1].exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\OCQ1Q36O\adult1[2].exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\OCQ1Q36O\pnp[2].exe -> Backdoor.SdBot.aad : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\OCQ1Q36O\proxy_inst[1].exe -> TrojanDropper.Small.aeq : Cleaned with backup
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\W9ANCD23\reptile[1].jpg -> Backdoor.Aimbot.ae : Cleaned with backup
C:\RECYCLER\S-1-5-21-1935655697-616249376-682003330-1004\Dc4.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP618\A0249149.exe -> Spyware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP631\A0252144.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP631\A0252145.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP631\A0252147.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP631\A0253144.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP631\A0253145.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP632\A0253151.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP632\A0254144.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP632\A0254145.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP632\A0254147.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP632\A0255144.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP632\A0255145.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP632\A0255147.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP632\A0256144.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP632\A0256145.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP632\A0256147.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP633\A0257144.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP633\A0257145.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP633\A0257147.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP635\A0257158.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP635\A0257160.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP636\A0258147.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP636\A0258148.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP638\A0259145.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP638\A0259146.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP638\A0259147.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP638\A0260146.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP638\A0260147.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP638\A0260149.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP638\A0262145.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP638\A0262146.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP638\A0262148.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP640\A0262166.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP640\A0262173.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP640\A0262174.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP640\A0262176.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP640\A0263171.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP640\A0263177.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP640\A0263178.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP640\A0263180.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP640\A0264170.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP640\A0265170.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP643\A0265180.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP644\A0265190.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP645\A0265196.INI:lzcjd -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP645\A0266170.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP645\A0266174.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP645\A0267170.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP645\A0267175.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP646\A0267199.exe -> Spyware.Apropos : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP646\A0267202.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP647\A0267207.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP647\A0267215.exe -> Adware.eXact : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP647\A0267216.srg -> Adware.eXact : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP647\A0267222.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP647\A0267227.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP647\A0267229.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP647\A0268211.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP647\A0269212.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP648\A0269224.dll -> Spyware.Delfin : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP648\A0269225.ocx -> Spyware.Delfin : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP648\A0269226.exe -> Spyware.Delfin : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP648\A0269230.exe -> Spyware.Delfin : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP648\A0270211.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP649\A0270218.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP649\A0270223.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP649\A0270224.exe -> TrojanDropper.Agent.qz : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP649\A0270227.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP649\A0270228.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP649\A0271211.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP649\A0271212.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP653\A0271229.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP653\A0271234.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP653\A0272211.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP653\A0272212.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP653\A0272216.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP653\A0272218.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0273211.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0273212.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0273215.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0273216.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0274212.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0274213.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0274216.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0274218.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0274221.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0274222.exe -> TrojanDropper.Agent.qz : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0274225.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0274226.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0275212.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0275213.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0275216.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP654\A0275217.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP655\A0276212.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP655\A0276213.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP655\A0276218.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP655\A0277211.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP655\A0277212.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0277218.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0277219.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0277225.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0277226.exe -> TrojanDropper.Agent.qz : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0277229.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0277230.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278211.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278212.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278216.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278217.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278221.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278222.exe -> TrojanDropper.Agent.qz : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278225.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278226.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278231.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278232.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278236.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278237.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0278241.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279231.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279232.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279236.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279240.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279241.exe -> TrojanDropper.Agent.qz : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279244.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279245.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279246.exe/kans.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279246.exe/kansup.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279247.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279248.exe/kans.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279248.exe/kansup.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279250.exe -> TrojanProxy.Small.cr : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279258.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279259.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP656\A0279265.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0279271.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0280260.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0280261.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0280268.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0280269.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0281269.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0281270.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0282269.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0282270.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0283269.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP657\A0283270.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0284269.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0284270.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0285269.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0285270.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0286268.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0286269.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0287268.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0287269.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0287282.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0287283.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0287290.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0287291.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0287292.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0287300.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP658\A0287301.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0287307.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0287308.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0287309.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0287310.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0287312.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0287313.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0287314.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0288301.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0288302.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0289300.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0289301.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0289308.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0289309.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0289310.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0289312.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0289313.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0289314.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0289316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0290300.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0290301.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0291301.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0291302.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0291308.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0291309.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0292301.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP659\A0292302.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0293302.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0293303.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0294300.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0294301.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0295300.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0295301.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0295308.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0295311.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0295312.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0295313.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0295315.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0296300.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0296301.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0297301.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0297302.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0297308.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0298300.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0298301.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0298308.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0298309.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0298311.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0298312.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0298313.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0298314.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0299300.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0299301.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0299307.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP662\A0299309.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP664\A0300301.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP664\A0300302.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP664\A0300308.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP664\A0300309.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP664\A0300310.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP664\A0300311.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP664\A0300312.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP665\A0300318.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP665\A0300320.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0301301.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0301307.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0301308.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0302300.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0302305.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0302306.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0303300.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0303305.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0303306.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0303312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0303316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0304311.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0304316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0304317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0305312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0305316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0305317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0306311.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0306316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0306317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0306318.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0306319.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0306320.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0306323.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0306324.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0306325.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0306326.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0307311.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0307315.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0307316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0307318.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0307319.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0307320.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0308311.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0308316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0308317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0308318.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0308319.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0308320.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0309313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0309318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0309319.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0310311.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0310316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0310317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0310318.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0310319.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0310320.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0310323.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0310324.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0310325.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0310327.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0311311.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0311316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0311317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0311318.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0311319.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0311320.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0311322.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0311323.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0311324.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP667\A0311326.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0311329.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0312312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0312318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0312319.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0312320.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0312321.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0312322.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0312325.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0312326.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0312327.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0312329.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0313311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0313312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0313317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_r

#4 angel_eyz

angel_eyz
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 20 September 2005 - 08:34 PM

Apparently I will have to do this in several posts as only part of the report appeared on my last post.


Ewido Security Suite report (continued):

C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0313324.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0313325.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0314311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0314312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0314317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0314318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0314319.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0314320.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0314321.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0314323.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0314324.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0314326.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315319.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315320.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315321.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315323.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315324.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315325.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0315326.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0316311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0316313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0316317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0316318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0317311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0317312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0317317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0317318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0318311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0318312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0318317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP668\A0318318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0318320.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0318321.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0318322.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0318324.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0318325.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0318326.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0318328.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0318329.exe -> TrojanDropper.Agent.se : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0319311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0319312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0319316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0320311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0320312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0320317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0320319.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0321311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0321312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0321317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0321318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0322311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0322312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0323311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0323313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0324311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0324312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0324317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0325311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0325312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0326312.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0326313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0326317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0326318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327312.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327319.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327321.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327322.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327323.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327325.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327326.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327327.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0327328.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0328311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0328313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0329311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0329312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0329318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0329319.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP669\A0329320.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0329323.exe -> Spyware.PowerScan : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0329325.exe -> TrojanDownloader.IstBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0329326.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0329329.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0330311.exe -> Adware.eXact : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0330312.srg -> Adware.eXact : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0330317.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0330318.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0330321.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0330324.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0330325.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0330326.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0330327.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0331311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0331312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0331317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0331319.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0331320.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0331322.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0331324.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0331325.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0331326.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0332312.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0332313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP670\A0332320.exe -> TrojanDropper.Agent.se : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0333309.exe -> Adware.Saha : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0333312.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0333313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0334311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0334312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0334318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0335311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0335312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0335316.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0336311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0336313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0337311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0337312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0338311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0338312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0338318.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0338319.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0338320.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0339311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0339312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0339317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0339319.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0339320.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0340311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0340312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0340317.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0340319.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0340320.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0341311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0341312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0342311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0342313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0343312.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0343313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0344311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0344312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0345312.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0345313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0345315.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0346312.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0346313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0346317.exe -> TrojanDropper.Small.aeq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0346318.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0347311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0347312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0349002.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0349311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0349312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0349316.exe -> TrojanDropper.Small.aeq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0349317.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0350311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0350312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351312.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351313.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351315.exe/y.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351318.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351319.exe -> Trojan.LowZones : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351320.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351325.ico:gxelf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351326.ico:fgveb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351326.ico:nfwft -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351327.ini:fpthep -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351327.ini:fqaah -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351327.ini:tmwazs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351327.ini:ukwln -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351328.ico:darjm -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351328.ico:upphl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351328.ico:yciar -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351329.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351330.ini:jwqqd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351330.ini:lzhdr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351331.INI:asymy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351331.INI:xubxq -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351332.ico:skfsqe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351333.ico:mxlmo -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351333.ico:sjetd -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351333.ico:slney -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351334.ico:rvgbf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351335.exe:mzkqcf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351336.INI:lzcjd -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351347.exe -> Spyware.SurfAccuracy : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0351349.dll -> Spyware.YourSiteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0352311.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0352312.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0352316.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0352319.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353311.exe -> Adware.eXact : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353312.srg -> Adware.eXact : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353317.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353318.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353352.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353819.exe -> Spyware.Delfin : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353820.exe -> Spyware.DelphinMediaViewer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353824.dll -> Spyware.CometCursor : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353834.ocx -> Spyware.Delfin : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353835.dll -> Spyware.Delfin : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353837.vxd/C:/WINDOWS/System32/exdl.exe -> Adware.eXact : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353837.vxd/C:/WINDOWS/System32/mqexdlm.srg -> Adware.eXact : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353837.vxd/C:/WINDOWS/System32/exul.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353837.vxd/C:/WINDOWS/System32/javexulm.vxd -> Spyware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353837.vxd/C:/WINDOWS/System32/bbchk.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353837.vxd/C:/WINDOWS/System32/msexreg.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353837.vxd/C:/WINDOWS/System32/instsrv.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353842.exe -> Adware.eXact : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353848.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP671\A0353850.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354043.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354044.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354045.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354046.exe -> TrojanDropper.Agent.qz : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354047.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354048.exe -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354049.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354050.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354051.dll -> Spyware.EliteBar : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354052.exe -> Spyware.WebHancer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354053.dll:xfyju -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354054.dll:gwqrdm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354054.dll -> TrojanSpy.Spung.a : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354058.exe:itkmdk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354058.exe:tnogo -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354058.exe -> Spyware.BiSpy : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354059.exe -> TrojanDownloader.Agent.ro : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354060.dll -> Spyware.ClientMan : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354061.exe -> Trojan.VB.qn : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354062.EXE -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354063.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354065.exe -> Adware.eXact : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354848.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0354849.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0355015.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0355848.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0355849.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0356848.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0356849.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0356852.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0357848.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP672\A0357849.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP677\A0358848.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP677\A0358849.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP677\A0359849.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP677\A0359850.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP677\A0360848.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP677\A0360849.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP677\A0360854.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP677\A0360855.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP677\A0360860.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\System Volume Information\_restore{383BD841-CB8B-4342-8F49-00AC9AC43AA1}\RP677\A0360861.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\WINDOWS\7144973651.exe -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\7261093441.exe -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\7261106151.exe -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\affbun.txt:gwnekr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\amcap.exe:mkwdn -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\aolmsg.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\apinp32.dll:kpteva -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\Blue Lace 16.bmp:lckeo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\bwzuzgup.exe -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\cfgmgr52\EECH1.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\cfgmgr52\SPZ3.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\cfgmgr52.dll -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\civ.ini:glrgf -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\clock.avi:uvbnel -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\cmdxp.exe/defrag.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\cmdxp.exe/dreese.exe -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:mftgtj -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\COM+.log:anuod -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\conscorr.ini:bgyjgu -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\conscorr.ini:tnaogn -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\conscorr.ini:ygblrf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\control.ini:fqcoz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\control.ini:nxeji -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\control.ini:zfjjo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crsb32.dll:urmrbl -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\DATA.TCD:fbpux -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\DATA.TCD:jobed -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\DATA.TCD:kgqvh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\dfdzj.log:zomem -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\Directx.log:qwnlgr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\DailyToolbar.dll -> Spyware.Mature : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\gsda.dll -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\dreese.exe -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\explorer.exe:mchqh -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\explorer.exe:nzcdt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\explorer.exe:pqwzbb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\explorer.exe:ttadu -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\explorer.scf:enztvn -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\explorer.scf:pnhub -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\FaxSetup.log:gaviv -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\FeatherTexture.bmp:ptyjt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\FeatherTexture.bmp:rbxmd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\FeatherTexture.bmp:vpkjm -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\FeatherTexture.bmp:zoazd -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\fiz3:fqcie -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fiz3:uiscgj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fiz3:yklwmw -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\fiz4:cetnx -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\fiz4:grawu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fiz4:hkiiz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fiz4:huqxv -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\fiz4:umrwr -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\fiz5:uqgtg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fiz6:cdifz -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\fiz7:aktvc -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\fiz7:mbcqat -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\fiz7:yjmvy -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\fiz8:djuvk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fiz8:mrrzj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fiz8:ystbw -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\fiz9:dszkhx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fiz9:rohol -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Gone Fishing.bmp:ehvoi -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\Greenstone.bmp:ayepl -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\Greenstone.bmp:sizqm -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\Greenstone.bmp:upshh -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\gtdxg.txt:wfubwz -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\heibt.log:bxtjxe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hpomdl04.dat.temp:vifjvv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ibtzm.txt:yretgp -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\iis6.log:dupbg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\IsUninst.exe:hxcgdh -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\jiypg.txt:pplkj -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\KB813744.log:zuckyn -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\KB828741.log:uawfvw -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\KB842773.log:gpiuna -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\kelvin.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\ModemLog_Dell Data Fax Modem.txt:dtikdb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mplaynow.log:nrovte -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\msgsocm.log:onlcav -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\msgsocm.log:vkhin -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\msjtn.dat:rkxrb -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\msoffice.ini:ibmha -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msvbvm60.dll:bcemu -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\msvbvm60.dll:pohxt -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\MVIEWER2.EXE:melldg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netinfo.exe -> Backdoor.SdBot.aad : Cleaned with backup
C:\WINDOWS\netki32.dll:pwrwr -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\ntdtcsetup.log:tfrndc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntsa.dll:aimkkf -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ntsa.dll:asnqkm -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_milmoy.txt:kktoug -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\n_milmoy.txt:kzwpt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_nuqgre.dat:bzklz -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_qrgxjr.txt:gltyfb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_qrgxjr.txt:ojxzut -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\n_zpxudt.dat:ymlehl -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ocgen.log:rdvgzo -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ODBC.INI:wgmna -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:hbomvw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:hsktb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:nbkfhh -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\WINDOWS\oxpla.dll:dxndni -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\plugsin.exe/omi.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\WINDOWS\pluigs.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\PowerReg.dat:ailnb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\PowerReg.dat:amwbt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\PowerReg.dat:bwsgu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\PowerReg.dat:cgiud -> TrojanDownloader.Agent.jb : Cleaned with backup
C:\WINDOWS\Prairie Wind.bmp:gzjaeg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Q329441.log:smnezw -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\Q810577.log:lmwseq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Q817606.log:holqhe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\regedit(2).exe:vybzf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\regedit(3).exe:vybzf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\regedit(4).exe:vybzf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\regedit(5).exe:fmonxr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\regedit(5).exe:vybzf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\regedit.exe:vybzf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Rhododendron.bmp:ntway -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\rirxa.log:hxpjsq -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\River Sumida.bmp:cazaa -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\saap.exe -> Spyware.180Solutions : Cleaned with backup
C:\WINDOWS\SchedLgU.Txt:cfvsg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SchedLgU.Txt:fthna -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\sdkdb.dll:rqyrrb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sepsd.bin:uvplu -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\sessmgr.setup.log:svvex -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\setup.exe -> TrojanDropper.Agent.hn : Cleaned with backup
C:\WINDOWS\setupact.log:zdawz -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\setupapi.old:zgolf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\setuperr.log:tyjvj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\slipit.exe/dreese.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\WINDOWS\Soap Bubbles.bmp:jzrvc -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\Soap Bubbles.bmp:ovdvf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SOF_LOG_.INI:qpxqz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ssitid.dat:khmuv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ssitid.dat:okvshr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Sti_Trace.log:gvwjz -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\Sti_Trace.log:wflkk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\svhosts.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\swtjx.txt:chfhx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysrz32.dll:bjpzbj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89UFGLQB\pre[1].exe -> TrojanDropper.Small.aeq : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89UFGLQB\pre[2].exe -> TrojanDropper.Small.aeq : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\CHE7C52F\0006_regular[1].cab/istactivex.dll -> TrojanDownloader.IstBar.fz : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GTAFOXUJ\proxy_inst[1].exe -> TrojanDropper.Small.aeq : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\K12ZCL2B\ashley2[1].png -> Trojan.LowZones : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\K12ZCL2B\sixbit[1].exe -> Heuristic.Win32.Morphine-Crypted : Cleaned with backup
C:\WINDOWS\system32\elitemwb32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\eraseme_20362.exe -> Heuristic.Win32.Morphine-Crypted : Cleaned with backup
C:\WINDOWS\system32\eraseme_50004.exe -> Backdoor.Rbot.aad : Cleaned with backup
C:\WINDOWS\system32\ezPopStub.exe -> Adware.eZula : Cleaned with backup
C:\WINDOWS\system32\Hhhadw.exe -> Spyware.DealHelper : Cleaned with backup
C:\WINDOWS\system32\kans.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\WINDOWS\system32\kansup.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup
C:\WINDOWS\system32\msjpnd.dll -> Spyware.WebSearch : Cleaned with backup
C:\WINDOWS\system32\mxpsp.exe -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\nsq6.dll -> Spyware.HotSearchBar : Cleaned with backup
C:\WINDOWS\system32\orans.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup
C:\WINDOWS\system32\rdriv.sys -> Trojan.Rootkit.k : Cleaned with backup
C:\WINDOWS\system32\redtrsha.dll -> Spyware.SafeSurfing : Cleaned with backup
C:\WINDOWS\system32\richup.exe -> Spyware.SafeSurfing : Cleaned with backup
C:\WINDOWS\system32\Rpcmon.exe -> Backdoor.Codbot.am : Cleaned with backup
C:\WINDOWS\system32\TFTP1072 -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\TFTP1300 -> Heuristic.Win32.Morphine-Crypted : Cleaned with backup
C:\WINDOWS\system32\TFTP1468 -> Heuristic.Win32.Morphine-Crypted : Cleaned with backup
C:\WINDOWS\system32\TFTP2008 -> Heuristic.Win32.Morphine-Crypted : Cleaned with backup
C:\WINDOWS\system32\TFTP3296 -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\TFTP3404 -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\TFTP3436 -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\TFTP3452 -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\TFTP3460 -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\TFTP3980 -> Backdoor.Rbot.c : Cleaned with backup
C:\WINDOWS\system32\TFTP5584 -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\tkipowxs.dll -> Trojan.Golid.d : Cleaned with backup
C:\WINDOWS\system32\trufkz.html -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\winmon.sys -> Backdoor.SdBot.zo : Cleaned with backup
C:\WINDOWS\system32\wuitgurd.exe -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\WzzVD.exe -> Backdoor.SdBot.aad : Cleaned with backup
C:\WINDOWS\tdpdz.log:gxlbfi -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\Temp\eraseme_11608.exe -> Backdoor.Aimbot.ae : Error during cleaning
C:\WINDOWS\Temp\eraseme_43300.exe -> Backdoor.Aimbot.ae : Error during cleaning
C:\WINDOWS\Temp\eraseme_47403.exe -> Backdoor.Aimbot.ae : Error during cleaning
C:\WINDOWS\Temp\eraseme_47647.exe -> Backdoor.Aimbot.ae : Error during cleaning
C:\WINDOWS\Temp\eraseme_68178.exe -> Backdoor.Aimbot.ae : Error during cleaning
C:\WINDOWS\Temp\eraseme_77576.exe -> Backdoor.Aimbot.ae : Error during cleaning
C:\WINDOWS\Temp\eraseme_86057.exe -> Backdoor.Aimbot.ae : Error during cleaning
C:\WINDOWS\tiscali_it_2.ico:fzdqj -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\tiscali_it_2.ico:jdaulp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\tiscali_it_2.ico:rokav -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\tsoc.log:etzygo -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\tsoc.log:fpddbj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\twain.dll:djnoe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\twunk_16.exe:ygiuf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\twunk_32.exe:wkgtg -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\uninst.exe:aejxn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\uninst.exe:fxomj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\uninst.exe:mqibz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\UNINST16.EXE:eyhxdp -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\UNINST16.EXE:qhbah -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\unstall.exe -> Spyware.MediaMotor : Cleaned with backup
C:\WINDOWS\UP9ASP.INI:qdkzb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vb.ini:beacli -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\vb.ini:lgskk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vb.ini:vgfvm -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\vbaddin.ini:bagef -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vbaddin.ini:xmahf -> TrojanDownloader.Agent.bq : Cle

#5 angel_eyz

angel_eyz
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 20 September 2005 - 08:38 PM

Ewido Security Suite report (continued)

C:\WINDOWS\wininit.ini:jmhqf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winmf.dll:zhbfwo -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\winmon.exe -> Backdoor.SdBot.acf : Cleaned with backup
C:\WINDOWS\winmsd.exe -> Backdoor.SdBot.xd : Cleaned with backup
C:\WINDOWS\winnt256.bmp:rmpjg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\WINNT32.LOG:krwpm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\WINNT32.LOG:lotok -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\WINNT32.LOG:wvfml -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\wmsetup.log:dsouo -> TrojanDownloader.Agent.cd : Cleaned with backup
C:\WINDOWS\WMSysPr9.prx:xxblx -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\wsdu.log:bdiwl -> TrojanDownloader.Agent.jb : Cleaned with backup
C:\WINDOWS\wsdu.log:bochgh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wsdu.log:dmjml -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\zffdk.dat:yvkafe -> Spyware.OneMoreSearch : Cleaned with backup
C:\WINDOWS\zsbyu.log:fvxdb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default(2).pif:dblvro -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default(2).pif:eethh -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default(3).pif:dblvro -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default(3).pif:eethh -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default(4).pif:dblvro -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default(4).pif:eethh -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default(5).pif:dblvro -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default(5).pif:eethh -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:dblvro -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:eethh -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_MSRSTRT.EXE:gizeu -> TrojanDownloader.Agent.cd : Cleaned with backup


::Report End


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 9:58:47 PM, on 9/15/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\wordpad.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\pait\lnmr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alltheweb.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alltheweb.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\nzxcp.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer customized for Verizon Online
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [<H] c:\WINDOWS\System32\<HEAD>
O4 - HKLM\..\Run: [<B] c:\WINDOWS\System32\<BODY>
O4 - HKLM\..\Run: [var strT] c:\WINDOWS\System32\var strTemp;
O4 - HKLM\..\Run: [var strP] c:\WINDOWS\System32\var strPort;
O4 - HKLM\..\Run: [Nwjonh] C:\Program Files\Ljxpu\Tfees.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [Micr Update] soundblaster.exe
O4 - HKLM\..\RunServices: [Win Drivers SSL32] hpwsnnsbc.exe
O4 - HKLM\..\RunServices: [PPPOEO] pingppac.exe
O4 - HKCU\..\Run: [<H] c:\WINDOWS\System32\<HEAD>
O4 - HKCU\..\Run: [</H] c:\WINDOWS\System32\</HTML>
O4 - HKCU\..\Run: [<B] c:\WINDOWS\System32\<BODY>
O4 - HKCU\..\Run: [] c:\WINDOWS\System32\}
O4 - HKCU\..\Run: [<A HREF="http://www.gandi.net/">GANDI</A> then par] c:\WINDOWS\System32\<A HREF="http://www.gandi.net/">GANDI</A> then parked.
O4 - HKCU\..\Run: [</B] c:\WINDOWS\System32\</BODY>
O4 - HKCU\..\Run: [var strT] c:\WINDOWS\System32\var strTemp;
O4 - HKCU\..\Run: [var strP] c:\WINDOWS\System32\var strPort;
O4 - HKCU\..\Run: [Win Drivers SSL32] hpwsnnsbc.exe
O4 - HKCU\..\Run: [Micr Update] soundblaster.exe
O4 - HKCU\..\Run: [Arue] C:\Program Files\pait\lnmr.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: Control Pad - {28D44DAC-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Dial 4.0\ControlPad\Misc\a_menu.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {C852B12E-3F08-4099-AF8E-32FD327B88EA} (msnloader Class) - http://rockstar.messenger.msn.com/rockstar.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - C:\WINDOWS\System32\vbsys2.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\UpdateXP6.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Windows Mess Service - Unknown owner - C:\WINDOWS\winmsd.exe (file missing)
O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe
O23 - Service: Remote Procedure Call (RPC) Helper (%AF) - Unknown owner - C:\WINDOWS\system32\mfciq.exe (file missing)

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:59 PM

Posted 21 September 2005 - 09:33 AM

Print out these instructions and then close all windows including Internet Explorer.

Then I want you to fix some of those entries. Please do the following:

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Run Hijackthis again, click scan, and Put a checkmark next to each of these. Then click the Fix button:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alltheweb.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alltheweb.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\nzxcp.dll/sp.html#29126
O4 - HKLM\..\Run: [<H] c:\WINDOWS\System32\<HEAD>
O4 - HKLM\..\Run: [<B] c:\WINDOWS\System32\<BODY>
O4 - HKLM\..\Run: [var strT] c:\WINDOWS\System32\var strTemp;
O4 - HKLM\..\Run: [var strP] c:\WINDOWS\System32\var strPort;
O4 - HKLM\..\Run: [Nwjonh] C:\Program Files\Ljxpu\Tfees.exe
O4 - HKLM\..\RunServices: [Micr Update] soundblaster.exe
O4 - HKLM\..\RunServices: [Win Drivers SSL32] hpwsnnsbc.exe
O4 - HKLM\..\RunServices: [PPPOEO] pingppac.exe
O4 - HKCU\..\Run: [<H] c:\WINDOWS\System32\<HEAD>
O4 - HKCU\..\Run: [</H] c:\WINDOWS\System32\</HTML>
O4 - HKCU\..\Run: [<B] c:\WINDOWS\System32\<BODY>
O4 - HKCU\..\Run: [] c:\WINDOWS\System32\}
O4 - HKCU\..\Run: [<A HREF="http://www.gandi.net/">GANDI</A> then par] c:\WINDOWS\System32\<A HREF="http://www.gandi.net/">GANDI</A> then parked.
O4 - HKCU\..\Run: [</B] c:\WINDOWS\System32\</BODY>
O4 - HKCU\..\Run: [var strT] c:\WINDOWS\System32\var strTemp;
O4 - HKCU\..\Run: [var strP] c:\WINDOWS\System32\var strPort;
O4 - HKCU\..\Run: [Win Drivers SSL32] hpwsnnsbc.exe
O4 - HKCU\..\Run: [Micr Update] soundblaster.exe
O4 - HKCU\..\Run: [Arue] C:\Program Files\pait\lnmr.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - C:\WINDOWS\System32\vbsys2.dll (file missing)
O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\UpdateXP6.exe (file missing)
O23 - Service: Windows Mess Service - Unknown owner - C:\WINDOWS\winmsd.exe (file missing)
O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe
O23 - Service: Remote Procedure Call (RPC) Helper (%AF) - Unknown owner - C:\WINDOWS\system32\mfciq.exe (file

Reboot your computer into Safe Mode

Then delete these files or directories (Do not be concerned if they do not exist)

C:\WINDOWS\nzxcp.dll
C:\Program Files\Ljxpu\
c:\windows\system32\soundblaster.exe
c:\windows\system32\pingppac.exe
c:\windows\system32\hpwsnnsbc.exe
c:\windows\system32\soundblaster.exe
C:\Program Files\pait\
c:\eied_s7.cab
c:\ex.cab
C:\WINDOWS\System32\vbsys2.dll
C:\WINDOWS\System32\UpdateXP6.exe
C:\WINDOWS\winmsd.exe
C:\WINDOWS\wordpad.exe

Reboot your computer to go back to normal mode.

I see that you are running msconfig in /auto mode which means that you may have selectively removed some items in the past from the startup procedure. This can be bad if they are malware, so we would like you to reenable those startup entries by doing the following:

Please click on start, then run, and type msconfig and then press enter. When the window opens click on the startup tab and make sure there are checkmarks in every entry. Then press ok until you are out of the program. If it asks to reboot, do not reboot.

Now please create a new Hijackthis Log and post it as a reply.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users