wineula help

Unknown

here what i have on my hijack log pleas ehelp if you can




Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\rsktmy.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Jonathan\Local Settings\Temp\Temporary Directory 7 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL
O2 - BHO: 24T - {4E7BD74F-2B8D-469E-C68A-8D2CF4D5FA7D} - C:\WINDOWS\system\ppc.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dll (file missing)
O2 - BHO: (no name) - {A0269420-A638-4509-889C-8FC3CC85DA7E} - (no file)
O2 - BHO: BestOffers Shopping BHO - {F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} - C:\Program Files\TBONAS\TBONlchr.dll (file missing)
O3 - Toolbar: 24T - {4E7BD74F-2B8D-469E-C68A-8D2CF4D5FA7D} - C:\WINDOWS\system\ppc.dll
O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - C:\Program Files\RXToolBar\RXToolBar.dll (file missing)
O3 - Toolbar: BestOffers Shopping v1.20 - {7FD44536-9DF0-4034-939F-5BD4D98E3187} - C:\Program Files\TBONAS\TBONlchr.dll (file missing)
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [*eulautil] C:\WINDOWS\addins\eulautil.exe
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [qwlofeh] C:\WINDOWS\System32\rsktmy.exe r
O4 - HKCU\..\Run: [DriverLoad] c:\DriverLoad\dl.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c10.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {9EAC0186-5F5A-4362-B120-15C312CE012D} - http://www.awmdabest.com/cabl/369/tb.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab?refid=1041
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://us.i1.yimg.com/us.yimg.com/i/chat/webcam/v110/yvwrctl.cab
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\PROGRA~1\RXTOOL~1\sfcont.dll
O20 - Winlogon Notify: wineula - C:\DOCUME~1\Jonathan\LOCALS~1\Temp\alueniw.dat
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Rawe

Hello and welcome to Short-Media..
Please download the latest version of Ad-Aware from HERE (if you already have Ad-Aware installed, make sure that it is the latest version 1.0.6)

If it's NOT the version 1.0.6, can you then uninstall your current version/delete folder: C:\Program Files\Lavasoft & empty recycle bin. Finally install the latest version.

Download Lavasoft's VX2 Cleaner plug-in HERE

• Install the VX2 Cleaner
• Start Ad-Aware SE
• Go to "Plug-ins"
• Select the VX2 Cleaner plug-in and click "Run Tool" (Before running the VX2 Cleaner, make sure other anti-virus or anti-spyware applications are closed.)
• Click "OK" when asked if you want to execute this tool.
• If your computer isn't infected, click "Close".

If your computer is infected;

• Select "Clean"
• Reboot your system.
• Scan your computer with Ad-Aware:
  
  Set up the Configurations as follows:
  • Click the Gear wheel at the top of the Ad-Aware window
  • Click General > Safety & Settings: Check (Green) all three.
  • Click Tweak > Cleaning Engine > UNcheck "Always try to unload modules before deletion".
  3. Click on "Proceed"
  4. Click on "Scan Now"
  5. Deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat.
  6. Select "Search for low-risk threats"
  7. Run the scanner using the Full Scan (Perform full system scan) mode.
  8. When the scan has completed, select Next.
  9. In the Scanning Results window, select the "Scan Summary" tab.
  10. Check the box next to every "target family" for removal.
  11. Click "Next", Click "OK".
  
  
• Reboot your computer again
• Run a second scan (With Ad-aware & VX2 Cleaner) to make sure the files have been removed from your computer

Post a fresh HiJackThis log to this thread once done (Please post the new log COMPLETELY, with the header)

mav0101

Logfile of HijackThis v1.99.1
Scan saved at 9:53:50 AM, on 11/8/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ghmd.exe
C:\WINDOWS\ghmd.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\DriverLoad\dl.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jonathan\Local Settings\Temp\Temporary Directory 8 for hijackthis.zip\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: 24T - {4E7BD74F-2B8D-469E-C68A-8D2CF4D5FA7D} - C:\WINDOWS\system\ppc.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dll (file missing)
O2 - BHO: (no name) - {A0269420-A638-4509-889C-8FC3CC85DA7E} - (no file)
O2 - BHO: BestOffers Shopping BHO - {F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} - C:\Program Files\TBONAS\TBONlchr.dll (file missing)
O3 - Toolbar: 24T - {4E7BD74F-2B8D-469E-C68A-8D2CF4D5FA7D} - C:\WINDOWS\system\ppc.dll
O3 - Toolbar: BestOffers Shopping v1.20 - {7FD44536-9DF0-4034-939F-5BD4D98E3187} - C:\Program Files\TBONAS\TBONlchr.dll (file missing)
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [*eulautil] C:\WINDOWS\addins\eulautil.exe
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKCU\..\Run: [DriverLoad] c:\DriverLoad\dl.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c10.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {9EAC0186-5F5A-4362-B120-15C312CE012D} - http://www.awmdabest.com/cabl/369/tb.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://us.i1.yimg.com/us.yimg.com/i/chat/webcam/v110/yvwrctl.cab
O20 - Winlogon Notify: wineula - C:\DOCUME~1\Jonathan\LOCALS~1\Temp\alueniw.dat
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

this is the new one after running both adaware 3 times and vx2 cleaner

Rawe

Hello..

That's much better, good job. Some cleaning is left though, you have couple of infections there.

Please print these instructions out, or write them down, as you can't read them during the fix.

First;

Please download Ewido Security Suite it is a free version of the program.

1. Install Ewido Security Suite
2. When installing, under "Additional Options" uncheck..
   • Install background guard
   • Install scan via context menu
3. Launch Ewido, there should be an icon on your desktop, double-click it.
4. The program will now open to the main screen.
5. When you run Ewido for the first time, you will get a warning "Database could not be found!". Click OK. We will fix this in a moment.
   
6. You will need to update Ewido to the latest definition files.
   • On the left hand side of the main screen click update.
   • Then click on Start Update.
7. The update will start and a progress bar will show the updates being installed.
   (the status bar at the bottom will display "Update successful")
8. Exit Ewido. DO NOT run a scan yet.

If you are having problems with the updater, you can use this link to manually update Ewido.
Ewido manual updates

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

Now open Ewido and do a scan of your system.

• Click on scanner
• Click on Complete System Scan and the scan will begin.
• Clean anything it finds.
• Once the scan has completed, there will be a button located on the bottom of the screen named Save report
• Click Save report.
• Save the report .txt file to your desktop or a location where you can find it easily.

Close Ewido.

Reboot normally into Windows.

• Open HiJackThis
• Click on the configure button on the bottom right
• Click on the tab "Misc Tools"
• Click on the Box that says "Uninstall Manager"
• Click on the button "Save list"
• Copy and paste the List from the notebook onto your post along with the Ewido Log.

mav0101

ok here we go didnt know all this stuff could hide in there good god


DivX
DivX Player
eAcceleration
ewido security suite
Gaim (remove only)
Google Toolbar for Internet Explorer
GTK+ Runtime 2.6.9 rev a (remove only)
HijackThis 1.99.1
HomePage&Toolbar Guard
HydraVision
InetDctr
InterActual Player
Internet Explorer Q832894
J2SE Runtime Environment 5.0 Update 2
Java 2 Runtime Environment, SE v1.4.2
Kazaa 3.0
Kazaa Lite K++ v2.4.2
Lavasoft VX2 Cleaner
Learn2 Player (Uninstall Only)
LimeWire 4.8.0
LiveReg (Symantec Corporation)
LucasArts' Star Wars Rebellion
Macromedia Flash Player 8
Macromedia Shockwave Player
Mah Jong Jade Expedition (remove only)
Medal of Honor Allied Assault
Messageware Plus Pack Base Component
Messageware Plus Pack Spell Check Component
Mozilla Firefox (1.0.7)
MSN Messenger 7.0
Norton AntiVirus 2003
Outlook Express Update Q330994
P2P Networking
QuickTime
RPG Maker 2000 1.07b
RTP for RM2K (Png, Wav, Midi, Fonts)
Sacred Underworld
Shockwave
Sound Blaster Live!
Spybot - Search & Destroy 1.2
Star Wars Galactic Battlegrounds
Star Wars Galactic Battlegrounds: Clone Campaigns
Star Wars Galaxies
Star Wars Galaxies: Jump To Lightspeed
Starcraft
Steam
Stronghold
SysSnap
TeamSpeak 2 RC2
The Best Offers
Unreal Tournament
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WildTangent Multiplayer Library
Windows Media Player Hotfix [See wm828026 for more information]
Windows XP Hotfix - KB282010
Windows XP Hotfix - KB820291
Windows XP Hotfix - KB821253
Windows XP Hotfix - KB821557
Windows XP Hotfix - KB823182
Windows XP Hotfix - KB823559
Windows XP Hotfix - KB823980
Windows XP Hotfix - KB824105
Windows XP Hotfix - KB824141
Windows XP Hotfix - KB824146
Windows XP Hotfix - KB825119
Windows XP Hotfix - KB828028
Windows XP Hotfix - KB828035
Windows XP Hotfix (SP2) [See Q329048 for more information]
Windows XP Hotfix (SP2) [See Q329115 for more information]
Windows XP Hotfix (SP2) [See Q329390 for more information]
Windows XP Hotfix (SP2) [See Q329834 for more information]
Windows XP Hotfix (SP2) Q322011
Windows XP Hotfix (SP2) Q327979
Windows XP Hotfix (SP2) Q328310
Windows XP Hotfix (SP2) Q329170
Windows XP Hotfix (SP2) Q329441
Windows XP Hotfix (SP2) Q331953
Windows XP Hotfix (SP2) Q810565
Windows XP Hotfix (SP2) Q810577
Windows XP Hotfix (SP2) Q810833
Windows XP Hotfix (SP2) Q811493
Windows XP Hotfix (SP2) Q814033
Windows XP Hotfix (SP2) Q814995
Windows XP Hotfix (SP2) Q815021
Windows XP Hotfix (SP2) Q817287
Windows XP Hotfix (SP2) Q817606
Windows XP Hotfix (SP2) Q819696
WinFixer 2005 1.0.18.2
Yahoo! Messenger
Yahoo! Messenger Explorer Bar
Yahoo! Toolbar

hijack unistall list

mav0101

---

ewido security suite - Scan report

---

+ Created on: 2:01:37 PM, 11/8/2005
+ Report-Checksum: 6246E2EA

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} -> Spyware.MySearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF} -> TrojanDownloader.WebP2P : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\TypeLib\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{38D4D5D0-423E-4220-B6F9-30918C2AE4A4} -> Spyware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4D1C4E8B-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{630D6140-04C5-4db0-B27A-020D766FF09B} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9F95F736-0F62-4214-A4B4-CAA6738D4C07} -> Spyware.SaveNow : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A0269420-A638-4509-889C-8FC3CC85DA7E} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F78B32D6-D6D8-4137-A18F-91EBE1A4AEDB}\TreatAs\\ -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E}\ProxyStubClsid32\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{1B540D44-3F61-4394-AE30-25FDC3649405}\ProxyStubClsid32\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{26C23254-9C6C-48D8-8BF4-E629104E8B36}\TypeLib\\ -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662}\ProxyStubClsid32\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{4D1C4E8A-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{4D1C4E8C-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{5FF31463-6856-4604-BEE9-D84C92F60BA4}\TypeLib\\ -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD}\ProxyStubClsid32\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C285D18D-43A2-4AEF-83FB-BF280E660A97} -> Spyware.SaveNow : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}\ProxyStubClsid32\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{CE9B37EC-D243-47A2-83DB-3A8350175193}\ProxyStubClsid32\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}\TypeLib\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099}\ProxyStubClsid32\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CLSID -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CLSID\\ -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CurVer -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin.1 -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin.1\CLSID\\ -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CLSID -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CLSID\\ -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CurVer -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin.1 -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin.1\CLSID\\ -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\RunMSC.Loader\CLSID\\ -> Spyware.SaveNow : Cleaned with backup
HKLM\SOFTWARE\Classes\RunMSC.Loader.1\CLSID\\ -> Spyware.SaveNow : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{D88DA98D-48BA-4116-96AB-77C38EAE487F} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498} -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CLSID -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CLSID\\ -> TrojanDownloader.WebP2P : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CurVer -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer.1 -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer.1\CLSID\\ -> TrojanDownloader.WebP2P : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF} -> TrojanDownloader.WebP2P : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A0269420-A638-4509-889C-8FC3CC85DA7E} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/HDPlugin1101.dll\\.Owner -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/HDPlugin1101.dll\\{DBAE7000-01EC-4162-8FEB-8A27AC937CA0} -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/istactivex.dll -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/istactivex.dll\\.Owner -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/istactivex.dll\\{7C559105-9ECF-42B8-B3F7-832E75EDD959} -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Need2FindBar Uninstall -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PSD Tools ChannelUp -> Spyware.BuddyLinks : Cleaned with backup
HKLM\SOFTWARE\Need2Find -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar\Partner -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1053 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1068 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1074 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4492 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4496 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4543 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1053 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1068 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1074 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1053 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1068 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1074 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1116 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1524 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1553 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1641 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Queue -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Status -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Need2Find -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-823518204-682003330-839522115-1004\Software\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
[212] C:\DOCUME~1\Jonathan\LOCALS~1\Temp\alueniw.dat -> Spyware.VirtuMonde : Cleaned with backup
[688] C:\WINDOWS\js128k.dll -> Trojan.Agent.fc : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

mav0101

:mozilla.234:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.271:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.272:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.273:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.274:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.275:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.276:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.277:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.279:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.280:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.281:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.282:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.283:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.287:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.289:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.291:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.325:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Mysearch : Cleaned with backup
:mozilla.326:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Mysearch : Cleaned with backup
:mozilla.331:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.338:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.345:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.346:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.347:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.348:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.350:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.351:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.352:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.353:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.373:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.390:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.391:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.392:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.397:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.414:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.415:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.416:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.417:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.418:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.419:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.420:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.428:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.429:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.459:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.466:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.480:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.484:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.489:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.490:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.491:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.527:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.531:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.546:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.560:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.582:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.620:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.724:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.732:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.752:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
:mozilla.781:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
:mozilla.789:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.790:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.791:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.792:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Matchcraft : Cleaned with backup
:mozilla.793:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.796:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Matchcraft : Cleaned with backup
:mozilla.825:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.826:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.827:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.828:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.836:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Matchcraft : Cleaned with backup
:mozilla.839:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.846:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.847:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.848:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.849:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.850:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.851:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.852:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.853:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.854:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.855:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.856:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.857:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.858:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.859:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.860:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
:mozilla.877:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.887:C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\o52f05ia.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\BlackBox.class-5a623378-3cc15270.class -> Trojan.Java.ClassLoader.f : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\BlackBox.class-7fb5dbb4-414856c0.class -> Trojan.Java.ClassLoader.f : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-35388218-48b01a05.class -> Trojan.Nocheat : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-59f6508d-1c014b22.class -> Trojan.Nocheat : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-645f4c2c-3971a038.class -> Trojan.ClassLoader.Dummy.d : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-727eaad7-7d813df4.class -> Trojan.Nocheat : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-73ac7130-2e469cee.class -> Trojan.ClassLoader.Dummy.a : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\GetAccess.class-4a318e62-446ed463.class -> Trojan.ClassLoader.c : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\InsecureClassLoader.class-38ec64f7-76d72728.class -> Not-A-Virus.Exploit.Java.Bytverify : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ok.class-50ac52d4-3ad46ac4.class -> Trojan.Nocheat : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ok.class-516d207f-41bcbbb8.class -> Trojan.Nocheat : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ok.class-6661719b-2dc02c5e.class -> Trojan.Nocheat : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-1ac02c55-4020c24d.class -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-305f4c99-1bf5e177.class -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-57601442-40106ac6.class -> Trojan.Byteverify : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-57601442-5f947641.class -> Trojan.Byteverify : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\WebCounter.class-3f707b18-504cc941.class -> Trojan.Java.Classloader.C : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\a.jar-43182502-1cf7fe86.zip/a.class -> Trojan.ClassLoader.b : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\a.jar-6bb41746-3ff0d773.zip/a.class -> Trojan.ClassLoader.b : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-13e49ae9-300ff84c.zip/Counter.class -> Not-A-Virus.Exploit.Bytverify : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-13e49ae9-300ff84c.zip/Gummy.class -> Trojan.Java.Femad : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-34e2b6fd-71f45b7e.zip/Counter.class -> Not-A-Virus.Exploit.Bytverify : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-34e2b6fd-71f45b7e.zip/Gummy.class -> Trojan.Java.Femad : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-3ae82c1c-5aee9650.zip/Counter.class -> Not-A-Virus.Exploit.Bytverify : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-3ae82c1c-5aee9650.zip/Gummy.class -> Trojan.Java.Femad : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-586bddde-1206ef8c.zip/Counter.class -> Not-A-Virus.Exploit.Bytverify : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-586bddde-1206ef8c.zip/Gummy.class -> Trojan.Java.Femad : Cleaned with backup
C:\Documents and Settings\Jonathan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jar-32ba6ee6-75677f77.zip/counter.class -> Trojan.ClassLoader.b : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\4 Brothers.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Absynth 3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Access Denied 3.40.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Acronis Privacy Expert Suite 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Adobe Acrobat Reader 7.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Adobe InDesign 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Adobe Photoshop Album 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Advanced Archive Password Recovery 2.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Ahead Nero Burning ROM 6.6.0.8a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Ahead Nero Burning ROM 6.6.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Alcohol 120% 1.9.2.1705.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\AOL AIM Triton 0.6.17.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Ashampoo UnInstaller Suite Plus 1.32.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Astral Masters 1.2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Axialis IconWorkshop 6.0 Corporate.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Bewitched.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\BitDefender Plus 9.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\C-Organizer Professional 3.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\CheckMail 2.53.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\ChrisTV 4.60 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\CorelDRAW Graphics Suite 12.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Day of the Dead 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Default Printer 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\DeviceLock 5.72.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\DiskMonitor 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\DVD Cloner 2.30.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\DZSoft PHP Editor 3.5.0.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\East-Tec Eraser 2004 5.6.0.288 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\EditPlus V. 2.20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\eSignal MetaStock Professional 9.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\FairStars Audio Converter 1.402.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Fantastic Four.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\File Utilities.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\FileRecoveryAngel 1.06.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Focus All CD DVD Burner 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Fontlab Studio 5.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Foxy 1.0.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Genie Soft Backup Manager Pro 5.0.25.1288.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Google Toolbar for Firefox 1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Hitman 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\How to Flirt Tips Hot.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\jv16 PowerTools 2005 1.5.1.307.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\K-Lite Codec Pack 2.53.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Kaspersky Anti-Virus Personal Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Kaspersky Internet Security 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\LockGear Enterprise 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Macro Recorder 2.11.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\McAfee Anti-Spyware Enterprise 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Mcft Windows XP Scene Edition 1.6 INTER.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Metallica -The Art of James Hetfield.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Microsoft Money 2006 Deluxe.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Mootools 3D Photo Browser 8.31.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Moto GP 3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\MusicMatch Jukebox Plus 10.00.1025b.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\My Password Manager 1.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Nero 7 Plugin Pack.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\NewsLeecher 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Norton 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Norton Live Update 100 years.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Opera 8.02.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Panda Titanium Antivirus.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Password Protected Lock 2.9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\PowerArchiver 2006 9.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\PowerGREP 3.2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Pretty Good Registry Tools AIO.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Privacy Defender 7.0.2n.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Red Eye.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Reportizer 2.2.5.73.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Resource Tuner 1.96.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Robots.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Screen VidShot 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Selteco Flash Designer 5.0.22.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Shakira - Live & Off The Record.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\SkinStudio 4.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\SMS Create Pro 5.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\SpaceObServer 1.31.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\SpyPartner 8.90.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\SQL Server Backup 4.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Star Wars - Episode III - Revenge of t.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\SuperSecret 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\TaskSwitchXP 2.0.8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\The Extreme Rally 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\The Machinist(Makinist).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\The Matrix.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\The Pacifier.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\The transpoter 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\The Village.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Trojan Remover 6.3.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Ulead PhotoImpact 11.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Ultra DVD Creator 1.3.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\UltraEdit 11.20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\UltraISO 7.65.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\Willing Webcam 2.7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\WindowBlinds Enhanced 4.5.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\WinDVD Creator Platinum 2.5B0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\WinDVD Platinum 6.0.B06.128C00.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\WinRAR 3.50 Beta 1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\WoltLab Burning Board 2.3.3 + Rus.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\WWW File Share Pro 3.20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Complete\xplorer² 1.3.0.92.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@abetterinternet[2].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@adopt.euroclick[2].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@adopt.specificclick[1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@cbs.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@counter.hitslink[2].txt -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@counter15.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@counter16.sextracker[2].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@counter3.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@counter4.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@counter5.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@cz4.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@cz5.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@e-2dj6wjmioidjglp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@free.wegcash[2].txt -> Spyware.Cookie.Wegcash : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@goldenpalace[2].txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@grandonline[2].txt -> Spyware.Cookie.Grandonline : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@mysearch[2].txt -> Spyware.Cookie.Mysearch : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@paycounter[1].txt -> Spyware.Cookie.Paycounter : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@rotator.adjuggler[2].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@servedby.advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@www.burstbeacon[2].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@www.burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@www.grandonline[1].txt -> Spyware.Cookie.Grandonline : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@xxxcounter[1].txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup
C:\Documents and Settings\Jonathan\Cookies\jonathan@yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Jonathan\Desktop\aimfix_quarantine\18713_Nail.exe.bak -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Jonathan\Desktop\aimfix_quarantine\18717_update.exe.bak -> Backdoor.Rbot : Cleaned with backup
C:\Documents and Settings\Jonathan\Desktop\aimfix_quarantine\18730_iinstall.exe.bak -> TrojanDownloader.IstBar.lq : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\alueniw.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\avajlru.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\bacpi.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\bdksat.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\CBI\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@abetterinternet[1].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@adbrite[1].txt -> Spyware.Cookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@adopt.specificclick[1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@adorigin[2].txt -> Spyware.Cookie.Adorigin : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@e-2dj6wjmicod5wdo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@hypertracker[1].txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@paypopup[2].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@rotator.adjuggler[2].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Cookies\jonathan@www.burstbeacon[1].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\ctts.exe -> TrojanSpy.VBStat.a : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\cvsmvrd.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\D1564\aurora.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\dvdkab.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\game_dl.exe -> Spyware.MetaDirect.a : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\game_install.exe -> Spyware.PurityScan.p : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\ICD5.tmp\ISTactivex.dll -> TrojanDownloader.IstBar : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\istsvc.exe -> TrojanDownloader.IstBar : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\JNH\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\ksat.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\ksatc.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\ksatcca.dat -> TrojanSpy.Agent.ce : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\ksidvrs.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\lrubv.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\nurniam.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\nurnu.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\nuryalp.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\p2psetup.exe -> Spyware.P2PNetworking : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\Patch221.exe -> TrojanDropper.Agent.r : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\pxesm.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\RXB\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\saksat.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\sarva.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\scvi50.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\sm.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\smcca.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\tenpi.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\tunsa.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\TUY\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\vanur.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\vasab.dat -> Spyware.VirtuMonde : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\vrdpa.dat -> Trojan.Vundo : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\VVSNInst.exe -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\Jonathan\Local Settings\Temp\xafkab.dat -> Trojan.Vundo : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Absynth 3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Adobe InDesign 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Ahead Nero Burning ROM 6.6.0.8a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Alcohol 120% 1.9.2.1705.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Ashampoo UnInstaller Suite Plus 1.32.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\DVD Cloner 2.30.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\East-Tec Eraser 2004 5.6.0.288 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\eSignal MetaStock Professional 9.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\FairStars Audio Converter 1.402.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Focus All CD DVD Burner 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Fontlab Studio 5.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Genie Soft Backup Manager Pro 5.0.25.1288.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\McAfee Anti-Spyware Enterprise 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\My Password Manager 1.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Resource Tuner 1.96.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Selteco Flash Designer 5.0.22.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\Willing Webcam 2.7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\WindowBlinds Enhanced 4.5.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\WinDVD Platinum 6.0.B06.128C00.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\WinRAR 3.50 Beta 1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\WoltLab Burning Board 2.3.3 + Rus.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\My Shared Folder\WWW File Share Pro 3.20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\Kazaa\TopSearch.dll -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Mozilla Firefox\plugins\NPNd2fn.dll -> Spyware.MyWebSearch : Cleaned with backup
C:\Program Files\Need2Find -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\N2FFXTBR.JAR -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\N2NTSTBR.JAR -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\PARTNER.DAT -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\Cache -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\Cache\00658169 -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\Cache\00658958 -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\Cache\files.ini -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\History -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\History\search -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\Settings -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\Settings\prevcfg.htm -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\WinFixer 2005 -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\Activate.dat -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\Backup -> Spyware.WinFixer : Cleaned with backup

mav0101

C:\Program Files\WinFixer 2005\bnlink.dat -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\compcln.dll -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\DataBase.sav -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\df_fixer.dll -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\df_kmd.sys -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\df_proxy.dll -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\Download -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\ffCom.dll -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\FFWraper.dll -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\FileTypeRecognizer.dll -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\FixCore.dll -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\flash.ini -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\Install.exe -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\lapv.dat -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\License.rtf -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\lock.dat -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\MMFix.dll -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\Mp3DB -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\MpegDB -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\OEDrop.dll -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\Program.sav -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\pv.dat -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\Repaired -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\sr.exe -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\sr.log -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\StrRes.dll -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\support.url -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\Tasks -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\Template.dbx -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\trace.log -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\unins000.dat -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\unins000.exe -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\up.dat -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\update.log -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\updater.dat -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\Updater.exe -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\WaveDB -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\WFX5.exe -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\WinFixer 2005\wfx5.url -> Spyware.WinFixer : Cleaned with backup
C:\Program Files\winupdates\a.tmp -> Worm.VB.an : Cleaned with backup
C:\Program Files\winupdates\a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Program Files\winupdates\winupdates.exe -> Worm.VB.an : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\HDPlugin1101.dll -> Adware.Gator : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll -> TrojanDownloader.WebP2PInstaller : Cleaned with backup
C:\WINDOWS\drexinit.dll -> Trojan.Agent.co : Cleaned with backup
C:\WINDOWS\dsr.dll -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\dsr.exe -> Trojan.Imiserv.c : Cleaned with backup
C:\WINDOWS\gmd.exe -> Trojan.Delf.ik : Cleaned with backup
C:\WINDOWS\inf\faxacc.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\jaaste.dll -> Trojan.Agent.fc : Cleaned with backup
C:\WINDOWS\js128k.dll -> Trojan.Agent.fc : Cleaned with backup
C:\WINDOWS\msagent\wineula.exe -> Spyware.VirtuMonde : Cleaned with backup
C:\WINDOWS\MTE3MTU6ODoxNg.exe -> Spyware.ISearch : Cleaned with backup
C:\WINDOWS\Sm9uYXRoYW4A\asappsrv.dll -> Spyware.CommAd : Cleaned with backup
C:\WINDOWS\Sm9uYXRoYW4A\command.exe -> Adware.CommAd : Cleaned with backup
C:\WINDOWS\system\ppc.dll -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system\ppc2.dll -> Spyware.Delf : Cleaned with backup
C:\WINDOWS\system32\AdCache -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_0_0_105300.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_0_0_106800.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_0_0_107400.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_1_0_449200.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_1_0_449600.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_1_0_454300.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_2_0_105300.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_2_0_106800.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_2_0_107400.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_3_0_105300.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_3_0_106800.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_3_0_107400.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_4_0_111600.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_4_0_152400.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_4_0_155300.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_4_0_164100.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\drivers\df_kmd.sys -> Trojan.Rootkit.Agent.af : Cleaned with backup
C:\WINDOWS\system32\P2P Networking -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10000-0x0b8af91255458847b2abbb20049bc17f.sig -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10000-0x6d5c35d9fccb38b9613209f11a5d86ae.sig -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10000-0xa0509d8db7bbe24a1cc41d42cec7ecbc.sig -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10000-0xb6e3fdc669cab9a5ddd5442744c33b1e.sig -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10001-108.sig -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10001-3884940531-1.sig -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\index256.dbb -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\P2P Networking.eng -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\Temp\ksatcca.dat -> TrojanSpy.Agent.ce : Cleaned with backup
C:\WINDOWS\vbggtys.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\wt\wtvh.dll -> Spyware.WildTangent : Cleaned with backup


::Report End

Rawe

Hi, you have more left than I expected. I need to write LONG instructions for you today, so we'll get your machine cleaned up. However, if you have time to wait, I can't write them now. I'm not at home.. And all my "material" is at my home computer. You could run a couple online scans while waiting, they always help. You also have an old version of SpyBot, I'll give you proper instructions for upgrade later. Can you also run Ad-aware again with updates, Full System Scan, etc.

Rawe

Ok, I'm back.

Be sure to work through the whole process before jumping into it and ask ANY question(s) before proceeding.

First, please download LSPfix

Get it ready to be used IF NECESSARY but do NOT run it yet. It is only if your internet connection would go broken.

Download KazaaBegone.zip.

Download CleanUp!

Run the CleanUp! installer and get the program ready to be used.

Now we'll remove the following uninstallable malware infections. Please click -> Start -> Control Panel -> Add/Remove programs and remove the following entries (if present):

Kazaa 3.0
Kazaa Lite K++ v2.4.2
P2P Networking
The Best Offers
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WildTangent Multiplayer Library
WinFixer 2005 1.0.18.2

Now run CleanUp:

*IMPORTANT NOTE*
CleanUp deletes EVERYTHING out of your temp/temporary folders, it does not make backups.
If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp

Running CleanUp

• Start CleanUp by double-clicking the icon on your desktop (or from the Start > All Programs menu).
• When CleanUp starts go to the Options button (right side of CleanUp screen)
• Move the arrow down to "Custom CleanUp!"
• Now place a checkmark next to the following (Make sure nothing else is checked!):
  • Delete Cookies
    This is optional, if you leave the box checked it will remove all of your cookies, at this point removing cookies is a good idea
  • Empty Recycle Bins
  • Delete Prefetch files
  • Cleanup! All Users
• Click OK
• Then click on the CleanUp button. This will take a short while, let it do its thing.
• When asked to reboot system select YES
• Close CleanUp

Once rebooted;


Launch KaZaaBegone.exe. Click on "Search for installed componerts only" and hit GO. You will see a list leftover objects. Click "Search & destroy all installed components" and hit GO. The program will remove all installed components, it should inform that uninstalled succesfully. Click "Ok", and exit.

In the event that you lose Internet access after running KazaaBegone, please double-click LSPFix.exe that you downloaded earlier. You will see 2 panels. If there is any file listed in the "Remove" panel on the right-side, leave it as is and just click "Finish>>" then reboot your computer and you should now have access to the Internet. If nothing is listed under the "Remove Panel", do NOT do anything - just close the program. You will need to use another computer to come back here for further instructions on what to do.

After doing this..

Download SpyBot S&D, Click Here

IF you have an older version of SpyBot installed, please do the following first:

1. Undo immunization
2. If SDHelper and TeaTimer are enabled, deactivate them first.
3. If Opera Browser is installed, de-select protection for Opera Immunity
4. Uninstall old version of Spybot S&D
5. Reboot

Install the SpyBot S&D.

Do NOT use TeaTimer yet, as it would interfere with the fixes.

Launch SpyBot. Click on the menu named "mode". Choose "Advanced mode". Confirm with yes if it gives you an warning. Next, click on "Settings", and choose the "Settings" -tab from the list. Scroll down the menu, and make sure you check the following settings for use "Display available Beta- versions" and "Display PGP signature updates".

Then go to the starting menu by clicking on the "SpyBot S&D" tab on the left handside corner. Choose to "Search for Updates". Check EVERY update on the list for use, and hit "Download Updates". It will update SpyBot. When finished, click to SCAN. Remove ALL the entries found in RED color by hitting the checkbox next to them, then clicking "Fix Problems". Exit SpyBot.

FINALLY:

Please do an online virus scan with Panda ActiveScan Here. You need to use Internet Explorer for this scan.

• Once you get to the Panda site, scroll down a bit and click on Scan your PC
• A new window will appear; click on Check Now!
• A new window will appear; fill in the boxes (Country, State, email addy)
• Click on Scan Now! >
  If you have never used ActiveScan before, you will be prompted to install an ActiveX control (asinst.cab) : click on Install. Panda will install the component, and then install the latest signature files.
• From "Select a device to scan...", choose "My Computer"
• Allow the scan to run. It'll take a while.
• When complete, click on "See Report", and then on "Save report"; save it to a convenient location.
• I will need you to post that report in your next reply; simply open the text file, then copy/paste the content here along with a fresh HijackThis Log.

mav0101

ok i got as far as the panda scan when i click this it says cannot do it must have iexplorer 5.0 or later i use firefox so and im searching for a link to pick up explorer

mav0101

could it be my default is set to mozilla ?

Rawe

Ok, you don't have to run Panda.. Just post a fresh HijackThis log and we'll see what's left (if any)

mav0101

Logfile of HijackThis v1.99.1
Scan saved at 2:25:42 PM, on 11/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\World of Warcraft\WoW.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jonathan\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\System32\msblank.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\System32\ybqqh.dll
O2 - BHO: 24T - {4E7BD74F-2B8D-469E-C68A-8D2CF4D5FA7D} - C:\WINDOWS\system\ppc.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dll (file missing)
O3 - Toolbar: 24T - {4E7BD74F-2B8D-469E-C68A-8D2CF4D5FA7D} - C:\WINDOWS\system\ppc.dll (file missing)
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\System32\ybqqh.dll
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [*eulautil] C:\WINDOWS\addins\eulautil.exe
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\popcorn72.exe rundll.dll,LoadMouseProfile
O4 - HKLM\..\Run: [dmimw.exe] C:\WINDOWS\System32\dmimw.exe
O4 - HKCU\..\Run: [DriverLoad] c:\DriverLoad\dl.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c10.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131648662546
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131648653359
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {9EAC0186-5F5A-4362-B120-15C312CE012D} - http://www.awmdabest.com/cabl/369/tb.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://us.i1.yimg.com/us.yimg.com/i/chat/webcam/v110/yvwrctl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B5FC17A-CDBF-4275-943D-C60E6350C677}: NameServer = 85.255.114.40,85.255.112.132
O17 - HKLM\System\CCS\Services\Tcpip\..\{C87E0C16-FD6C-41C8-8803-3AC173E88595}: NameServer = 85.255.114.40,85.255.112.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{6B5FC17A-CDBF-4275-943D-C60E6350C677}: NameServer = 85.255.114.40,85.255.112.132
O17 - HKLM\System\CS2\Services\Tcpip\..\{6B5FC17A-CDBF-4275-943D-C60E6350C677}: NameServer = 85.255.114.40,85.255.112.132
O20 - Winlogon Notify: wineula - C:\DOCUME~1\Jonathan\LOCALS~1\Temp\alueniw.dat (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Rawe

Ok ot clean yet. But DEFINITELY loads better than earlier

At this point, you definitely need to install AVG (Free anti-virus software).

Click HERE for AVG. Download the program, then install it, launch it, configure the settings as you like, then update it.

Reboot into Safe Mode.

Run a FULL SYSTEM SCAN with AVG. Remove all it finds/can, then reboot back into normal mode and post a fresh HijackThis log.

mav0101

Logfile of HijackThis v1.99.1
Scan saved at 10:02:13 AM, on 11/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ghmd.exe
C:\WINDOWS\ghmd.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Documents and Settings\Jonathan\Local Settings\Temp\Temporary Directory 6 for hijackthis.zip\HijackThis.exe
C:\WINDOWS\System32\wuauclt.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [*eulautil] C:\WINDOWS\addins\eulautil.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [dmeba.exe] C:\WINDOWS\System32\dmeba.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c10.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131648662546
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131648653359
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {9EAC0186-5F5A-4362-B120-15C312CE012D} - http://www.awmdabest.com/cabl/369/tb.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://us.i1.yimg.com/us.yimg.com/i/chat/webcam/v110/yvwrctl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B5FC17A-CDBF-4275-943D-C60E6350C677}: NameServer = 85.255.114.40,85.255.112.132
O17 - HKLM\System\CCS\Services\Tcpip\..\{C87E0C16-FD6C-41C8-8803-3AC173E88595}: NameServer = 85.255.114.40,85.255.112.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{6B5FC17A-CDBF-4275-943D-C60E6350C677}: NameServer = 85.255.114.40,85.255.112.132
O17 - HKLM\System\CS2\Services\Tcpip\..\{6B5FC17A-CDBF-4275-943D-C60E6350C677}: NameServer = 85.255.114.40,85.255.112.132
O20 - Winlogon Notify: wineula - C:\DOCUME~1\Jonathan\LOCALS~1\Temp\alueniw.dat (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

this is startin to look a whole lot better thanks man

Rawe

Now only a bit cleaning left, let's finalize it You did a great job!

Please print these instructions out, or write them down, as you can't read them during the fix.

1) Please download the Killbox by Option^Explicit.

2) Save it to your desktop.

3) Run Killbox.exe.

4) Select "Delete on Reboot".

5) Copy the file names below to the clipboard by highlighting ALL of them then press CTRL + C

C:\WINDOWS\ghmd.exe
C:\WINDOWS\addins\eulautil.exe
C:\WINDOWS\System32\dmeba.exe

6) Return to Killbox, go to the File menu, and choose "Paste from Clipboard".

7) Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. If your computer does not restart automatically, please restart it manually.

Reboot.

Make sure you are disconnected from the Internet and that all programs and windows are closed. Run HiJackThis. Place a check next to the following items and click FIX CHECKED:

O4 - HKLM\..\Run: [*eulautil] C:\WINDOWS\addins\eulautil.exe
O4 - HKLM\..\Run: [dmeba.exe] C:\WINDOWS\System32\dmeba.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/M.../bridge-c10.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {9EAC0186-5F5A-4362-B120-15C312CE012D} - http://www.awmdabest.com/cabl/369/tb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B5FC17A-CDBF-4275-943D-C60E6350C677}: NameServer = 85.255.114.40,85.255.112.132
O17 - HKLM\System\CCS\Services\Tcpip\..\{C87E0C16-FD6C-41C8-8803-3AC173E88595}: NameServer = 85.255.114.40,85.255.112.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{6B5FC17A-CDBF-4275-943D-C60E6350C677}: NameServer = 85.255.114.40,85.255.112.132
O17 - HKLM\System\CS2\Services\Tcpip\..\{6B5FC17A-CDBF-4275-943D-C60E6350C677}: NameServer = 85.255.114.40,85.255.112.132
O20 - Winlogon Notify: wineula - C:\DOCUME~1\Jonathan\LOCALS~1\Temp\alueniw.dat (file missing)

Close HiJackThis.

Reboot and connect back to the Internet. Post a final HijackThis log once done.

mav0101

Logfile of HijackThis v1.99.1
Scan saved at 5:20:52 PM, on 11/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Documents and Settings\Jonathan\Local Settings\Temp\Temporary Directory 9 for hijackthis.zip\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [dmvmm.exe] C:\WINDOWS\System32\dmvmm.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131648662546
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131648653359
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://us.i1.yimg.com/us.yimg.com/i/chat/webcam/v110/yvwrctl.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Rawe

Wow, not sure why you're getting more bad files.

One more file to delete/one more checkfix in HijackThis (at least it should, unless you get some infection again)

Run a scan with HijackThis and check the following object for removal:

O4 - HKLM\..\Run: [dmvmm.exe] C:\WINDOWS\System32\dmvmm.exe

Reboot. After reboot, delete the following file:

C:\WINDOWS\System32\dmvmm.exe

Empty recycle bin. Post back & let me know how's the system running so we can get you're machine some preventive measures.

mav0101

i ran another hijack to find that file and it was not there hmmm anyways its running good faster than before by far still sometimes i get a message saying somethin about your current src settings prevent running active x controls on somethin but thats the only thing i see wrong with it now thanks a bunch man hers a new hijack
Logfile of HijackThis v1.99.1
Scan saved at 12:17:20 PM, on 11/13/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\AIM\aim.exe
C:\Documents and Settings\Jonathan\Local Settings\Temp\Temporary Directory 11 for hijackthis.zip\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmesus.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131648662546
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131648653359
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://us.i1.yimg.com/us.yimg.com/i/chat/webcam/v110/yvwrctl.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

mav0101

and also when i open mozill a i get this mssg

shockwave flash

this plugin preformed a illegal operation you are strongly advised to resart navigator

Rawe

I'm not sure about your flash problem. Let's try this..

Uninstall the plugin. Reboot, download & install the latest version of it and see if it goes away.

As for the ActiveX controls, you should check your internet settings through the browser (do you use Internet Explorer at-all?) After that:

First priority: Install Service Pack 2 by visiting WindowsUpdates. After you have installed it, reboot, download & install ALL the available critical updates.

Post back and let me know how's it running, so I can finally give you a useful list of proper internet-security programs

mav0101

runnin great thanks man

Rawe

Glad to be of help, good for you.

Let's clear out your restore points now.

Disable System Restore;

1. Click Start > Programs > Accessories > Windows Explorer
2. Right-click My Computer, and then click Properties.
3. Click the System Restore tab.
4. Check the "Turn off System Restore"
5. Click Apply. An message shows up.
6. Click "Yes" to do this.
7. Confirm with "Ok".

Reboot.

Enable System Restore;

1. Click Start.
2. Right-click My Computer, and then click Properties.
3. Click the System Restore tab.
4. Uncheck the "Turn off System Restore" check box.
5. Click Apply, and then click "OK".

Be sure to set a new restore point.

Here's some tips for future to prevent spyware;

Detect and Remove Programs:

• How to use Ad-Aware to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware.
• How to use Spybot to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware.

Prevention Programs:

• Spywareblaster <= SpywareBlaster will prevent spyware from being installed. (My favourite)
• Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts.
• MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
• Google Toolbar <= Get the free google toolbar to help stop pop up windows.

Other necessary Programs:

• AntiVirus Program <= An AntiVirus program is a must! Whether it is a free version like AVG or Anti-Vir, or a shareware version like Norton or Kaspersky, this is a must have.
• Firewall <= A firewall is definatley a must have. Two good free versions are Sygate and ZoneLabs.
• More Secure Browser <= Internet Explorer is not the most secure and best browser. There are safer and better alternatives available. I recommend Firefox.
• EULAlyzer by Javacool <= No need to read End user license agreements when installing software--
  
  # Discover potentially hidden behavior about the software you're going to install
  # Pick up on things you missed when reading license agreements
  # Keep a saved database of the license agreements you view
  # Instant results - super-fast analysis in just a second

And also see TonyKlein's good advice;
So how did I get infected in the first place? (My favourite)

Crunchie

As this topic is now resolve, this thread is now closed. If you need it reopened, please send a PM to one of our Mods.

Include the link to the thread and detail why you need it reopened.

If this is not your thread please start a New Topic.