Trouble with Homepage on IE - mike_jones

Unknown

Hello

My problem is that anytime I open up Internet Explorer, 3 pop-ups come up and ask me to install some sort of advanced browsing technology, I just close them when they come up. My homepage is this blank white screen after I close the pop-ups and the address is this: C:\WINDOWS\system32\msblank.html
I would really appreciate it if you can help me out, and thanks in advance.

I ran spybot, ad-aware, and panda active scan, and the first set of results are activescan's. The second set of data is my hijackthis log file after running those 3 programs.

Incident Status Location

Adware:Adware/MediaTickets No disinfected C:\cool.exe
Adware:Adware/Alexa-Toolbar No disinfected C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\Cache\C4170A32d01
Adware:Adware/IST.ISTBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav ainstaller.jar-3c936701-3aa3aa1a.zip[InstallerApplet.class]
Adware:Adware/IST.ISTBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav ainstaller.jar-5aa0b436-3902590e.zip[InstallerApplet.class]
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\1114766_2448_1592_2612_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\1180302_2448_1592_2596_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\132186_2448_1592_2932_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\1508324_3956_1684_3464_63.41.tmp1
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\197634_2448_1592_384_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\198048_4024_1592_3968_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\198060_1188_1432_2768_63.41.tmp1
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\198210_4024_1592_3040_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\263526_1188_1432_2992_63.41.tmp1
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\328628_2448_1592_2108_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\393482_1300_1592_1436_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\394080_2448_1592_860_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\4391890_1600_1432_3556_63.41.tmp1
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\459374_1300_1592_1336_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\459612_2448_1592_2892_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\4850318_1300_1592_2404_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\525726_4024_1592_1600_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\591328_4024_1592_3952_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\655860_1300_1592_1632_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\656152_2448_1592_768_66.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\918114_1936_1432_780_63.41.tmp1
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\919084_4024_1592_2364_66.41.tmp
Dialerialer.CZF No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\bkdflhnd.exe
Adware:Adware/nCase No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\Del126.tmp
Dialerialer.CZF No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\eokpgnmd.exe
Dialerialer.CZF No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\fefclpmd.exe
Adware:Adware/IST.ISTBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\iinstall.exe
Adware:Adware/IST.YourSiteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\mY1SwJ.exe
Dialerialer.CZF No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\nhonfkmd.exe
Dialerialer.CZF No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\oanmjdmd.exe
Spyware:Spyware/Dyfuca No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\optimize.exe
Adware:Adware/nCase No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\res127.tmp
Adware:Adware/IST.YourSiteBar No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\sBlZ5c.exe
Dialerialer.CZF No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\stealth.yopt
Dialerialer.NO No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\temp.fr9B1C
Dialerialer.BEW No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\Temporary Internet Files\Content.IE5\7AEROGOX\s8[1].htm
Dialerialer.BEW No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temporary Internet Files\Content.IE5\00WN6SBR\s8[1].htm
Dialerialer.BEW No disinfected C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temporary Internet Files\Content.IE5\8XAR01YV\connect[1].htm
Adware:Adware/SpySheriff No disinfected C:\install.exe
Adware:adware/cws.searchmeup No disinfected C:\new.exe
Spyware:Spyware/Dyfuca No disinfected C:\Program Files\Uxyn\Wzoqu.exe

Logfile of HijackThis v1.99.1
Scan saved at 3:09:40 PM, on 10/6/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Uxyn\Wzoqu.exe
C:\WINDOWS\System32\m00.exe
C:\WINDOWS\System32\popcorn320.exe
C:\WINDOWS\etb\pokapoka73.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.ex e
C:\WINDOWS\System32\maxd1.exe
C:\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.24-7searching-and-more.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.24-7searching-and-more.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.24-7searching-and-more.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\System32\msblank.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.24-7searching-and-more.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R3 - Default URLSearchHook is missing
F3 - REG:win.ini: run=C:\WINDOWS\System32\svc.exe
N1 - Netscape 4: user_pref("browser.startup.homepage", "www.google.ca"); (C:\Program Files\Netscape\Users\usman_shaikh\prefs.js)
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [PCI TV Card Remote Control Applet] C:\WINDOWS\713xRMT.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Ercpkv] C:\Program Files\Uxyn\Wzoqu.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelCheck] C:\WINDOWS\System32\m00.exe
O4 - HKLM\..\Run: [System service63] C:\WINDOWS\etb\pokapoka66.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\popcorn320.exe rundll.dll,LoadMouseProfile
O4 - HKLM\..\Run: [System service66] C:\WINDOWS\etb\pokapoka66.exe
O4 - HKLM\..\Run: [System service67] C:\WINDOWS\etb\pokapoka68.exe
O4 - HKLM\..\Run: [System service68] C:\WINDOWS\\etb\pokapoka68.exe
O4 - HKLM\..\Run: [System service69] C:\WINDOWS\\etb\pokapoka69.exe
O4 - HKLM\..\Run: [System service70] C:\WINDOWS\\\etb\\pokapoka70.exe
O4 - HKLM\..\Run: [System service72] C:\WINDOWS\\\etb\\pokapoka72.exe
O4 - HKLM\..\Run: [System service73] C:\WINDOWS\etb\pokapoka73.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [KernelCheck] C:\WINDOWS\System32\m00.exe
O4 - Startup: Athan.lnk = C:\Program Files\Athan\Athan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {5071F29E-AFC7-4217-975B-436C74D8D875} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5071F29E-AFC7-4217-975B-436C74D8D875} - (no file) (HKCU)
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O13 - WWW. Prefix: http://
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binar...kr.cab31267.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://quartz.atkinson.yorku.ca/qp2.cab
O16 - DPF: {11111111-1111-1111-1111-111111111111} -
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binar...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binar...er.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com...es/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binar...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/active...free/asinst.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/M...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v1...ro.cab34246.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/gold/default/gf.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://sympatico.zone.msn.com/binga...aploader_v6.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binar...wn.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SmartFinder Uninstall (SmartFinder_Uninstall) - Unknown owner - C:\Documents and Settings\Rizwan Shaikh\Desktop\SFUninstaller.exe" service (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

Thanks

Crunchie

Please download LQfix.exe from one of the following locations:

http://www.downloads.subratam.org/LQfix.exe
http://miekiemoes.geekstogo.com/tools/LQfix.exe

Save it to your desktop.

• Double-Click LQfix.exe and click Next > Next > Install.
• Leave the default settings, if you change them, the fix will Fail!
• You need an active Internet connection, so make sure your connection is enabled.
• Now make sure the "Launch LQfix" box is checked.
• Click the Finish button, after clicking the Finish button the fix will start.
• Follow the on-screen prompts.
• Your system will reboot afterwards.
• Please be patient after the reboot, there is a script running in the background that needs to complete.

==

Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/
Install it, and update the definitions to the newest files. Do NOT run a scan yet.
Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

For additional help in booting into Safe Mode, see the following site:
http://www.pchell.com/support/safemode.shtml

Once in Safe Mode, please run Ewido, and do a full scan. During the scan it will prompt you to clean files, click OK.

Save the logfile from the scan. Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.

mike_jones

Hello

I finished the Ewido scan and the HiJackThis logfile and I tried posting both of them on one post, but it's saying that there are too many characters and that I need to shorten it. Below I've posted the new HiJackThis logfile and for the Ewido scan report, I'll try breaking it up into 3 parts and posting each part in a new post.

Logfile of HijackThis v1.99.1
Scan saved at 1:30:53 PM, on 10/10/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.myseachexplorer.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.myseachexplorer.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.myseachexplorer.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\System32\msblank.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.myseachexplorer.com/sp2.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ljrzw.dll/sp.html#10001
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R3 - Default URLSearchHook is missing
F3 - REG:win.ini: run=C:\WINDOWS\System32\svc.exe
N1 - Netscape 4: user_pref("browser.startup.homepage", "www.google.ca"); (C:\Program Files\Netscape\Users\usman_shaikh\prefs.js)
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [PCI TV Card Remote Control Applet] C:\WINDOWS\713xRMT.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Ercpkv] C:\Program Files\Uxyn\Wzoqu.exe
O4 - HKLM\..\Run: [KernelCheck] C:\WINDOWS\System32\m00.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\popcorn320.exe rundll.dll,LoadMouseProfile
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [KernelCheck] C:\WINDOWS\System32\m00.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE
O4 - Startup: Athan.lnk = C:\Program Files\Athan\Athan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {5071F29E-AFC7-4217-975B-436C74D8D875} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5071F29E-AFC7-4217-975B-436C74D8D875} - (no file) (HKCU)
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O13 - WWW. Prefix: http://
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://quartz.atkinson.yorku.ca/qp2.cab
O16 - DPF: {11111111-1111-1111-1111-111111111111} -
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/gold/default/gf.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://sympatico.zone.msn.com/bingame/zuma/default/popcaploader_v6.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SmartFinder Uninstall (SmartFinder_Uninstall) - Unknown owner - C:\Documents and Settings\Rizwan Shaikh\Desktop\SFUninstaller.exe" service (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

mike_jones

This is part 1 of the the Ewido scan report:

---

ewido security suite - Scan report

---

+ Created on: 1:27:04 PM, 10/10/2005
+ Report-Checksum: D6433262

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{05971453-FE87-CB75-BB1F-338A196198B0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0ECEBD98-802F-9B4D-7308-C983A18EDBEC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{12094FCA-1EE9-6EE5-5B4B-4B1EDA5F575C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{22E7067A-283F-CF1C-4373-210A97C38BDB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2A97DB56-E2B4-967C-AF9F-07FDF74289C2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2CC16CBF-57CB-425A-907D-ABE18223FE62} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2D99FD34-F395-DFB0-0852-36D4976F6E3D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3684B1D1-C737-AA3A-00B8-83FE7FF3C058} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3D1F3C37-49CA-66D3-9877-04375ADE521D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3F15B481-32E2-FE85-96FA-A8976289B4FD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4FBFBE36-BC17-CAB4-CA0B-1F18DD30B292} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{50B9D537-5DB0-52B1-FF6F-ED6C70DA477E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{52343DBF-CF46-B3EA-81BB-8A3DCB6B9A64} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5AF56848-9589-C8BE-DA68-602B3E69097E} -> Spyware.CoolWebSearch : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Linkbuddies : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Firefox\Profiles\e5g0q1mc.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.250:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.251:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.252:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Rizwan Shaikh\Application Data\Mozilla\Profiles\Usman Shaikh\3fudepa8.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\1050030_3004_1592_6908_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\1114802_2804_1608_3960_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\1901656_7860_1592_5848_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\2491638_7860_1592_5488_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\3080960_3004_1592_3136_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\3867162_3004_1592_4920_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\4326008_3060_1608_4560_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\721884_2856_1536_2964_75.41.tmp -> TrojanDownloader.Agent.tv : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\721884_2856_1536_2964_75.41.tmp1 -> Trojan.EliteBar.d : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\984180_2804_1608_7708_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\984264_3004_1592_4836_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\984380_2804_1608_1432_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\984572_3004_1592_8096_70.41.tmp -> Spyware.EliteBar : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\bkdflhnd.exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\Del126.tmp -> TrojanDownloader.Small.asf : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\eokpgnmd.exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\fefclpmd.exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\iinstall.exe -> TrojanDownloader.IstBar.li : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\mY1SwJ.exe -> TrojanDownloader.IstBar.kp : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\nhonfkmd.exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\oanmjdmd.exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\optimize.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\res127.tmp -> Spyware.180Solutions : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\sBlZ5c.exe -> TrojanDownloader.IstBar.kp : Cleaned with backup
C:\Documents and Settings\Rizwan Shaikh\Local Settings\Temp\stealth.yopt -> Dialer.Generic : Cleaned with backup
C:\Program Files\Uxyn\Wzoqu.exe -> Trojan.Small.cy : Cleaned with backup
C:\WINDOWS\Active Setup Log.BAK:bbbpwd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addcd32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\added32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\addet.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addgp.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addjh32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addmw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addoc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addoo.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addpr32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addqe32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addqs32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\adduj.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\addvl.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addww.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\aeqwx.dat:llsiae -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\alibq.txt:decnug -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\alibq.txt:ethqyi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\alibq.txt:soixx -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\alxky.log:pxdewe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\amzsz.dat:kirkve -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\aoyuv.dat:attolr -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\aoyuv.dat:wuzvat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apiav32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apicp32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apidu.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apiev32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apifb.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apifj32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\apigr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apilf.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\apimw.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\apiof.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\apiqv32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\apivg.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apiyg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apiyn.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apizr32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\appag.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appbu32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appbz.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appce.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\appcj.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appea.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appkf32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\appkv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appln.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\applz.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appoo32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\appop32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\apppj32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\apppz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appsl32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appub32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appuo32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Ascd_tmp.ini:fnkbas -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Ascd_tmp.ini:hlidyc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\asmel.dat:djkxxo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\asmel.dat:yclqfk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\asmel.dat:zusobp -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlab.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlah32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlaw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlet.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlfn.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlgg32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlhb32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlhg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atliu32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlld.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlly32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlmj32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlnw.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlps.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlsr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlst.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlvr32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlvx32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlwi32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlyw32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\aueoa.txt:ioazck -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\awemj.dat:tytgox -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\axtcj.dat:hyojyp -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\azqvy.txt:lzelrh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\azwrx.dat:ofemqu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\azwrx.dat:zlbian -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\bijgu.txt:gxsafo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\bjihl.dat:ggwzse -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Blue Lace 16.bmp:dpwhcg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\bootstat.dat:bjuork -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\bootstat.dat:xndpuc -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\bqqna.txt:ulpwpe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\bqquy.txt:oxscvi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\bqquy.txt:vhhmxq -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\bqquy.txt:vvaura -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\bvkpw.log:yxdhps -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\cejzt.dat:ukmulu -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\cejzt.dat:zztiyl -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cghmw.dat:gynxjx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\chipset.log:azpanj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\chipset.log:gotvyr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\chipset.log:rzmnsw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\chzgv.log:jocllq -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\clock.avi:upjol -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\cmaudio.ini:pgnwuq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cmaudio.ini:qfwveb -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\CMCDPLAY.INI:taafit -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\cmihi.log:ogyons -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cmijack.ini:xfmcp -> TrojanDownloader.Agent.oq : Cleaned with backup

mike_jones

This is part 2:

C:\WINDOWS\Coffee Bean.bmp:cfewwb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:hhrbhu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:wpogbl -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\comsetup.log:fqmzh -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\comsetup.log:oecwfg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\comsetup.log:rthomm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\control.ini:ppzldv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\control.ini:zibhje -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\corrh.log:ufobye -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\cpvqf.log:hfvkzj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crdv32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crga32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crge.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crgg.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crgk32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crhf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crik.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crkc32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crkd32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crnx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\croc32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crqc.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crrq.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crsi.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crtr32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crua32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crvv32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crwg.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\cryn32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\cscke.log:ljtxkt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cscke.log:ubugvh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cslot.txt:ttnigk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ctdnl.txt:dkecme -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ctwck.log:fjkogo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cuiiy.dat:kuzthw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cuiiy.dat:uivgwo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cvdjd.txt:jmlamj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3ce32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\d3du32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\d3dx.dat:yquelv -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\d3hl32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3hw.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3ie32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3ix.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\d3jb32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3km.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\d3po.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\d3ri32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3sr32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3st32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\d3tb.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3va.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3zc.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\daaup.log:xkduiy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\dbdik.txt:byolks -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dbdik.txt:mintrq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\desktop.ini:lvmmrr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\desktop.ini:pozmoe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\desktop.ini:rfegsf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\desktop.ini:tvpylk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dhblr.log:oeqbhp -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\DirectX.log:cnkyjz -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\DirectX.log:qeizd -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\DirectX.log:tnaous -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\DirectX.log:txftxr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\DirectX.log:xjyytb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\dlhsw.txt:gejgka -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\dlhsw.txt:tygqmu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dnuqo.txt:itxesl -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dnuqo.txt:kfxlvp -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\dnuqo.txt:mwhlnn -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\dofmp.txt:edofyt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dofmp.txt:ewfrlu -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\dofmp.txt:hosrip -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dofmp.txt:szenwr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dofmp.txt:zlfgxy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\gdnCA2204.exe -> TrojanDownloader.Small.ayl : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\gdnCA2204.exe -> TrojanDownloader.Small.ayl : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.PornWare.PopCap.b : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\v3.dll -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\dpvyc.log:lzzege -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\dpxxh.dat:kaotyb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\DtcInstall.log:buhjuw -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\egquk.log:ugexu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\egzzd.log:lywhfm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\elpfx.dat:gxtobp -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\esmso.dat:zxetva -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\ewfrl.txt:fclyzq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\explorer.scf:loluwd -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\explorer.scf:pehlad -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\exyzr.txt:belxjw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\exyzr.txt:xbqgqd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\exyzr.txt:xdddcb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\FaxSetup.log:exyzrc -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\fclyz.log:ufdcdy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fipag.dat:tonqqq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\fipag.dat:zwtsht -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\fjolh.txt:mpfvsa -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fuxgp.txt:mvaors -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\fuxgp.txt:ommrar -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\fuxgp.txt:zqzewr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Gone Fishing.bmp:hnwxub -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\Gone Fishing.bmp:lbpeyf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Gone Fishing.bmp:pcitso -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\Gone Fishing.bmp:srsjrb -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\grqhm.txt:ihlnvi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\gtusq.dat:hnmydz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\gwjua.txt:aofdxj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\gwjua.txt:mopmxm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\gwjua.txt:uvmchx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\gxtob.log:nyfjon -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hdcex.txt:iffrmr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hdlku.txt:badaxs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hdlku.txt:epirzx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hdlku.txt:mpryxu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hdlku.txt:nneica -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hjbqg.log:fzqxrx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hlfru.txt:blgbzj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hlfru.txt:foxnek -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hoqeb.log:epklze -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\hpbvnstp.bu1:aokhfj -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\hpbvnstp.bu1:umygbu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hpbvnstp.hi1:bgqwgu -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\hpbvnstp.hi1:sxmyje -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\hpbvspst.bu1:mnjlww -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hpbvspst.hi1:uvyayq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hplj1010.bu1:mwrnas -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hplj1010.hi1:bvvfdr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hplj1010.hi1:qqryic -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hplj1010.his:ottulk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hplj1010.his:sefech -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hplj1010.ini:jrclce -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hplj1010.ini:wsqdxk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hprqa.txt:tvnkxb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hqfno.txt:gudhfu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hralj.dat:lxyjws -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hralj.dat:ptaqru -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\htwju.dat:httvlf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\htwju.dat:iiggdg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\htwju.dat:qwjipc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\htwju.dat:yvwnhw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ieas.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ieav.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\iecp32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iecx32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ieea32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iefe.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\iefy.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iehu.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ieog.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ieph.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ieqm32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ietm32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ieua32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ieui32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\iexu32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ieyt32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iezm.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iezo.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\iezu.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ifqbd.txt:amatal -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ifqbd.txt:dfuwza -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ifqbd.txt:jpuvrm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ifqbd.txt:wdjbsu -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\igboc.dat:qmyrbf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ihltm.log:bqnalw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ihltm.log:jnjwdi -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ihltm.log:tnlycv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ihtps.log:mqfjlf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ihtps.log:vgmjtk -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\ihybo.dat:nutwsy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ihybo.dat:soerfh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iis6.log:ewmcpi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iis6.log:fcllxn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iis6.log:nvybt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iis6.log:uoulaz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\imsins.BAK:erxofq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ingic.dat:hqfnod -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ingic.dat:ycvqrx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipaga.dat:xsqtha -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipcc.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipdm.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipfi.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ipge.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipgs32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\iphs32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipjz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipke32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipno.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipsf32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\iptv.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ipul32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipwk32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipyj32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\irblg.txt:azizgr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\irkhd.txt:bgrvkc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\itipn.dat:arqtrn -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\itipn.dat:sztnat -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\itxes.dat:uhkamm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\izadt.log:lamsce -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javacm.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javaeh32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javafd.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javafq.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javags.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javajd32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javamu32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javamy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\javaqy.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javarf32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javarp.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javauf32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javaur32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javaxd32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javazq32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\jaxtq.txt:jlnske -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\jbmnh.txt:umfymh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\jdvwb.dat:csnwpc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\jdvwb.dat:miuogw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\jlpbu.dat:gsgoty -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\jlpbu.dat:mmqlgr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\jogpd.dat:rkynue -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\juikm.log:iuyxpt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\KB823559.log:bvrdre -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\KB835732.log:twjilg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\KB887472.log:aaalyt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\kfvxn.log:kzvkfv -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\kfvxn.log:liqwyv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\kgske.txt:kuomyj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\khuqq.txt:ctsxdk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\khuqq.txt:grtddw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\khyuw.dat:zqkpzi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\kjyed.txt:ywbmp -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\kmtnv.dat:rjvucs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\krzfa.dat:ykeqxh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\kuyie.txt:gilgwx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\kuyie.txt:ppahkw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\kzgds.txt:jbqyew -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\kzgds.txt:qkwvsj -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\lgzfg.txt:cgwngw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ltcur.log:dfpdat -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\luazq.dat:ihsneg -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\luazq.dat:uhosih -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\lvazh.dat:zidlya -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\lvtcr.log:wgiide -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\lvtcr.log:wkorwi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mamtp.txt:ghrodw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mamtp.txt:mipmgo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcbi.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcbl32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\mfccb.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcdu32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcdy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcim32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcjd32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfclz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcnn32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\mfcss.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcuz32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\mfcvt32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcxs32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcxy32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mghps.log:hymzcp -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mhhoo.txt:fjhsiz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mipmg.dat:zzeewz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mixerdef.ini:yotdpj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mktrl.log:enwoye -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mktrl.log:rxlfjg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mktrl.log:yhjtfh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mmyhh.txt:ocyrlb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\morphexe.INI:iiedoj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\morphexe.INI:oqiarn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mozver.dat:hrtzrh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mozver.dat:kfgcsg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mozver.dat:vlnhgn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mpfvs.dat:gdqwfl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mqfjl.txt:omfmix -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msat.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mscb32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mscv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msdfmap.ini:fnafwb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msdfmap.ini:gavwma -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msdfmap.ini:yhirei -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msef32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\msey.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msfc.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\msgr32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msgsocm.log:asmelk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msgsocm.log:bjxijt -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\msgsocm.log:gitolx -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\msgsocm.log:qnxpwb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msgsocm.log:romrsu -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\msip32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msjk32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mslg32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msmqinst.log:pcsmfa -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msmqinst.log:wbrrow -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mspn32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mspp32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msuw32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mswf32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msyg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mszj.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\mtgva.dat:ybnbpl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\muzmz.log:jibeyk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mwhln.dat:aoqvyl -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\mwhln.dat:hftrve -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mwhln.dat:jakjwp -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mwhln.dat:ktxjnu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mwhln.dat:msalkn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\myjme.dat:bbdpqz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\neevk.txt:essrmx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\neevk.txt:umxrry -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\neevk.txt:zglepo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\NeroDigital.ini:lsbpmw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netbx32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\neteu.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netgt32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netou32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netpu.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\netscape.INI:byjbtg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netscape.INI:cfppiz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netscape.INI:iclrhl -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\netscape.INI:ynskqd -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\netsy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netvd.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ngxbr.log:bjlkav -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\ngxbr.log:mmpwti -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\ngxbr.log:ucwusc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nhaet.txt:iungtk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\nhaet.txt:ppujlw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\nizzz.log:hqnooy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\nizzz.log:vgaukj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\nsreg.dat:aixbij -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nsreg.dat:nhtaeu -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\ntdc.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ntdf32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ntdtcsetup.log:gnzxpu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntdtcsetup.log:qupekd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntdtcsetup.log:uzbgnq -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\ntep32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntfc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntfx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\nthp.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntjm32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntka32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntkq32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ntma.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntnb.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntqd.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ntqf32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntuh32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntul32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntww.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntyk32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntzf32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ntzj.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntzu32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_bclrou.txt:zoscsf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_bclrou.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_cxcqrw.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_dmbzgz.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_fqnfbe.txt:sixeju -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_fqnfbe.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_gatsmy.dat:ddcab -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ghxnjo.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_glpjov.log:djislf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_glpjov.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_gufffj.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_hnobjn.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_iflghp.txt:offkx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_iflghp.txt:vkaxfh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_irmqzc.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_jpkdxp.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_jqoymr.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_jrfljy.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_kebqmu.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_kljypq.log:uxquvg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_kljypq.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_kqxtjf.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_krxhag.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_kvhcpq.dat:myiixi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_kvhcpq.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_lqwrqf.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_lzexhu.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_mdkwto.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_mvjpxs.txt:lvrpyq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_mvjpxs.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_nltodj.log:erpwkq -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\n_nltodj.log:utmpgi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_nltodj.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_oakgjd.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_oeipfo.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_opqxhy.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ppojhd.dat:ytipom -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_ppojhd.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_qcguri.log:bijguh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_qcguri.log:wemsky -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_qcguri.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_qsgrwy.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_quovmx.log:jgpycn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_quovmx.log:rmavio -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_quovmx.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_rlvnub.log:ofexnj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_rlvnub.log:uactxj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_rlvnub.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_spfbiu.log:hbvdin -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_spfbiu.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ssguaf.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_szrkds.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_tbvizm.txt:zcojlx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_tbvizm.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_umrray.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_uygqbu.log:tubakr -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\n_uygqbu.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_vbdkwx.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_vzoadq.log:jdzwfz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_vzoadq.log:suvkat -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_vzoadq.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_wbdioi.dat:tfsgtq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_wbdioi.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_wcogmp.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_wqqyfa.dat:yuqcbr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_wqqyfa.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_wwzdpm.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_xmesso.txt:lgkmva -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_xmesso.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_xmlaap.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_xspgzm.log:qvihwb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_xspgzm.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_xwtmmv.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ynqpgi.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_yppyfa.log:hqayfn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_yppyfa.log:nzavxt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_yppyfa.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ypqnhw.log:kmeeht -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_ypqnhw.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_zewvnn.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_zlawhi.log -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ztlyqb.dat:fasasd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ztlyqb.dat -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\oagqy.log:dexrbd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\oagqy.log:oydolv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ocgen.log:atfvuy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ocmsn.log:eeulvz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ococm.dat:vitvj -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:mspolk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:qstfts -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:xqqsjw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\OEWABLog.txt:hsgmyr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\OEWABLog.txt:ofmyxj -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\OEWABLog.txt:vekgfn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\oiwmk.txt:pqjfdy -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\olxap.log:fbenf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\pbavc.dat:ysqxpj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\pkzrk.dat:rcbcsj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\pkzrk.dat:strrab -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\PowerReg.dat:ffdlax -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\ppahk.log:rdjexc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Prairie Wind.bmp:ohzmkv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Prairie Wind.bmp:tihzj -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Prairie Wind.bmp:wtjgmo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\pxdew.log:udnmpw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\pxwma.dll -> Spyware.Webdir : Cleaned with backup
C:\WINDOWS\pywli.txt:hassef -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\pywli.txt:jebrrf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Q312370.log:hjzrov -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Q312370.log:ismlvu -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\Q312370.log:pktoex -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Q312370.log:rqsybq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Q312370.log:yfqcut -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Q817606.log:pytphe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\qdbjb.dat:izmdbo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\qfoxg.log:hdeuga -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\qfwve.dat:dbdikh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\qggew.dat:ococma -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\qgsns.txt:rgipod -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\qmwli.txt:wdzltu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\qndmw.dat:gdhhgk -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\qqryi.dat:pxcesx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\qufxi.log:hjhygz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\qufxi.log:zxvjui -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\qvihw.txt:hfkdpg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\qztgz.log:tdmxfk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\rbpgs.txt:zcaeic -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\rctnh.dat:leedzm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\rctnh.dat:qnsook -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\REGLOCS.OLD:btwqpe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\regopt.log:bcxjho -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\regopt.log:onfzzs -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\regopt.log:qmebyp -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\regopt.log:xniiqk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\rgipo.txt:fzxkgh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\rgipo.txt:ioltim -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Rhododendron.bmp:wktkf -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\River Sumida.bmp:duvrtj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\River Sumida.bmp:hoqebc -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\River Sumida.bmp:tupdjp -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\River Sumida.bmp:udiobq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\rleve.dat:xahpir -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\rnhxy.log:ggvjrn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\romrs.log:qgsnsu -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\rotmr.log:kuolpq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\rpbpf.log:vvoent -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\rpbpf.log:zhoplp -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ruvou.log:ygnlct -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\rvctm.dat:duzqrs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\rzmns.log:rhzufa -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Santa Fe Stucco.bmp:qyyqee -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sbeic.log:ficzyf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sbeic.log:iwhzpy -> Trojan.Agent.bi : Cleaned with backup

mike_jones

This is part 3:


C:\WINDOWS\SchedLgU.Txt:taoott -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkaq32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sdkhl.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sdkig.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sdkjq.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkmf.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkmg32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkmp.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkpb.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sdkra32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sdktk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdktr.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sdkup32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sdkxv32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sdkya.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sdkys32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkzn32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkzv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkzy32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\setup.iss:jjpexs -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\setup.iss:jpeikl -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\setupapi.log:cbvrfv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\setupapi.log:fwaqzg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\setupapi.log:vaduhq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\setupapi.log.0.old:bixnmn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\setupapi.log.0.old:bkijru -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\setupapi.log.0.old:hqrrlx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\setupapi.log.0.old:ysfgta -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\setuplog.txt:krlezd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\setuplog.txt:llpnuk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\setuplog.txt:nboaca -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\setuplog.txt:sedst -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\setuplog.txt:ucnezg -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\setuplog.txt:udlhip -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\setuplog.txt:xxswuq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sifqb.log:qxdjwa -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\siyhv.log:hjbqgi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Soap Bubbles.bmp:clzmgo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Soap Bubbles.bmp:ljyupz -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\Soap Bubbles.bmp:neevkr -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\Soap Bubbles.bmp:rrbxfi -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\Soap Bubbles.bmp:zktdak -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\Sti_Trace.log:cswjto -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\Sti_Trace.log:ihyboa -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\Sti_Trace.log:rbkeqm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sucpc.dat:dlhswu -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\sudbf.txt:kcdjkx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sudbf.txt:yookrj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\svhcr.log:vtdycu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysbc.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\syscf.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysee32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysff32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\syshw32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysjn32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysjo32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\syskz32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysmk.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysob32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sysof32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sysph32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysso32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\systb32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system.ini:bpjygt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system.ini:nuwdwf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\addau32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\addec32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\addeo.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\addgx32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\addig32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\addjl.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addjp32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addli.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addog.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addph.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addqc32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\addtd32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\apiav32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\apibc32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\apicf32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\apies32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\apifc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apifr32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\apiil32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apika32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apike.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apikh.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\apina32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\apinl.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\apiop.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\apirt32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\apirt32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\apivq32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\apiyk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appcd32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\appcg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appdf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appfg.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\appmv.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\appov.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\appps32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\appry32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\appsc32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\appsw.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\appuq.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\appus.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\appvn32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\appvz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appwf32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\appwt.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\appxp.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\atlbx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlca.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\atlgf.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\atlhg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlhp.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\atljd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlkw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlnn.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\atlsd.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\atlvg.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\atlvg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlyu32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlzo32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ccapp.exe -> Spyware.Chiem : Cleaned with backup
C:\WINDOWS\system32\crcq.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\crcx.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\crea.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\crfg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crhl32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\crjc32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\crnw.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\crqv32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\crrf32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\crwx.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\crxa.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\d3ak32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\d3cj32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\d3gk.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\d3hh32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3hr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3ic.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\d3if.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3jl32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\d3mv.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\d3nd32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\d3oj32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3ol32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3ot32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\d3pb.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3pf.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\d3rk32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3tt.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\d3ud.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\d3vj32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3vp32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ieay.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\iebb.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\iedt32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\iedw.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\iedx.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\iehl.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\iehx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ieiq32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\iejb32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\iemj.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ienb32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ienz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ieog.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\iexx.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ieyx32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\iezz.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ipbe32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ipbh32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ipde32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ipet32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\iphr32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ipiq32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ipjk32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ipkd32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ipkk32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ipks.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\iplt32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ipnz.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ipoi.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ipok.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ipot.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ippa32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ippp32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ippw.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ipsq32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ipui32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ipuj32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\iput32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ipws32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ipxx.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ipzv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javacm.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javaec.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\javafx32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javaht.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\javaib.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javajv.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\javali32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javalv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javany32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javaod.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\javaqq32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\javart.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\javauk.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\javazg.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\javazi32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\javazn32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\maxd1.exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\system32\mfcag.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfces.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfcgr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfcik.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\mfciq.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\mfcji.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\mfcnd.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\mfcoo32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfcqc32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\mfcrt32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\mfcsl.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\mfctd.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\mfcub.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfcvs32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\mfcwp.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfcyn.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\mfcyu32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\msbi32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\msci.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\mscn.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\mseb32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\msfd32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\msgy32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\msjg32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\msjh32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\msmv.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\msmx.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\msof32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\msow.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\msra32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\msrn.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\mstj.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\msua.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\msuf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\msxe32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\msyy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\navshext.dll -> Spyware.Chiem : Cleaned with backup
C:\WINDOWS\system32\netap.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netbf.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\netct32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\netdh32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netdz32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\netft.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netib32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netir32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\netix32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\netkc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netkt32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\netnt.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\netob32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\netpi.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\netrb32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\netri.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\nettd.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\netxq.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\netzc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ntaw32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\nthy32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ntjq.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ntkl.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\ntrc.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ntsv.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\nttb.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\nttn.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ntyb32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkad.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sdkad.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkbk32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\sdkbn.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sdkcy.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\sdkdg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkej.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sdkfd32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\sdkha.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\sdkmj.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdknp32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sdkps.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sdkqo.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkqy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkrh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkrk32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sdktw32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sdkwc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkzd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\syscb32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysch.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\syseo.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sysgb.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysje.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\sysmc.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sysmf32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysmq32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sysms32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\sysoi32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysol32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sysrg32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\sysrj.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sysub32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysur.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sysut32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sysvd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysvt.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\sysvu32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\syswi.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ustart.exe -> Spyware.WinAD : Cleaned with backup
C:\WINDOWS\system32\winbp32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\wincg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winch.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\wincl.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\windr32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\winim.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\winiy.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\winkz32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\system32\winld32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winqi32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\winqt32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winsm32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winsn32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\winuu.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\winxp.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winys32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysuu32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\syswh32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysyv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\tazzm.log:raauop -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\tcqjz.dat:nsbnop -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\teijq.dat:ktlzia -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\tiezy.dat:gtusqs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\tpvmz.dat:tmgcdu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\tpvmz.dat:ymmxkc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\tr.exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\tsoc.log:kfvxnh -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ttogx.dat:fpypci -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\tvpog.txt:rjpmxd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ugmyp.dat:mnyhgx -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\uhkba.log:kkirro -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ulzmz.log:clswuq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\upcommv8.mtx:hzhqce -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\upcommv8.mtx:plougr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\upcommv8.mtx:xqicek -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\upehs.txt:upulid -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\uvvkv.dat:alzabb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\uxrky.txt:esryqu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vasxv.dat:kuckew -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vb.ini:puokli -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vb.ini:subcmw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vbaddin.ini:dfocpk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vbaddin.ini:rhtpdl -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vbaddin.ini:xtjeke -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vbwne.dat:dvmqhh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vduqe.txt:tghltc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vduqe.txt:ytskov -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vekgf.txt:hvhxfs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vewpp.log:jimcxv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vocmd.log:kkrgee -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vocmd.log:vghqru -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vonei.dat:qucpqx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vpyzj.txt:dlklyg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vpyzj.txt:nhaete -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vqhkb.dat:lqjdel -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vtdyc.txt:tqqiqv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vwidn.dat:buvuki -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\vwidn.dat:fddekd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vwidn.dat:veugxc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vwidn.dat:yyuitf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vzhqv.txt:zjdojl -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wachr.dat:erbiyv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wachr.dat:fycvzv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wachr.dat:yrvhjd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wbbnb.log:qzfnwh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wcwfo.dat:yyuitf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\webdk.log:cqroih -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\whqtb.log:rjotdn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\whqtb.log:vjdeyc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wiaservc.log:cgsrqa -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\win.ini:njwjsm -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\win.ini:sbvria -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\win.ini:xevsen -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\winamp.ini:htkjyi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\winamp.ini:iysejk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winamp.ini:kyofgf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Windows Update.log:gkbagb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Windows Update.log:uglwkc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\windt.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winez32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winhh.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\winif32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\winjx32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\winnt.bmp:czzkap -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\winnt.bmp:ylufim -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winnt.bmp:zucwbt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\winqh32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\winrm32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\winuv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wiycm.dat:lhucqm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wjbjk.dat:fbvdok -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wjbjk.dat:rvnbvv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wlhlz.txt:vqvxnk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wlhlz.txt:whfhsp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wlmdr.txt:ycojiu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wmsetup10.log:fjolhn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\WMSysPr9.prx:oaxumz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\WMSysPrx.prx:jfwtit -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\WMSysPrx.prx:sbjfku -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\WMSysPrx.prx:znoylu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wxnfb.dat:cggyke -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\wxnfb.dat:jekmlm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wxnfb.dat:koglfx -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\wyake.dat:sorfyn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\xahpi.log:gbfcnc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\xdrnz.dat:jtpuer -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\xdrnz.dat:lewfot -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\xdrnz.dat:zttbzs -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\xgkaw.dat:tsofta -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\xgmsl.dat:kpjkaq -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\xgmsl.dat:ycxphn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\xnyiv.txt:ltzsvk -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\xpbsu.dat:cfvanw -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\xpbsu.dat:julobc -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\xsiyc.log:kmtwzi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\xwxhm.log:hajxtc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\xwxhm.log:ilrlgh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ybzjq.dat:abbdom -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ybzjq.dat:amkzas -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\yehdw.txt:dnmcbl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\yjhua.txt:tnuecu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ynskq.log:dhdtxy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ynskq.log:pssbtp -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ynskq.log:yzpoag -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ypned.log:hmziwk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\yquel.dat:evmbsz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\yquel.dat:iskhna -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\yrrqn.txt:anrvqv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\yvffq.dat:sncasf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\yxrwv.dat:jzcjj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\yzebm.log:phfynr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Zapotec.bmp:scarqz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Zapotec.bmp:tqjzsk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Zapotec.bmp:xwxhmk -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\zcaei.dat:tlfcfi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\zddnb.dat:irkhdn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\zddnb.dat:qaitvq -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\zglep.log:mmyhhs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\zhsmo.log:iixlib -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\zhsmo.log:wiwyri -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\zlfgx.txt:asunxq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\zlfgx.txt:kdswsj -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\zlfgx.txt:ongpoh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\zmtby.dat:lfwbtq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\znqum.log:kcoohv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\zqkpz.dat:hozdir -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ztamw.txt:ddyucx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ztamw.txt:yrrqnu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\zucwb.txt:zhrilu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:aaexem -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:aakckv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:ahmteq -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:akdknf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:aojnoh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:ashell -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:asmbzc -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:axabep -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:axtcjh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:axvjbj -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:azgryw -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:bdnuqe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:bdpewc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:bfesqu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:bfpuxn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:bgtlvm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:bmbavn -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:bmdhjc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:bmqbxi -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:bpfvli -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:btvsyf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:buitoz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:bxozui -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:byoeoh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:capcax -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:cckdcx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:cgojmx -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:cmurvv -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:colbjz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:corwyd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:cslotw -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:ctwcki -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:cyjdda -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:daywpn -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:dgskaw -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:dhblrc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:dkaaxd -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:dnuqoi -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:dofmpm -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:dspuhx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:dtsrvz -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:duotxr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:dwcnkm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:dwxytk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:dxvzhj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:dzkuxa -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:eavmtm -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:ecezut -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:eeclvn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:egplnp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:erdczn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:esuywp -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\_default.pif:exyzrc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:eyqipg -> Trojan.Agent.bi : Cleaned with backup


::Report End

Crunchie

Can you please do the following.

===============

When we're done cleaning off your system, I'd recommend that you install all the critical windows updates available from Microsoft, up to service pack 1. This will help to make your system more secure and prevent many 'problems' from reoccurring in the future.

===============

Run HiJackThis, click "Scan", then check(tick) the following, if present:


R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.myseachexplorer.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.myseachexplorer.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.myseachexplorer.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\System32\msblank.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.myseachexplorer.com/sp2.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ljrzw.dll/sp.html#10001

R3 - Default URLSearchHook is missing

F3 - REG:win.ini: run=C:\WINDOWS\System32\svc.exe

O4 - HKLM\..\Run: [Ercpkv] C:\Program Files\Uxyn\Wzoqu.exe
O4 - HKLM\..\Run: [KernelCheck] C:\WINDOWS\System32\m00.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\popcorn320.exe rundll.dll,LoadMouseProfile
O4 - HKCU\..\Run: [KernelCheck] C:\WINDOWS\System32\m00.exe

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Microsoft AntiSpyware helper - {5071F29E-AFC7-4217-975B-436C74D8D875} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5071F29E-AFC7-4217-975B-436C74D8D875} - (no file) (HKCU)

O13 - WWW. Prefix: http://

O16 - DPF: {11111111-1111-1111-1111-111111111111} -


Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".

===============

Locate and delete the following item(s), if present. Make sure you are able to view system and hidden files/ folders:

folders...

C:\Program Files\Uxyn
C:\Program Files\PartyPoker

files...

C:\WINDOWS\system32\ljrzw.dll
C:\WINDOWS\System32\svc.exe
C:\WINDOWS\System32\m00.exe
C:\WINDOWS\System32\popcorn320.exe

-

Note that some of these file(s)/folder(s) may or may not be present. If present, and cannot be deleted because they're 'in use', try deleting them in "Safe Mode".

-

Reboot.

===============

To help protect your system from hostile ActiveX content, or special 'downloadable' files:

Download, install and keep updated, SpywareBlaster. If you've installed it for the first time:

1) Check for any available updates; if present, they'll be automatically downloaded and installed.
2) Next, "Enable all protection".
3) Exit the program.

-

Note: Remember to regularly check for updates.

===============

After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now.

mike_jones

Hello

I ran HiJackThis and fixed all the files that I had to check mark. I deleted all the folders and files I had to. I rebooted my computer and ran IE, and now the homepage address is: about:blank. The homepage is still a blank white screen.
After doing all this, my new HiJackThis logfile is this:

Logfile of HijackThis v1.99.1
Scan saved at 11:23:08 PM, on 10/10/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\taskmgr.exe
C:\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
N1 - Netscape 4: user_pref("browser.startup.homepage", "www.google.ca"); (C:\Program Files\Netscape\Users\usman_shaikh\prefs.js)
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [PCI TV Card Remote Control Applet] C:\WINDOWS\713xRMT.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE
O4 - Startup: Athan.lnk = C:\Program Files\Athan\Athan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://quartz.atkinson.yorku.ca/qp2.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/gold/default/gf.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://sympatico.zone.msn.com/bingame/zuma/default/popcaploader_v6.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SmartFinder Uninstall (SmartFinder_Uninstall) - Unknown owner - C:\Documents and Settings\Rizwan Shaikh\Desktop\SFUninstaller.exe" service (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

Crunchie

I am no longer seeing signs of infection in your log. Have you tried resetting your home page manually?
Right click on the IE icon on the desktop and go to properties. You should now see an option to set your home page. When done, hit the apply button and OK out.
Let me know how you get on.

shaikhusman

Hello

I've set my homepage up and everything is working just fine. My homepage starts up normally everytime I start up my IE. I wanted to thank you for everything you've done, it probably took a lot of time and effort. Once again, thank you for everything.

Crunchie

No worries .

Now that your PC is clean you need to follow these easy steps to keeping it this way:

Secure your Internet Explorer by going here and following the instructions there.

Better yet, use an alternative browser! Download FireFox and give it a run. It is far more secure than Internet Explorer. Or, you can get Opera which in my opinion, is better still.

Use a firewall to help prevent your PC's control being usurped by undesireables. There is a link to a good, free firewall in my signature.

Install and keep updated, Ad-Aware SE, and Spybot S&D.
Run them both on a regular basis, following the manufacturer's recommendations.

Install an anti-virus. There are some good, free AV's available today. Make sure that it is updated regularly and have it scan your system often.

Check for Windows Updates. Microsoft regularly post updates for your systems safe running. Make sure to take advantage of this. Reboot when installed and return to make sure there are no others.


Clear your Temp folders.
Clear out your Temporary internet files and other temp files.
Go to Start > Settings > Control Panel >Internet Options.
Under the General tab click the Delete temporary internet files,
delete all Offline content as well. Clear out Cookies.

Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all -> File > delete.

Empty/delete the entire contents of the C:\Windows\temp folder and C:\temp folder, if you have one. (Contents but not the folder itself.)

C:\Documents and Settings\username\Local Settings\Temp\

In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to here.

Empty the Recycle Bin.

For XP users.
After something like this it is a good idea to Flush the Restore Points and start fresh.
To flush the XP system Restore Points.

Go to Start>Run and type msconfig. Press enter.

When msconfig opens, click the Launch System Restore Button.
On the next page, click the System Restore Settings link on the left.

Check the box labelled 'Turn off System restore'.

Reboot. Go back in and Turn System Restore Back on. A new Restore Point will be created.

Note that all previous restore points will be lost.

===============

If you have any more problems, post back.

-

Happy surfing,

crunchie.

mike_jones

Hello

Thanks for all the advice, I really appreciate it. Thanks for everything you've done.

Crunchie

You are welcome .

This thread is now closed. If you need it reopened, please send a PM to one of our Mods.

Include the link to the thread and detail why you need it reopened.

If this is not your thread please start a New Topic.