1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer experiencing problems + HT Log

Discussion in 'Virus & Other Malware Removal' started by BlackHorseman, Jul 22, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. BlackHorseman

    BlackHorseman Thread Starter

    Joined:
    Apr 27, 2002
    Messages:
    451
    Hi,

    A friend's computer is experiencing some slowing down, often get's stuck. Internet connection also has slowed down.

    I'm attaching a HijackThis log.

    ----------------------------------------------------------------

    Logfile of HijackThis v1.99.1
    Scan saved at 16:11:01, on 21.07.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\CursorXP\CursorXP.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Maxthon\Maxthon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    D:\Daniel\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://israelinfo.ru/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://mail.ru/mra
    R3 - URLSearchHook: MraSearch Class - {30DA811B-BCBF-4AA7-B5E3-CEE0E03EF2B2} - C:\WINDOWS\SYSTEM32\MraSearch.dll (file missing)
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (file missing)
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (file missing)
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (file missing)
    O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [napjnci] C:\WINDOWS\system32\etgpjas.exe r
    O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
    O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe"
    O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [XSC SIP Client] "C:\Program Files\X-Lite\X-Lite.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.71\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat 3.71\Camfrog Video Chat.exe
    O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
    O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
    O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Закачать все при помощи FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
    O8 - Extra context menu item: Закачать при помощи FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
    O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
    O16 - DPF: {3EA00DAB-812E-4894-A7D2-E9B0F80E94AE} (ARSign Class) - https://www.join.poalim.co.il/reg/pk/cabs/arpkcom.cab
    O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O17 - HKLM\System\CCS\Services\Tcpip\..\{202E5304-9811-4E6B-B387-93C382233A62}: NameServer = 212.150.49.10 212.150.48.169
    O17 - HKLM\System\CS1\Services\Tcpip\..\{202E5304-9811-4E6B-B387-93C382233A62}: NameServer = 212.150.49.10 212.150.48.169
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)

    ----------------------------------------------------------------

    Thank you,
    Daniel.
     
  2. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Run HJT again and put a check in the following:

    R3 - URLSearchHook: MraSearch Class - {30DA811B-BCBF-4AA7-B5E3-CEE0E03EF2B2} - C:\WINDOWS\SYSTEM32\MraSearch.dll (file missing)
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (file missing)
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (file missing)
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (file missing)
    O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar.dll (file missing)
    O4 - HKLM\..\Run: [napjnci] C:\WINDOWS\system32\etgpjas.exe r
    O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
    O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe (file missing)
    O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)

    Close all applications and browser windows before you click "fix checked".



    Click Here and download Killbox and save it to your desktop.



    Double-click on Killbox.exe to run it.
    Put a tick by Delete on Reboot.
    Copy the following list of files to clipboard, CTRL+C to copy
    Now in Killbox go to File, Paste from clipboard.
    Click the All Files button.
    Click on the button that has the red circle with the X in the middle.
    It will ask for confimation to delete the file.
    Click Yes.
    It will ask if you want to reboot now,
    Click Yes.


    Download Ewido anti-spyware from HERE and save that file to your desktop.

    This is a 30 day trial of the program
    1. Once you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
    2. Once the setup is complete you will need run ewido and update the definition files.
    3. On the main screen select the icon "Update" then select the "Update now" link.
      • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
    4. Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
    5. Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
    6. Under "Reports"
      • Select "Automatically generate report after every scan"
      • Un-Select "Only if threats were found"
    Close ewido anti-spyware, Do Not run a scan just yet, we will shortly.
    1. Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
      IMPORTANT: Do not open any other windows or programs while ewido is scanning, it may interfere with the scanning proccess:
    2. Lauch ewido-anti-spyware by double-clicking the icon on your desktop.
    3. Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
    4. ewido will now begin the scanning process, be patient this may take a little time.
      Once the scan is complete do the following:
    5. If you have any infections you will prompted, then select "Apply all actions"
    6. Next select the "Reports" icon at the top.
    7. Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
    8. Close ewido and reboot your system back into Normal Mode and post the results of the ewido report scan.


    Post a new HijackThis log and the log from Ewido.
     
  3. BlackHorseman

    BlackHorseman Thread Starter

    Joined:
    Apr 27, 2002
    Messages:
    451
    I ran HT.
    Then, with KillBox, I had a few problems.
    First, the interface used to add files is unclear. I tried copying the paths you gave me one by one, and pasting them into the textbox (whether I selected paste from clipboard before or not seemed to make little difference), and kept seeing only the last path (using the drop-down arrow)...

    Then, clicking thr X resulted in:

    'PendingFileRenameOperations Registry Data has been removed by an external process'

    Thakn you,
    Daniel.
     
  4. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Did it reboot? If not do that and then run the Ewido scan ...
     
  5. BlackHorseman

    BlackHorseman Thread Starter

    Joined:
    Apr 27, 2002
    Messages:
    451
    It didn't.
    I am d/ling Ewido now, will run it & then post all logs.

    Just wanted to add:
    molases already seem to be thinning out : )
     
  6. BlackHorseman

    BlackHorseman Thread Starter

    Joined:
    Apr 27, 2002
    Messages:
    451
    OK, I've run Ewido - it has removed over 500 different elements.
    Here's the HT report. The Ewido report is HUGE - sure you want me to post it here?

    BTW - still the same happens with KillBox....
     
  7. BlackHorseman

    BlackHorseman Thread Starter

    Joined:
    Apr 27, 2002
    Messages:
    451
    The Log:

    ----------------------------------------------------------------

    Logfile of HijackThis v1.99.1
    Scan saved at 18:22:32, on 21.07.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
    C:\Program Files\CursorXP\CursorXP.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\X-Lite\X-Lite.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\LogMeIn\LogMeIn.exe
    C:\Program Files\LogMeIn\RaMaint.exe
    C:\Program Files\LogMeIn\LogMeInSystray.exe
    C:\Program Files\ewido anti-spyware 4.0\ewido.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Daniel\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://israelinfo.ru/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://mail.ru/mra
    O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
    O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe"
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\LogMeInSystray.exe"
    O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [XSC SIP Client] "C:\Program Files\X-Lite\X-Lite.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.71\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat 3.71\Camfrog Video Chat.exe
    O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
    O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Закачать все при помощи FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
    O8 - Extra context menu item: Закачать при помощи FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
    O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {3EA00DAB-812E-4894-A7D2-E9B0F80E94AE} (ARSign Class) - https://www.join.poalim.co.il/reg/pk/cabs/arpkcom.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O17 - HKLM\System\CCS\Services\Tcpip\..\{202E5304-9811-4E6B-B387-93C382233A62}: NameServer = 212.150.49.10 212.150.48.169
    O17 - HKLM\System\CS1\Services\Tcpip\..\{202E5304-9811-4E6B-B387-93C382233A62}: NameServer = 212.150.49.10 212.150.48.169
    O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\LogMeIn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    ----------------------------------------------------------------
     
  8. BlackHorseman

    BlackHorseman Thread Starter

    Joined:
    Apr 27, 2002
    Messages:
    451
    One additional issue - before I took this poor machine under my patronage, some poor, misguided soul has attempted to reinstall Windows on it without first performing the holy ritual of Format C:. The installation has not been completed.

    Each time the computer starts it gives the user the option to start WinXP professional (the original installation) or to complete the new installation. How can this new installation be removed?

    Daniel.
     
  9. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    What a mess!

    Is there some reason you don't just save the data and format/reload the drive?
     
  10. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    On the Ewido log you can cut out the cookies and temp internet file portion, that should make it smaller.
     
  11. BlackHorseman

    BlackHorseman Thread Starter

    Joined:
    Apr 27, 2002
    Messages:
    451
    Are you saying the best course of action would be to format & reinstall?

    Here is the Ewido log:

    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 18:17:20 21.07.2006

    + Scan result:



    HKLM\SOFTWARE\msbb -> Adware.180Solutions : Cleaned with backup (quarantined).
    HKU\S-1-5-21-1844237615-1592454029-839522115-1003\Software\msbb -> Adware.180Solutions : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00000097.idf/C:/Program Files/BullsEye Network/bin/adv.exe -> Adware.BargainBuddy : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00000097.idf/C:/Program Files/BullsEye Network/bin/adx.exe -> Adware.BargainBuddy : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00000097.idf/C:/Program Files/BullsEye Network/bin/bargains.exe -> Adware.BargainBuddy : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00000682.idf/C:/Program Files/BullsEye Network/bin/adv.exe -> Adware.BargainBuddy : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00000682.idf/C:/Program Files/BullsEye Network/bin/adx.exe -> Adware.BargainBuddy : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00000682.idf/C:/Program Files/BullsEye Network/bin/bargains.exe -> Adware.BargainBuddy : Cleaned with backup (quarantined).
    HKLM\SYSTEM\CurrentControlSet\Services\ISEXEng -> Adware.BargainBuddy : Cleaned with backup (quarantined).
    HKLM\SYSTEM\CurrentControlSet\Services\ISEXEng\Enum -> Adware.BargainBuddy : Cleaned with backup (quarantined).
    HKLM\SYSTEM\CurrentControlSet\Services\ISEXEng\Security -> Adware.BargainBuddy : Cleaned with backup (quarantined).
    C:\WINDOWS\mgppdrnwhh.exe -> Adware.BetterInternet : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\DrPMon.dll -> Adware.BetterInternet : Cleaned with backup (quarantined).
    HKLM\SYSTEM\CurrentControlSet\Services\SvcProc -> Adware.BetterInternet : Cleaned with backup (quarantined).
    HKLM\SYSTEM\CurrentControlSet\Services\SvcProc\Enum -> Adware.BetterInternet : Cleaned with backup (quarantined).
    HKLM\SYSTEM\CurrentControlSet\Services\SvcProc\Security -> Adware.BetterInternet : Cleaned with backup (quarantined).
    HKU\.DEFAULT\Software\BTGrab -> Adware.BetterInternet : Cleaned with backup (quarantined).
    HKU\S-1-5-18\Software\BTGrab -> Adware.BetterInternet : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_109500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_109500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_134800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_134800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_168500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_168500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_181200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_181200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_201400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_201400.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_215900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_215900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_269500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_269500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_282900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_282900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_290300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_290300.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_309600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_309600.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_326700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_326700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_328700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_328700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_329100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_329100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_331000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_331000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_337600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_337600.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_348700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_348700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_362700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_362700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_374500.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_374600.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_374700.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_376200.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_376300.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_376800.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_398800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_398800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_420900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_420900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_445800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_445900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_446000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_499100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_499100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_803700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_803700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_806400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_806400.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_823600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_823600.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_827500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_827500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_828100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_0_828100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_1_104100.GIF -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_1_104200.GIF -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_1_329100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_1_329100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_109000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_109000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_188700.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_188800.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_329100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_329100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_365200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_365200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_370100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_370100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_374500.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_374600.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_374700.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_376200.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_376300.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_376800.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_389000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_389000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_499100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_2_499100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_103100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_103100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_121600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_121600.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_169500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_169500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_193000.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_193100.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_257000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_257000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_274100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_274100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_278400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_278400.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_286800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_286800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_306800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_306800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_307900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_307900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_311800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_311800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_318000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_318000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_329100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_329100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_336400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_336400.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_337600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_337600.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_344500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_344500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_358300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_358300.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_389000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_389000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_439100.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_499000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_499000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_499300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_3_499300.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_107500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_107500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_127800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_127800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_138400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_138400.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_143700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_143700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_193000.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_193100.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_242300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_242300.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_247700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_247700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_273500.GIF -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_283500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_283500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_286800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_286800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_298400.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_329100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_329100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_352700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_352700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_365200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_365200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_370100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_370100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_439100.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_483500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_483500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_499000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_499000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_499300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_499300.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_499500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_499500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_819600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_819600.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_820000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_0_4_820000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_112400.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_112400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_112500.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_112500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_137500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_137500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_138000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_138000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_141800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_141800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_187900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_206000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_206100.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_206100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_223800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_223800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_223900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_223900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_224500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_247600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_247600.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_257100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_257100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_257200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_257200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_281300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_349400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_350400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_352700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_364100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_364100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_367200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_367400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_367700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_372100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_393300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_814200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
     
  12. BlackHorseman

    BlackHorseman Thread Starter

    Joined:
    Apr 27, 2002
    Messages:
    451
    C:\WINDOWS\system32\AdCache\B_277_1_0_815600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_0_815900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_121700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_121700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_122000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_122000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_187900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_193900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_193900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_194000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_194000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_206100.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_206100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_224500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_335800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_344700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_344700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_344900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_344900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_1_372100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_105400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_146900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_187900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_208200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_208200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_247800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_247800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_247900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_247900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_326400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_335800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_364300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_364300.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_372100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_393300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_393300.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_424600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_432500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_2_432800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_107200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_107700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_167700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_177200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_309900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_326400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_335800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_340400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_352700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_372100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_377600.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_377600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_378000.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_378000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_378400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_404400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_432500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_432800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_437900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_439200.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_3_439200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_101600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_101600.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_103100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_103100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_105400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_106000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_106700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_108100.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_108100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_109100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_109100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_109200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_109200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_121400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_121400.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_121500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_121500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_165000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_177400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_177600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_179400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_179700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_185300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_187900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_191700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_192300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_193600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_200500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_200500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_202300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_202300.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_202400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_202400.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_206000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_206100.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_206100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_206900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_223300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_223300.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_224500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_224800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_235800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_235800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_236800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_236800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_236900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_236900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_241800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_241800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_241900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_241900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_255300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_265100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_267200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_267200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_274500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_274500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_274600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_274600.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_281300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_283100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_283100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_287200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_287200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_288100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_288100.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_288600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_288600.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_308000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_308000.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_314200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_314200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_318200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_318200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_318500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_318500.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_320900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_326400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_335200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_335200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_335400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_335400.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_335800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_338800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_340400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_344700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_344700.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_344900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_344900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_352200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_352200.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_352800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_352800.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_352900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_352900.swf -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_353300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_353700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_359400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_366900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_367200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_367400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_367700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_372100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_376100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_377200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_377600.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_377600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_378000.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_378000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_378400.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_386900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_393600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_399700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_401500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_411100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_424600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_432500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_432800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_437900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_439200.gif -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_439200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_448100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_483600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_484100.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_499200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_499600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_499700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_499800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_803800.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_803900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_806500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_806900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_819000.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_819900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_820200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_823300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_823700.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_823900.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_825300.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_825600.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_828200.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\B_277_1_4_828500.htm -> Adware.Cydoor : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\AdCache\Temp -> Adware.Cydoor : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\IST -> Adware.ISTBar : Cleaned with backup (quarantined).
    C:\Documents and Settings\Droznes\Local Settings\Temp\ICD1.tmp\MediaTicketsInstaller.ocx -> Adware.MediaTickets : Cleaned with backup (quarantined).
    C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MediaTicketsInstaller.ocx -> Adware.MediaTickets : Cleaned with backup (quarantined).
    C:\WINDOWS\NDNuninstall6_30-1.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\Documents and Settings\Droznes\Start Menu\Programs\Power Scan -> Adware.PowerScan : Cleaned with backup (quarantined).
    C:\Documents and Settings\Droznes\Start Menu\Programs\Power Scan\Power Scan.lnk -> Adware.PowerScan : Cleaned with backup (quarantined).
    HKU\S-1-5-21-1844237615-1592454029-839522115-1003\Software\PowerScan -> Adware.PowerScan : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\SaveInstCm.exe/Save.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\SaveInstCm.exe/SaveUninst.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\SaveInstCm.exe/Sync.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\SaveInstCm.exe/Uninst.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\SaveInstWs.exe/Save.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\SaveInstWs.exe/SaveUninst.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WhenUSave -> Adware.SaveNow : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\SWRT01.RT -> Adware.SecondThought : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\SWRT01.RT\Clsid -> Adware.SecondThought : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\SWRT01.dll -> Adware.VirtualBouncer : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\res -> Adware.WebSearch : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\AUI -> Adware.WebSearch : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\dctl -> Dialer.Generic : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\dctl\shell -> Dialer.Generic : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\dctl\shell\open -> Dialer.Generic : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\dctl\shell\open\command -> Dialer.Generic : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\dctl\shell\open\ddeexec -> Dialer.Generic : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\dctl\shell\open\ddeexec\Application -> Dialer.Generic : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\dctl\shell\open\ddeexec\Topic -> Dialer.Generic : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\GMSoft -> Dialer.Generic : Cleaned with backup (quarantined).
    HKU\S-1-5-21-1844237615-1592454029-839522115-1003\Software\GMSoft -> Dialer.Generic : Cleaned with backup (quarantined).
    C:\WINDOWS\Downloaded Program Files\ISTprotect.dll -> Downloader.IstBar.gr : Cleaned with backup (quarantined).
    C:\WINDOWS\Downloaded Program Files\istactivex.inf -> Downloader.Small : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\SaveInstWs.exe/DnldStub.exe -> Downloader.Small.kl : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\bw.exe -> Dropper.Small.of : Cleaned with backup (quarantined).


    ::Report end
     
  13. BlackHorseman

    BlackHorseman Thread Starter

    Joined:
    Apr 27, 2002
    Messages:
    451
    OK,

    Thanks for all your help.
    I will continue the work over the week - have installed LogMeIn, sp that I can do it remote.

    Daniel.
     
  14. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    I would empty that Norton recycle bin and flush the restore points to remove those old files. Set a new restore point after that.

    I'm not sure how to tell you to remove the 2nd installation that's why I suggested a reload.
     
  15. BlackHorseman

    BlackHorseman Thread Starter

    Joined:
    Apr 27, 2002
    Messages:
    451
    Hmmmm.... 'reload' means 'restart'. I don't understand.

    I don't like to see anything by Norton on any machine I'm working with, so I will probably just remove the whole thing. Don't know what 'restore points' are.....

    About the second installation - I thought I could just remove the entry from the boot file (wherever that merry scoundrel lurketh) and then delete, delete, delete.....
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/485342

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice