1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

need help with hijack this log and ewido log

Discussion in 'Virus & Other Malware Removal' started by dubz86, Dec 31, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. dubz86

    dubz86 Thread Starter

    Joined:
    Dec 31, 2005
    Messages:
    11
    i posted a thread earlier about how my homepage got set to about:blank and someone told me to try hijack this and ewido and here are the logs. hopefully someone can help me crack this thanks

    hijack log

    Logfile of HijackThis v1.99.1
    Scan saved at 9:50:08 PM, on 31/12/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ewido anti-malware\SecuritySuite.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\yugju.dll/sp.html#88449%resultposition.net
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\yugju.dll/sp.html#88449%resultposition.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\yugju.dll/sp.html#88449%resultposition.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\yugju.dll/sp.html#88449%resultposition.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\yugju.dll/sp.html#88449%resultposition.net
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\yugju.dll/sp.html#88449%resultposition.net
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\yugju.dll/sp.html#88449%resultposition.net
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/"); (C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\prefs.js)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\prefs.js)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Class - {A21E8708-CA3B-A16F-3208-2F68EC50E62F} - C:\WINDOWS\system32\iedb.dll (file missing)
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [javaef32.exe] C:\WINDOWS\system32\javaef32.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095598511640
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1129929053959
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
    O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\syslx.exe" /s (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: NetOp Helper ver. 7.50 (2002310) (NetOp Host for NT Service) - Danware Data A/S - C:\Program Files\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe



    more to come
     
  2. dubz86

    dubz86 Thread Starter

    Joined:
    Dec 31, 2005
    Messages:
    11
    + Scan result:

    HKLM\SOFTWARE\Classes\CLSID\{011710E1-B483-710E-97E0-2570CF3083B8} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{0374CA48-A799-5108-7C38-BAC7CF481D17} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{03986A99-8487-BF06-A53A-7D6D4ED76483} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{0F9A97E5-963E-75DB-23F4-3897CEC6B584} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{12869A5D-0FF9-B9AA-8BD8-9337FB04C5C6} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{15213F20-4568-A265-3C5A-1F0B1F772EF8} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{19909ED9-FBD8-EB91-C381-7E3707902938} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{1A15F225-55D1-2004-F817-B224A68490B9} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{1D533677-6478-9DBE-8A8D-E743E69BF5FD} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{283AC120-8D27-BA38-11A3-539427563B6C} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{286ECE71-3F17-089B-F6BD-0E16D255AE8A} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{29F1D625-8BC0-9364-C57C-DB62035ABD50} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{2C874D56-A88C-3E88-B23F-99BEE8C67943} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{2CB91DCB-A5E9-DD47-0B46-E2380FC72EF2} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{2CC16CBF-57CB-425A-907D-ABE18223FE62} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{2FB05593-541D-CFF3-2565-B4A5DBD786BC} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{32587655-ECC2-9311-95C4-B841B07B7A99} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{34008A69-BA68-8165-F6D2-77FCBCE7DCC4} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{3C149E0B-2AF5-C8DC-F78A-AAC09F8001C3} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{4042A8E0-BAA2-710A-F824-37FCA490315F} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{4253994F-6825-77D6-AEE7-F03BCB81423C} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{427F33AD-D986-1A0A-4257-206DD27AEC40} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{44B5655E-B38E-E722-41EB-6C29C0B4E29C} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{458710FC-EACF-AA54-F736-6EF18F0FE7C4} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{463E57CB-CFC3-B5A2-1166-CBFF75AD1B9E} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{46C8C875-7053-566F-B7DF-A8735884B10E} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{4A7E0ADF-C8A2-08D3-D46C-91318C2CD9A4} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{4DAC7D8D-9C1A-3965-E63E-6CDFBCD1EB33} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{5589D9AB-A0F2-680A-D323-258D1B13015E} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{56CDF9C1-56A8-F6F5-D235-2292CC21E897} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{57DB0F9C-95AA-F3DB-A422-DF9CC22B2876} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{5932F9CB-E60E-11C7-5BA5-2CD8198CBDB4} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{5AEDA511-0157-5F17-AC3D-A3D8D05DFE0C} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{5E4566F7-825D-2817-0598-1949854654D5} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{5E51824C-52E0-D124-BFC7-DEAEE6504984} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{5E5D127E-33B8-9A98-AF0D-938C370909D5} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{5EC2D84A-6626-8AF1-C8EB-B573423538B1} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{5FFA6789-7ABE-BCB3-18BC-3EB6BE2C1706} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{61729E45-8F32-7D9A-9D6D-03684AA204D4} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{6477E0AE-C44A-D3CD-6823-CC6538DFBFEE} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{68454196-47E8-C18D-A500-7C44E2066D18} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{6A3C5AEB-2856-9DC8-A5D7-C63EDEC0AF15} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{6CC8D4EF-FD23-1704-8A80-7AE8362432D7} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{75A46C7E-D7AB-55F3-8DF2-D9A7FFD913E6} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{77E35B59-5DBF-CA0F-2037-00B52E21E874} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{7A7D53AD-7ADE-7EFC-6291-2E13ADF85376} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{7FBC1A44-1179-6601-4CA4-F9E5BA9627AC} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{7FEABB24-AC82-044D-9122-02B029F286B3} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{846BBD24-8B2C-67B4-0850-9FF99094A213} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{86F5D8DE-EE7E-557E-BEFF-47AAFE8A8F54} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{88AE5BAB-3DC7-9717-34AB-BAC95A1C967A} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{8D48267B-92A9-5684-83DC-0E47E94F8B80} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{8D4BCA1D-4FC5-4D4C-6A9A-E64BFA0B42B3} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{8DA5457F-A8AA-4CCF-A842-70E6FD274094} -> Spyware.HuntBar : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{8EA257CF-EDDF-09CA-1536-29E313C464B0} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{9261C8D3-6127-C95A-7B9B-F9E8EE283C42} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{97FD03BF-2223-5BCC-0213-A97E0706011D} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{983BCD03-BAD0-48DD-7123-2CEA9002484D} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{988F33DF-14DB-9347-ED73-E0CDCC695426} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{9A65FF84-5F62-35FE-18D6-0C43F27B7AEB} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{9A8F5394-C42E-426F-B539-E4F44D9C9347} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{9A91EB6C-6B33-0933-42A8-1A1954F9B35F} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{9C07AC43-1C2D-BD1B-FEDF-58BEDA6A49E1} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{9C0FBA5F-3F3D-397E-15C0-85E3828D8424} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{9D7705A4-9543-9869-8249-F62AC961BDA5} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{A30060E0-10B2-647D-4800-6D1C8285DCB5} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{A4913EBE-69AB-7C2E-EA16-13F6C5E79E14} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{A66DF143-F487-E2C9-232E-3D99CC47A72F} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{A692FF9A-5879-5C99-6791-53A31CA19934} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{A6A52EE5-30B5-6788-D99F-044CABAC5C5D} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{AD0D9FE1-B24C-014A-EBAD-258A81D3DB0B} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{AD10FCA0-53C6-02AA-4FD3-910400721200} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{AE9146BD-F3E6-13D0-911B-0CF28B2B624B} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{B279D474-B064-DCC7-5638-6B0E0A96537C} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{B3FEA706-1476-462B-9B5A-B1A4772CC8DF} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{B81896EA-E0AA-92AA-BF67-14B1C8C5A7E4} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{B825DEE4-D4B5-9286-E839-48249C3E89A6} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{B9087056-572E-C46F-41EA-766D3370ABEF} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{BC7CDD90-0B77-5C0F-AD1F-789795AD1AC3} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{BCBD9A6C-4B22-A8D0-8E90-F47A88F73639} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{C0C3B877-2F73-D5F0-470E-5687890C47C6} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{C1CC71FF-8764-ADFB-036B-BD513D9AB830} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{C3DFD60C-F72B-47B4-D7B9-54227AB606A9} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{C4912723-2E04-C5E4-E084-96EE91C51798} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{C5CF0033-FE6F-DFFB-1A79-2FD325A2F704} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{C5F30C3E-DF43-3900-BA95-C664D49EFBB2} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{C66A3BCE-13D0-313C-897A-B77CA925363F} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{C6D51432-AEA1-C0D6-61F5-C10ABA6C8A0D} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{C872B373-FBFA-6A47-1C64-47E4EB6B9A99} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{CAFF6042-9822-36A6-4764-C0BF5E59EF31} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{CBD8F541-0C17-2308-CE59-19ACBB1E7CB6} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{CDA7655D-27CA-4F67-07DB-DBE1FF31B073} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{CE6391C4-346E-13E9-03A2-E8708CCA3B6A} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{D83F0117-C7D8-20AF-2100-FD548A73684C} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{D990B9E1-F168-13E8-1A21-97D04D3C2F96} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{DEE94005-1C44-5C08-22FF-9E5E64B4E3BB} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{E0E5A173-0CF3-BCA9-8543-4B6252CD9DA6} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{E121C209-BF6B-57D4-6C7F-D3C2E3BE436E} -> Spyware.MidAddle : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{E5AEC6A2-E0DA-BCCF-46E8-C8D57F1BAB09} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{E61B04D3-5684-9F05-B849-0B1AC13A3F3F} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{EB7A1A2D-9C0D-C8D4-8A9B-F6E22A647B85} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{EDB041DC-4D4D-649F-F3B9-249E35ABBEF0} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{EE7430B5-880B-955D-AF46-8C653AEAD8F8} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{EF3DBF8F-82AE-7C37-9E41-FF6768F169E3} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{EFA208BD-7CAB-94A3-7B00-9059427930B1} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F252B597-9791-2380-904F-55CD7338EA24} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F2902916-5CFB-B382-CE40-C89899118D58} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F29410C9-B2AD-CEAB-4F52-9AADB08954D1} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F3CE29D7-1F3D-C3AE-8BFA-949DD938C336} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F4BF9913-CC48-121B-F8DE-11BD3C45410F} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F547C47F-8034-3D35-963A-C6B0626566D7} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F573A15E-4E08-2CE8-1F75-3F0D794E2E42} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F5E4032F-B58E-1B79-B01F-22DB28518DF7} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F78C8767-D7AA-B6F9-7220-5FF80088C727} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F7AD1C87-A22D-2ADE-8709-D877F23F4F05} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F802FEC2-BF51-3198-4339-747CCF253651} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F853A78A-343F-AC2C-6EC1-7AD1A007D9CD} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{F9611D23-F7B8-A44B-E962-46EE65E5DBA4} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{FA368488-8008-3889-4E2F-86BBFD486BD2} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{FA3995AD-2D9D-2CC1-3A3B-1E594D7AF696} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{FA6A8ADC-5ACF-A739-A8BF-5E4D7B5991C1} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{FEBB350A-7FF3-3B6F-52F8-65F066D1DC68} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E} -> Spyware.TOPicks : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662} -> Spyware.TOPicks : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099} -> Spyware.TOPicks : Cleaned with backup
    HKLM\SOFTWARE\Classes\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498} -> Spyware.P2PNetworking : Cleaned with backup
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF} -> Downloader.WebP2P : Cleaned with backup
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8DA5457F-A8AA-4CCF-A842-70E6FD274094} -> Spyware.HuntBar : Cleaned with backup
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3DFD60C-F72B-47B4-D7B9-54227AB606A9} -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SE -> Spyware.CoolWebSearch : Cleaned with backup
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SW -> Spyware.CoolWebSearch : Cleaned with backup
    HKU\S-1-5-21-2095343031-2180020972-515988717-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DA5457F-A8AA-4CCF-A842-70E6FD274094} -> Spyware.HuntBar : Cleaned with backup
    HKU\S-1-5-21-2095343031-2180020972-515988717-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3DFD60C-F72B-47B4-D7B9-54227AB606A9} -> Spyware.CoolWebSearch : Cleaned with backup
    :mozilla.6:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
    :mozilla.7:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
    :mozilla.10:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
    :mozilla.17:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    :mozilla.18:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
    :mozilla.19:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.20:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.21:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.22:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.23:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.24:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.25:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.26:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.27:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.28:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.29:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
     
  3. dubz86

    dubz86 Thread Starter

    Joined:
    Dec 31, 2005
    Messages:
    11
    ewido log part 2

    :mozilla.30:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.31:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.33:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.34:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.35:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.38:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.51:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
    :mozilla.52:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.53:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
    :mozilla.54:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.57:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Specificpop : Cleaned with backup
    :mozilla.58:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Specificpop : Cleaned with backup
    :mozilla.61:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.62:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.63:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.73:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
    :mozilla.74:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
    :mozilla.83:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
    :mozilla.84:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
    :mozilla.90:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
    :mozilla.99:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.100:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.101:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.102:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.103:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.104:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.113:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
    :mozilla.127:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
    :mozilla.135:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.143:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
    :mozilla.146:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
    :mozilla.147:C:\Documents and Settings\Dubzz\Application Data\Mozilla\Profiles\default\rkgsrkas.slt\cookies.txt -> Spyware.Cookie.Brilliantdigital : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][1].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][2].txt -> Spyware.Cookie.Com : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][2].txt -> Spyware.Cookie.Overture : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Dubzz\Cookies\[email protected][2].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    C:\Documents and Settings\Dubzz\Local Settings\Temp\2F.tmp -> Not-A-Virus.Hoax.Win32.Renos.al : Cleaned with backup
    C:\Documents and Settings\Dubzz\Local Settings\Temp\temp.fr0658 -> Downloader.Agent.td : Cleaned with backup
    C:\Documents and Settings\Dubzz\Local Settings\Temp\temp.fr3394 -> Downloader.Agent.td : Cleaned with backup
    C:\Documents and Settings\Dubzz\Local Settings\Temp\temp.fr4264 -> Downloader.Agent.td : Cleaned with backup
    C:\Documents and Settings\Dubzz\Local Settings\Temporary Internet Files\Content.IE5\NI43RPOX\mm[2].js -> Spyware.Chitika : Cleaned with backup
    C:\Program Files\Kazaa\TopSearch.dll -> Spyware.Altnet : Cleaned with backup
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.RB0/Program Files/advsearch/updater.exe -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.RB0/Program Files/advsearch/update.exe -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.RB0/Program Files/advsearch/nndll.dll -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.RB0/Program Files/advsearch/nn7dll.dll -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.RB0/Program Files/advsearch/mydll.dll -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.RB0/Program Files/advsearch/findservice.exe -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.zip/Program Files/advsearch/updater.exe -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.zip/Program Files/advsearch/update.exe -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.zip/Program Files/advsearch/nndll.dll -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.zip/Program Files/advsearch/nn7dll.dll -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.zip/Program Files/advsearch/mydll.dll -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\PestPatrol\Quarantine\20040712204918991.zip/Program Files/advsearch/findservice.exe -> Spyware.ActualNames : Error during cleaning
    C:\Program Files\SpySheriff -> Spyware.SpySheriff : Cleaned with backup
    C:\Program Files\SpySheriff\SpySheriff.exe -> Spyware.SpySheriff : Cleaned with backup
    C:\Program Files\SpySheriff\Uninstall.exe -> Spyware.SpySheriff : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109523.PIF:gfofl -> Downloader.Agent.bc : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109523.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109523.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109532.PIF:gfofl -> Downloader.Agent.bc : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109532.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109532.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109537.exe -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109544.exe -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109549.PIF:gfofl -> Downloader.Agent.bc : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109549.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109549.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109549.PIF:smjwt -> Downloader.Agent.bc : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109550.ini:vofus -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109717.PIF:gfofl -> Downloader.Agent.bc : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109717.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109717.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109717.PIF:smjwt -> Downloader.Agent.bc : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109718.ini:vofus -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109725.PIF:gfofl -> Downloader.Agent.bc : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109725.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109725.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109725.PIF:smjwt -> Downloader.Agent.bc : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109726.ini:vofus -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109734.PIF:gfofl -> Downloader.Agent.bc : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109734.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109734.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109734.PIF:smjwt -> Downloader.Agent.bc : Cleaned with backup
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP803\A0109735.ini:vofus -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\31331333.dat:pccjd -> Downloader.Agent.bq : Cleaned with backup
    C:\WINDOWS\addfr32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\addnj.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\addtx32.dll -> Downloader.Agent.bc : Cleaned with backup
    C:\WINDOWS\appaa32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\apprk.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\appuk.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\atlan.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\atlbg.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\AuHCcup1.ini:vofus -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\BOOTSTAT.DAT:tdgdj -> Downloader.Agent.ap : Cleaned with backup
    C:\WINDOWS\CONTROL.INI:zgept -> Downloader.Agent.ap : Cleaned with backup
    C:\WINDOWS\crsr.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\iphy32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\ipoa32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\ipwb32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\jautoexp.dat:nxwsm -> Downloader.Agent.ap : Cleaned with backup
    C:\WINDOWS\javadn.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\javahg.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\javakz32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\javavp32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\KB837001.log:ysbiy -> Downloader.Agent.ap : Cleaned with backup
    C:\WINDOWS\mfcaj32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\mfcvz.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\mfcxd.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\ModemLog_BCM V.92 56K Voicemodem.txt:qtmro -> Downloader.WinShow.ak : Cleaned with backup
    C:\WINDOWS\msnd.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\msqq.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\msvx32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\muninst.exe:vcrav -> Downloader.Agent.ap : Cleaned with backup
    C:\WINDOWS\nteq.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\ntle32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\ntyj32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\ODBCINST.INI:tggsm -> Downloader.WinShow.ak : Cleaned with backup
    C:\WINDOWS\Q328310.log:pyxtt -> Downloader.Agent.bq : Cleaned with backup
    C:\WINDOWS\Q329170.log:hziyo -> Downloader.Agent.ap : Cleaned with backup
    C:\WINDOWS\Q329390.log:yacuu -> Downloader.Agent.bq : Cleaned with backup
    C:\WINDOWS\Q329909.log:qbmiw -> Downloader.Agent.ap : Cleaned with backup
    C:\WINDOWS\Q815304.log:wcphi -> Downloader.WinShow.ak : Cleaned with backup
    C:\WINDOWS\Q815485.log:ugjis -> Downloader.WinShow.ak : Cleaned with backup
    C:\WINDOWS\Q816981.log:fxtqj -> Downloader.WinShow.ak : Cleaned with backup
    C:\WINDOWS\readme.ico:qppfj -> Downloader.Agent.bq : Cleaned with backup
    C:\WINDOWS\REGOPT.LOG:jpakd -> Downloader.Agent.bq : Cleaned with backup
    C:\WINDOWS\sdkpj32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\sdkqk32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\shop.ico:kemdv -> Downloader.Agent.bq : Cleaned with backup
    C:\WINDOWS\syskx.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\syslx.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\addjc32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\addoo32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\addow32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\addxv.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\apief.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\apiwf32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\atlqt32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\cacore.dll -> Spyware.Coupon : Cleaned with backup
    C:\WINDOWS\SYSTEM32\carules.dll -> Spyware.Coupon : Cleaned with backup
    C:\WINDOWS\SYSTEM32\casync.dll -> Spyware.Coupon : Cleaned with backup
    C:\WINDOWS\SYSTEM32\crcv32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\d3mv.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\iedb.dll -> Downloader.Agent.bc : Cleaned with backup
    C:\WINDOWS\SYSTEM32\ievu32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\ipmp32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\mfcrj.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\mfcvw32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\mfcwe.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\mscornet.exe -> Downloader.Zlob.bz : Cleaned with backup
    C:\WINDOWS\SYSTEM32\netca.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\netwq32.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\ntez32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\ntmr32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\P2P Networking -> Spyware.P2PNetworking : Cleaned with backup
    C:\WINDOWS\SYSTEM32\P2P Networking\Cache -> Spyware.P2PNetworking : Cleaned with backup
    C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database -> Spyware.P2PNetworking : Cleaned with backup
    C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-1000-0x34da4c4b5d66fe32fa7ac3e19ac11016.sig -> Spyware.P2PNetworking : Cleaned with backup
    C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\file-1001-80.sig -> Spyware.P2PNetworking : Cleaned with backup
    C:\WINDOWS\SYSTEM32\P2P Networking\Cache\Database\index256.dbb -> Spyware.P2PNetworking : Cleaned with backup
    C:\WINDOWS\SYSTEM32\P2P Networking\P2P Networking.eng -> Spyware.P2PNetworking : Cleaned with backup
    C:\WINDOWS\SYSTEM32\sdkiz32.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\sysay.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\sysnr.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\wincq.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\winjq.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\SYSTEM32\winmm.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\SYSTEM32\winsf.exe -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\wingl.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\wintp.exe -> Trojan.Agent.bi : Cleaned with backup
    C:\WINDOWS\_DEFAULT.PIF:gfofl -> Downloader.Agent.bc : Cleaned with backup
    C:\WINDOWS\_DEFAULT.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\_DEFAULT.PIF:hbdsz -> Downloader.Agent.td : Cleaned with backup
    C:\WINDOWS\_DEFAULT.PIF:smjwt -> Downloader.Agent.bc : Cleaned with backup
    C:\winstall.exe -> Not-A-Virus.Hoax.Win32.Renos.al : Cleaned with backup

    not sure if i was suppose to clean it or what... hopefully i did not cause too much damage

    thanks

    please let me know
     
  4. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    111,841
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/429905

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice