Can't Run Clean Disk hijackthis[inactive]
Please help me resolving this issue. when I login into my computer, I get all the pop-ups then the mouse pointer becomes very slow. I tried to do clean disk but nothing happens. I want to post hijackthis log which i have done it last year when i had problems with the other computer. Safemode didn't work either. sorry for making this too long, any kind of help or suggestions are greatly appreciated.
0
This discussion has been closed.
Comments
http://www.silentrunners.org/Silent%20Runners.zip
Unzip it to the desktop and double-click on it. If you get any kind of warning message about scripts, please choose to allow the script to run. When the scan is finished, a message will pop up and a logfile will have been created on the desktop. Please post the entire contents of this logfile for me to see.
here is the post anf thanks again:
"Silent Runners.vbs", revision 45, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Yahoo! Pager" = "C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet" ["Yahoo! Inc."]
"Volume Controller" = "VolumeControl.exe" [null data]
"Register Manager" = "RegistryManage.exe" [null data]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"LDM" = "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [file not found]
"vodko" = "C:\WINDOWS\system32\aarrnn.exe reg_run" [null data]
"SurfSideKick 3" = "C:\Program Files\SurfSideKick 3\Ssk.exe" [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"NeroCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"C-Media Mixer" = "Mixer.exe /startup" ["C-Media Electronic Inc. (www.cmedia.com.tw)"]
"Winamp Player 6" = "WINAMP6.EXE" [null data]
"AOL 9.0 Optimized" = "AOLCLIENT.EXE" [null data]
"Volume Controller" = "VolumeControl.exe" [null data]
"Register Manager" = "RegistryManage.exe" [null data]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" ["Sun Microsystems, Inc."]
"WinampAgent" = "C:\Documents and Settings\Ewan\My Documents\Winamp\winampa.exe" [file not found]
"Adobe Photo Downloader" = ""C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"" ["Adobe Systems Incorporated"]
"iTunesHelper" = ""C:\Program Files\iTunes\iTunesHelper.exe"" ["Apple Computer, Inc."]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"Winamp Sound System" = "winampcss.exe" [null data]
"YOP" = "C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart" ["Yahoo! Inc."]
"keyboard" = "C:\\keyboard20.exe" ["."]
"TheMonitor" = "C:\WINDOWS\SYSC00.exe" [null data]
"yrvjnl" = "C:\WINDOWS\System32\aarrnn.exe reg_run" [null data]
"w05ad610.dll" = "RUNDLL32.EXE w05ad610.dll,I2 000bccde005ad610" [MS]
"{09-96-61-1C-ZN}" = "C:\windows\system32\psdsregk.exe CORN004" [empty string]
"dsfzyc" = "C:\WINDOWS\system32\dsfzyc.exe" [empty string]
"pop06ap" = "C:\WINDOWS\pop06ap2.exe" [null data]
"sys02534028260-1" = "C:\WINDOWS\sys02534028260-1.exe" [null data]
"Configuration Manager" = "C:\WINDOWS\cfg32.exe" [empty string]
"ZPoint" = "C:\WINDOWS\System32\winmuse.exe" [null data]
"SurfSideKick 3" = "C:\Program Files\SurfSideKick 3\Ssk.exe" [null data]
"BrowserUpdateSched" = "C:\WINDOWS\system32\twintqaf.exe CORN004" [empty string]
"webHancer Agent" = "C:\Program Files\webHancer\Programs\whagent.exe" ["webHancer Corporation"]
"webHancer Survey Companion" = "C:\Program Files\webHancer\Programs\whsurvey.exe" ["webHancer Corporation"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
Click Start > Control Panel.
In the Control Panel window, double-click Add or Remove Programs.
Click Surf Sidekick.
(Note: You may need to use the scroll bar to view the whole list.)
Click Add/Remove. Follow the prompts.
Then download, install, and update the free version of Ewido Anti-Malware:
Now download Brute Force Uninstaller to your desktop.
- Right click the BFU folder on your desktop, and choose Extract All
- Click "Next"
- In the box to choose where to extract the files to, click "Browse"
- Click on the + sign next to "My Computer"
- Click on "Local Disk (C:) or whatever your primary drive is
- Click "Make New Folder"
- Type in BFU
- Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
RIGHT-CLICK HERE and choose "Save As" (in IE it's "Save Target As") in order to download Alcan worm remover.Save it in the same folder you made earlier (c:\BFU).
Do not do anything with these yet!
Reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping F8 until a menu appears. Highlight Safe Mode and hit Enter.
Once in Safe Mode, please go to Start > My Computer and navigate to the C:\BFU folder.
Open Ewido:
- Click on scanner
- Click on Complete System Scan and the scan will begin.
- You will be prompted to clean the first infection.
- Select "Perform action on all infections", then proceed.
- Once the scan has completed, there will be a button located on the bottom of the screen named Save report
- Click Save report.
- Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido anti-malware.Reboot into normal Windows and post the contents of the Ewido text report that you saved and a new Silent Runners log.
here is the post:
ewido anti-malware - Scan report
+ Created on: 2:24:21 AM, 5/20/2006
+ Report-Checksum: CC6EBE6C
+ Scan result:
HKLM\SOFTWARE\Classes\AppID\BookedSpace.DLL -> Adware.BookedSpace : Cleaned with backup
HKLM\SOFTWARE\Classes\Bho8.adlog -> Adware.Adlogix : Error during cleaning
HKLM\SOFTWARE\Classes\Bho8.adlog.1 -> Adware.Adlogix : Error during cleaning
HKLM\SOFTWARE\Classes\BookedSpace.Extension -> Adware.BookedSpace : Error during cleaning
HKLM\SOFTWARE\Classes\BookedSpace.Extension.5 -> Adware.BookedSpace : Error during cleaning
HKLM\SOFTWARE\Classes\IeBHOs.Control -> Adware.E2G : Error during cleaning
HKLM\SOFTWARE\Classes\IeBHOs.Control.1 -> Adware.E2G : Error during cleaning
HKLM\SOFTWARE\Classes\IMIToolbar.BottomFrame -> Adware.IEPlugin : Error during cleaning
HKLM\SOFTWARE\Classes\IMIToolbar.BottomFrame.1 -> Adware.IEPlugin : Error during cleaning
HKLM\SOFTWARE\Classes\IMIToolbar.imiTool -> Adware.IEPlugin : Error during cleaning
HKLM\SOFTWARE\Classes\IMIToolbar.imiTool.1 -> Adware.IEPlugin : Error during cleaning
HKLM\SOFTWARE\Classes\IMIToolbar.LeftFrame -> Adware.IEPlugin : Error during cleaning
HKLM\SOFTWARE\Classes\IMIToolbar.LeftFrame.1 -> Adware.IEPlugin : Error during cleaning
HKLM\SOFTWARE\Classes\IMIToolbar.PopupBrowser -> Adware.IEPlugin : Error during cleaning
HKLM\SOFTWARE\Classes\IMIToolbar.PopupBrowser.1 -> Adware.IEPlugin : Error during cleaning
HKLM\SOFTWARE\Classes\IMIToolbar.PopupWindow -> Adware.IEPlugin : Error during cleaning
HKLM\SOFTWARE\Classes\IMIToolbar.PopupWindow.1 -> Adware.IEPlugin : Error during cleaning
HKLM\SOFTWARE\Classes\KBBar.KBBarBand -> Adware.PowerStrip : Error during cleaning
HKLM\SOFTWARE\Classes\KBBar.KBBarBand.1 -> Adware.PowerStrip : Error during cleaning
HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup
HKLM\SOFTWARE\webhancer -> Adware.WebHancer : Cleaned with backup
HKLM\SOFTWARE\webhancer\CC -> Adware.WebHancer : Cleaned with backup
HKU\S-1-5-21-1454471165-113007714-854245398-1005\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup
HKU\S-1-5-21-1454471165-113007714-854245398-1005\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup
C:\503_617.exe -> Trojan.Small : Cleaned with backup
C:\bintheredunthat\LottoFun.exe -> Dropper.Agent.hl : Cleaned with backup
C:\bintheredunthat\shsagoq.exe -> Hijacker.VB.ij : Cleaned with backup
C:\bintheredunthat\w0111674.dll -> Downloader.Agent.ahv : Cleaned with backup
C:\bintheredunthat\w05ad610.dll -> Downloader.Agent.ahv : Cleaned with backup
C:\djiejrjk.exe/sc2.reg -> Trojan.LowZones.f : Error during cleaning
C:\djiorj.exe/sc2.reg -> Trojan.LowZones.f : Cleaned with backup
C:\dk0eokr.exe/sc2.reg -> Trojan.LowZones.f : Cleaned with backup
C:\dkeopke.exe/sc2.reg -> Trojan.LowZones.f : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@cartoonnetwork.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@chicagosuntimes.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@cz5.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@data1.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@data3.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@data4.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wfkiwjdjegp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wfkoomazcho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wgkosicjwdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wgkyggc5klo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wgkyopcjchp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wjk4soazmgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wjk4undjkdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wjkoalcpebp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wjliajdpibo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wjlyqgc5wao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@e-2dj6wjnyshazwgq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@eztracks.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@h.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@maxim.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@meijer.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@prizeamerica.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@stats3.porntrack[1].txt -> TrackingCookie.Porntrack : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@stubhub.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@tribuneinteractive.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@try.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@vitacost.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@www.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Ewan\Cookies\ewan@ysbweb[2].txt -> TrackingCookie.Ysbweb : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@banner.paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@data3.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@freeringtonesnow.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@h.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@try.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Cookies\ewan@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temp\Temporary Internet Files\Content.IE5\3P5FVE6Y\r3[1].exe/sc2.reg -> Trojan.LowZones.f : Cleaned with backup
C:\Documents and Settings\Ewan\Local Settings\Temporary Internet Files\Content.IE5\K5YRCPAN\ie0604[2].htm -> Not-A-Virus.Exploit.JS.CVE20061359.b : Cleaned with backup
C:\Documents and Settings\Ewan\msdirectx.sys -> Rootkit.Agent.l : Cleaned with backup
C:\Documents and Settings\Ewan\sc2.reg -> Trojan.LowZones.f : Cleaned with backup
C:\Documents and Settings\Izis\Desktop\sc2.reg -> Trojan.LowZones.f : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\010N83A070\2116.tmp -> Downloader.VB.ada : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\010N83A070\2124.tmp -> Downloader.Qoologic.at : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@ads.searchingbooth[1].txt -> TrackingCookie.Searchingbooth : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@banner.paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@banners.searchingbooth[1].txt -> TrackingCookie.Searchingbooth : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@epilot[1].txt -> TrackingCookie.Epilot : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@lovefreegames.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@media.top-banners[1].txt -> TrackingCookie.Top-banners : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@popuptraffic[1].txt -> TrackingCookie.Popuptraffic : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@www.adtrak[1].txt -> TrackingCookie.Adtrak : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@www.epilot[1].txt -> TrackingCookie.Epilot : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@www.popuptraffic[1].txt -> TrackingCookie.Popuptraffic : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Cookies\izis@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\f110338.exe -> Downloader.Qoologic.bj : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\f131619.exe -> Downloader.Qoologic.bj : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\f162723.exe -> Downloader.Qoologic.bj : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\f481211.exe -> Downloader.Qoologic.bj : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\f98701.exe -> Downloader.Qoologic.bj : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\gxoykv.exe -> Worm.SpyBot.dg : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\hbgfi.exe -> Worm.SpyBot.dg : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\iB.tmp -> Adware.SurfSide : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\migconf2.exe -> Downloader.Agent.aaf : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\pre.exe -> Dropper.Agent.hl : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\TBPS.exe -> Adware.WebSearch : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\tb_setup.exe -> Adware.WebSearch : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Temporary Internet Files\Content.IE5\8PS7Y9M3\phpxi[1].txt -> Backdoor.Haxdoor.il : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Temporary Internet Files\Content.IE5\GTI74P6N\installerwnus[1].exe -> Downloader.Qoologic.at : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Temporary Internet Files\Content.IE5\GTI74P6N\ponvgqnxql[1].txt -> Trojan.Sinowal.n : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\Temporary Internet Files\Content.IE5\WB2N4J4X\defender19a[1].exe -> Hijacker.VB.nh : Cleaned with backup
C:\Documents and Settings\Izis\Local Settings\Temp\toolbar.dll -> Adware.WebSearch : Cleaned with backup
C:\Documents and Settings\Izis\msdirectx.sys -> Rootkit.Agent.l : Cleaned with backup
C:\Documents and Settings\Izis\sc2.reg -> Trojan.LowZones.f : Cleaned with backup
C:\Documents and Settings\Izis\Start Menu\Programs\SpySheriff -> Adware.SpySheriff : Cleaned with backup
C:\Documents and Settings\Izis\Start Menu\Programs\SpySheriff\SpySheriff.lnk -> Adware.SpySheriff : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@c.goclick[1].txt -> TrackingCookie.Goclick : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Mike\msdirectx.sys -> Rootkit.Agent.l : Cleaned with backup
C:\ehcaowl.exe -> Hijacker.Small.kr : Cleaned with backup
C:\gulgdum.exe -> Trojan.Sinowal.n : Cleaned with backup
C:\Install.exe/trufkz.html -> Hijacker.Linker.g : Error during cleaning
C:\Install.exe/x.bat -> Trojan.LowZones.f : Error during cleaning
C:\Install.exe/kans.reg -> Trojan.LowZones.f : Error during cleaning
C:\Install.exe/kansup.reg -> Trojan.LowZones.f : Error during cleaning
C:\kans.reg -> Trojan.LowZones.f : Cleaned with backup
C:\kansup.reg -> Trojan.LowZones.f : Cleaned with backup
C:\NNSCAA638.EXE -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : Cleaned with backup
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.dll -> Trojan.Sinowal.m : Cleaned with backup
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe -> Trojan.Sinowal.m : Cleaned with backup
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00004.dll -> Trojan.Sinowal.m : Cleaned with backup
C:\Program Files\Common Files\misc001\webhc1.exe/whAgent.exe -> Adware.WebHancer : Error during cleaning
C:\Program Files\Internet Explorer\loader.exe -> Downloader.Agent.akj : Cleaned with backup
C:\Program Files\Uninstall Information\horeho.dll -> Downloader.Small.ctp : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1C.tmp\Zango Toolbar\ZangoTBUninstaller.exe -> Adware.180Solutions : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq38.tmp -> TrackingCookie.247realmedia : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq39.tmp -> TrackingCookie.Paypopup : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3A.tmp -> TrackingCookie.Zedo : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3B.tmp -> TrackingCookie.Adserver : Cleaned with backup
C:\qbriulb.exe -> Adware.BHO : Cleaned with backup
C:\RECYCLER\S-1-5-21-1454471165-113007714-854245398-1007\Dc285.exe -> Hijacker.Small : Cleaned with backup
C:\trufkz.html -> Hijacker.Linker.g : Cleaned with backup
C:\visfx500.exe -> Dropper.Agent.aie : Cleaned with backup
C:\WINDOWS\876056.exe -> Adware.Mirar : Cleaned with backup
C:\WINDOWS\ac2_0009.exe -> Downloader.Small.cpu : Cleaned with backup
C:\WINDOWS\cfg32o.dll -> Adware.BookedSpace : Cleaned with backup
C:\WINDOWS\cfg32r.dll -> Adware.BookedSpace : Cleaned with backup
C:\WINDOWS\cfg32s.dll -> Adware.BookedSpace : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\amm06.ocx -> Downloader.VB.bo : Cleaned with backup
C:\WINDOWS\drsmartload45a.exe -> Downloader.Adload.bo : Cleaned with backup
C:\WINDOWS\drsmartload46a.exe -> Downloader.Adload.bo : Cleaned with backup
C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned with backup
C:\WINDOWS\ieunst.exe -> Adware.IEPlug : Cleaned with backup
C:\WINDOWS\installerwnus.exe -> Downloader.Qoologic.at : Cleaned with backup
C:\WINDOWS\ms0628260-153402006.exe -> Adware.Enbrow : Cleaned with backup
C:\WINDOWS\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Cleaned with backup
C:\WINDOWS\pi1_36.exe -> Downloader.Small.cqy : Cleaned with backup
C:\WINDOWS\pop06ap2.exe -> Adware.MediaMotor : Cleaned with backup
C:\WINDOWS\RmFkaSBFd2FuIA\asappsrv.dll -> Adware.CommAd : Cleaned with backup
C:\WINDOWS\RmFkaSBFd2FuIA\command.exe -> Adware.CommAd : Cleaned with backup
C:\WINDOWS\SS1001.exe -> Dropper.Small.qn : Cleaned with backup
C:\WINDOWS\stub_113_4_0_4_0.exe -> Downloader.TSUpdate.o : Cleaned with backup
C:\WINDOWS\sys02534028260-1.exe -> Adware.Enbrow : Cleaned with backup
C:\WINDOWS\system32\adstartup.exe -> Adware.Adstart : Cleaned with backup
C:\WINDOWS\system32\AOLClient.exe -> Worm.SpyBot.dg : Cleaned with backup
C:\WINDOWS\system32\ASL70.DLL -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\aza4093qe.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\bdpanui.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\cesetacl.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GLUVWLUB\AppWrap[1].exe -> Adware.AdURL : Cleaned with backup
C:\WINDOWS\system32\danmpntw.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\dmonwv.dll -> Downloader.Agent.agw : Cleaned with backup
C:\WINDOWS\system32\dsfzy.dll -> Adware.Adstart : Cleaned with backup
C:\WINDOWS\system32\dsfzyc.exe -> Adware.Adstart : Cleaned with backup
C:\WINDOWS\system32\dsfzyd.exe -> Adware.Adstart : Cleaned with backup
C:\WINDOWS\system32\dsfzyf.exe -> Adware.Adstart : Cleaned with backup
C:\WINDOWS\system32\dsreg.exe -> Adware.ZenoSearch : Cleaned with backup
C:\WINDOWS\system32\e4020edoeh0c0.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\en66l1js1.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\enn6l15s1.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\ennul1591.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\f8j20i1oe8.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\fcs.exe -> Adware.Adlog : Cleaned with backup
C:\WINDOWS\system32\fn0021dmg.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\fplm0331e.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\fxhuy.dat -> Downloader.Qoologic.bj : Cleaned with backup
C:\WINDOWS\system32\guard.tmp -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\h00qlad51d0.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\h6j4lg1q16.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\hdiueeg.sys -> Trojan.Painwin.a : Cleaned with backup
C:\WINDOWS\system32\hjakyao.exe -> Trojan.Painwin.a : Cleaned with backup
C:\WINDOWS\system32\hmalefs.vxd -> Trojan.Painwin.a : Cleaned with backup
C:\WINDOWS\system32\HPPhotoManager.exe -> Backdoor.Rbot.adf : Cleaned with backup
C:\WINDOWS\system32\hsajebc.exe -> Trojan.Painwin.a : Cleaned with backup
C:\WINDOWS\system32\htaueco.exe -> Trojan.Painwin.a : Cleaned with backup
C:\WINDOWS\system32\i0lola331d.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\i606lgds1606.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\ir0ql5d51.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\ir2ml5f11.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\ir66l5js1.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\ir8ql5l51.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\irl4l53q1.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\irr0l59m1.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\iv50_32.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\MOCTFP.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\modgxyz.exe -> Adware.Adstart : Cleaned with backup
C:\WINDOWS\system32\mv2ml9f11.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\mv4ql9h51.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\mvn2l95o1.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\mwinnag.exe -> Adware.ZenoSearch : Cleaned with backup
C:\WINDOWS\system32\p06slaj71do.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\p08qlal51dq.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\p0r4la9q1d.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\pldsregl.exe -> Adware.ZenoSearch : Cleaned with backup
C:\WINDOWS\system32\psdsregk.exe -> Adware.ZenoSearch : Cleaned with backup
C:\WINDOWS\system32\q0nu0a59ed.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\q4860elsehq60.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\r46u0ej9eho.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\r4p8le7u1h.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\redist1.dll -> Trojan.Agent.sx : Cleaned with backup
C:\WINDOWS\system32\redistributor.exe -> Trojan.Agent.sx : Cleaned with backup
C:\WINDOWS\system32\RegistryManage.exe -> Backdoor.Rbot.adf : Cleaned with backup
C:\WINDOWS\system32\rnoc3260.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\srdpsrv.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\szcpack.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\szdpsrv.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\s_install_ID8.exe -> Downloader.Small.aav : Cleaned with backup
C:\WINDOWS\system32\TheMatrixHasYou.exe -> Proxy.Small.bo : Cleaned with backup
C:\WINDOWS\system32\tmp_q2.dll -> Downloader.Small.crd : Cleaned with backup
C:\WINDOWS\system32\twintqaf.exe -> Adware.ZenoSearch : Cleaned with backup
C:\WINDOWS\system32\tyemeui.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\unpack.exe -> Trojan.Painwin.a : Cleaned with backup
C:\WINDOWS\system32\VolumeControl.exe -> Backdoor.SdBot.yx : Cleaned with backup
C:\WINDOWS\system32\whploc.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\Winamp6.exe -> Worm.SpyBot.dg : Cleaned with backup
C:\WINDOWS\system32\winampcss.exe -> Backdoor.Agent.rk : Cleaned with backup
C:\WINDOWS\system32\WinATS.dll -> Adware.Mirar : Cleaned with backup
C:\WINDOWS\system32\winbrume.dll -> Adware.BHO : Cleaned with backup
C:\WINDOWS\system32\WinDmy.dll -> Adware.Mirar : Cleaned with backup
C:\WINDOWS\system32\winmuse.exe -> Downloader.Agent.akj : Cleaned with backup
C:\WINDOWS\system32\WinNB57.dll -> Adware.Mirar : Cleaned with backup
C:\WINDOWS\system32\win_e10.exe -> Downloader.Small.cqs : Cleaned with backup
C:\WINDOWS\system32\wrvdmoe.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\ts.exe -> Downloader.TSUpdate.o : Cleaned with backup
C:\WINDOWS\unin101.exe -> Trojan.VB.tg : Cleaned with backup
C:\WINDOWS\uni_eh.exe -> Trojan.VB.tg : Cleaned with backup
C:\WINDOWS\unwn.exe -> Trojan.Qoologic : Cleaned with backup
C:\WINDOWS\visfx500.exe -> Dropper.Agent.aie : Cleaned with backup
C:\WINDOWS\zigi.exe -> Adware.ZenoSearch : Cleaned with backup
C:\WINDOWS\Тasks\rundll32.exe -> Downloader.PurityScan.cl : Cleaned with backup
C:\x.bat -> Trojan.LowZones.f : Cleaned with backup
::Report End
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Yahoo! Pager" = "C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet" ["Yahoo! Inc."]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"LDM" = "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [file not found]
"vodko" = "C:\WINDOWS\system32\aarrnn.exe reg_run" [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"NeroCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"C-Media Mixer" = "Mixer.exe /startup" ["C-Media Electronic Inc. (www.cmedia.com.tw)"]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" ["Sun Microsystems, Inc."]
"WinampAgent" = "C:\Documents and Settings\Ewan\My Documents\Winamp\winampa.exe" [file not found]
"Adobe Photo Downloader" = ""C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"" ["Adobe Systems Incorporated"]
"iTunesHelper" = ""C:\Program Files\iTunes\iTunesHelper.exe"" ["Apple Computer, Inc."]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"YOP" = "C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart" ["Yahoo! Inc."]
"yrvjnl" = "C:\WINDOWS\System32\aarrnn.exe reg_run" [null data]
"w05ad610.dll" = "RUNDLL32.EXE w05ad610.dll,I2 000bccde005ad610" [MS]
"NwCplMonitor" = "C:\WINDOWS\System32\redistributor.exe" [file not found]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{0019C3E2-DD48-4A6D-ABCD-8D32436323D9}\(Default) = (no title provided)
-> {HKLM...CLSID} = "CExtension Object"
\InProcServer32\(Default) = "C:\WINDOWS\cfg32p.dll" ["TODO: <Company name>"]
Meanwhile, let's try cleaning:
Please download Ad-Aware SE Personal and install it. If you already have Ad-Aware SE, please configure it as indicated below. If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06.
1) Run Ad-Aware, and click Check for updates now.
2) Select Configurations (click the Gear wheel at the top) as follows:
- General Button > Safety & Settings: Check (Green) all three.
- Tweak Button > Cleaning Engine > UNcheck "Always try to unload modules before deletion".
Click Proceed.3) To start the scan, Click > "Scan Now" at left
- Deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat.
- Select "Search for low-risk threats"
- Select "Perform full system scan"
- Click Next
4) When the scan has completed, select Next.Now create a folder on your desktop called Sysclean.
Go to http://www.trendmicro.com/download/dcs.asp and download sysclean package to the folder you made.
Go to http://www.trendmicro.com/download/pattern.asp and download the Official Pattern Release for windows to your desktop.
This file will be called lptXXX.zip (XXX represents the version number)
Unzip lptXXX.zip and you'll get the file lpt$vpn.XXX.
Move the lpt$vpn.XXX to that Sysclean-folder you created on your desktop.
Turn off your antivirus which is installed on your system because it can interfere with the Sysclean-scan.
Open the sysclean-folder and doubleclick sysclean.com.
Check: Automatically clean or delete detected files.
Click scan and wait for the scan to complete. Then restart the computer.
Now rescan with Silent Runners. When the log opens up: press Ctrl+A... then Ctrl+C... then Ctrl+V to paste it into your next reply.
Thank you for your advice. I couldn't find Sysclean when clicked on the link: http://www.trendmicro.com/download/dcs.asp
"Silent Runners.vbs", revision 45, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Yahoo! Pager" = "C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet" ["Yahoo! Inc."]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"LDM" = "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [file not found]
"vodko" = "C:\WINDOWS\system32\aarrnn.exe reg_run" [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"NeroCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"C-Media Mixer" = "Mixer.exe /startup" ["C-Media Electronic Inc. (www.cmedia.com.tw)"]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" ["Sun Microsystems, Inc."]
"WinampAgent" = "C:\Documents and Settings\Ewan\My Documents\Winamp\winampa.exe" [file not found]
"Adobe Photo Downloader" = ""C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"" ["Adobe Systems Incorporated"]
"iTunesHelper" = ""C:\Program Files\iTunes\iTunesHelper.exe"" ["Apple Computer, Inc."]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"YOP" = "C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart" ["Yahoo! Inc."]
"yrvjnl" = "C:\WINDOWS\System32\aarrnn.exe reg_run" [null data]
"w05ad610.dll" = "RUNDLL32.EXE w05ad610.dll,I2 000bccde005ad610" [MS]
"NwCplMonitor" = "C:\WINDOWS\System32\redistributor.exe" [file not found]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
((((Rundll:
Error loading w05ad610.dll
The specified module could not be found))))
and this:
((((yop.exe - Unable To Locate Component
This application has failed to start because ISafeIf.dll was not found. Re-installing the application may fix the problem))))
I did try re-install yahooSBC anti Virus system again but still having the same problem. the virus scan can't be turned on!
I have not been able to install any anyvirus software what so ever since almost 2 years. This computer doesn't allow me to install virus scan software. I tried Norton, Mccafee and last one is the YahooSBC...
Thanks in advance for your help and pation..
Once in safe mode, click Start.Open My Computer. Select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading select Show hidden files and folders. Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK.
Navigate to and delete the following files:
C:\WINDOWS\system32\aarrnn.exe
C:\WINDOWS\System32\redistributor.exe
Restart the computer. Try running HijackThis again. Does it work, and produce a log?
Logfile of HijackThis v1.99.1
Scan saved at 12:11:48 AM, on 5/23/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Documents and Settings\Mike\Desktop\Short Media\Hijackthis_fadi\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.short-media.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\qjjvn.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,bfpaxso.exe
O1 - Hosts: 216.19.0.250 idenupdate.motorola.com
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Documents and Settings\Ewan\My Documents\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [w05ad610.dll] RUNDLL32.EXE w05ad610.dll,I2 000bccde005ad610
O4 - HKLM\..\Run: [NwCplMonitor] C:\WINDOWS\System32\redistributor.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O15 - Trusted Zone: *.mmohsix.com
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) - http://apps.deskwizz.com/ax/adwerkz.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120277899389
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O20 - Winlogon Notify: Dynamic Directory - C:\WINDOWS\system32\hrr8059ue.dll (file missing)
O20 - Winlogon Notify: logons - C:\WINDOWS\system32\redist1.dll (file missing)
O20 - Winlogon Notify: xptptt - C:\WINDOWS\SYSTEM32\xptptt.dll
O23 - Service: CAISafe - Unknown owner - C:\Program Files\Yahoo!\Antivirus\ISafe.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: VET Message Service (VETMSGNT) - Unknown owner - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe (file missing)
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
"Silent Runners.vbs", revision 45, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Yahoo! Pager" = "C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet" ["Yahoo! Inc."]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"LDM" = "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [file not found]
"vodko" = "C:\WINDOWS\system32\aarrnn.exe reg_run" [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"NeroCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"C-Media Mixer" = "Mixer.exe /startup" ["C-Media Electronic Inc. (www.cmedia.com.tw)"]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" ["Sun Microsystems, Inc."]
"WinampAgent" = "C:\Documents and Settings\Ewan\My Documents\Winamp\winampa.exe" [file not found]
"Adobe Photo Downloader" = ""C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"" ["Adobe Systems Incorporated"]
"iTunesHelper" = ""C:\Program Files\iTunes\iTunesHelper.exe"" ["Apple Computer, Inc."]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"YOP" = "C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart" ["Yahoo! Inc."]
"yrvjnl" = "C:\WINDOWS\System32\aarrnn.exe reg_run" [null data]
"w05ad610.dll" = "RUNDLL32.EXE w05ad610.dll,I2 000bccde005ad610" [MS]
"NwCplMonitor" = "C:\WINDOWS\System32\redistributor.exe" [file not found]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
http://aboutbuster.clickhereformoreinfo.com/
Now run it and follow the directions. Have the program search the system for offending files and remove them. This program will also reset your homepage (so you'll have to set it back later).
Next download the attached zip file and unzip it to your desktop.
http://www.mvps.org/winhelp2002/DelDomains.inf
Right-click on the deldomains.inf file and select 'Install'
Wait for around five minutes, then restart the computer.
Download haxfix.exe
and save it to your desktop.
A red "dos window" (dos box) will open with options:
1. Make logfile
2. Run auto fix
3. Run manual fix
E. Exit Haxfix
version 2.43
Mon 06/05/2006 22:49:34.63
checking for a3d files....
a3d files found
ps.a3d
checking for matching notify keys....
matching notify keys found
xptp
checking for matching services....
matching services found
xptptt
xptpmm
checking for matching safeboot services....
matching safeboot services found
xptptt.sys
xptpmm.sys
This is Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 10:50:53 PM, on 6/5/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WgaTray.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Mike\Desktop\Short Media\Hijackthis_fadi\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.short-media.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\qjjvn.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,bfpaxso.exe
O1 - Hosts: 216.19.0.250 idenupdate.motorola.com
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Documents and Settings\Ewan\My Documents\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [w05ad610.dll] RUNDLL32.EXE w05ad610.dll,I2 000bccde005ad610
O4 - HKLM\..\Run: [NwCplMonitor] C:\WINDOWS\System32\redistributor.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) - http://apps.deskwizz.com/ax/adwerkz.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120277899389
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O20 - Winlogon Notify: Dynamic Directory - C:\WINDOWS\system32\hrr8059ue.dll (file missing)
O20 - Winlogon Notify: logons - C:\WINDOWS\system32\redist1.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: xptptt - C:\WINDOWS\SYSTEM32\xptptt.dll
O23 - Service: CAISafe - Unknown owner - C:\Program Files\Yahoo!\Antivirus\ISafe.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: VET Message Service (VETMSGNT) - Unknown owner - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe (file missing)
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
Thak you,
- Double click on My Computer -> C:\ -> Program Files > haxfix and double click on fix.bat (or double click on fix.bat desktop icon)
- Close all other open windows since this step requires a reboot
- Select option 2. Run auto fix by typing 2 and then pressing Enter
If an infection is found, you'll get a message to close all other open windows.Now launch HijackThis and place a checkmark by the following entries if they still exist:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\qjjvn.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,bfpaxso. exe
O4 - HKLM\..\Run: [w05ad610.dll] RUNDLL32.EXE w05ad610.dll,I2 000bccde005ad610
O20 - Winlogon Notify: Dynamic Directory - C:\WINDOWS\system32\hrr8059ue.dll (file missing)
O20 - Winlogon Notify: logons - C:\WINDOWS\system32\redist1.dll (file missing)
O20 - Winlogon Notify: xptptt - C:\WINDOWS\SYSTEM32\xptptt.dll
Close all other windows and press "Fix Checked". Then close HijackThis and restart the computer again.
Rescan with HijackThis and post the new log here.
version 2.43
Tue 06/06/2006 17:13:33.05
Auto Haxdoorfix
haxdoor key: xptp
searching for services....
services found
deleting services.....
[SWSC] DeleteService SUCCESS
[SWSC] DeleteService SUCCESS
rebooting the computer.....
haxdoor key: xptp
searching for services....
services not found
checking if files are found.....
xptptt.dll
xptpmm.sys
deleting files.....
checking if files are deleted.....
checking for other files.....
klgcptini.dat
sd.dll
sd.sys
klo5.sys
fux87.ini
deleting other files.....
checking if the files are deleted.....
Finished
Logfile of HijackThis v1.99.1
Scan saved at 5:35:04 PM, on 6/6/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Documents and Settings\Mike\Desktop\Short Media\Hijackthis_fadi\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.short-media.com/
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\qjjvn.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,bfpaxso.exe
O1 - Hosts: 216.19.0.250 idenupdate.motorola.com
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Documents and Settings\Ewan\My Documents\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [NwCplMonitor] C:\WINDOWS\System32\redistributor.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) - http://apps.deskwizz.com/ax/adwerkz.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120277899389
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1149566364571
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: CAISafe - Unknown owner - C:\Program Files\Yahoo!\Antivirus\ISafe.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: VET Message Service (VETMSGNT) - Unknown owner - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe (file missing)
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
Download Avenger from here:
http://swandog46.geekstogo.com/
Open the program. Check the 'Input script manually' option.
Click the Magnifying Glass icon.
In the box that opens, paste this:
Files to delete:
C:\WINDOWS\System32\qjjvn.exe
C:\WINDOWS\SYSTEM32\bfpaxso.exe
and click 'Done'
Click the Traffic Light icon to start the program, and OK the prompts to reboot your PC.
Now scan with HijackThis and place a checkmark by the following entries:
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\qjjvn.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,bfpaxso. exe
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
Close all other windows except HijackThis and press "Fix Checked". Then close HijackThis and restart the computer.
Now run a free online scan with Kaspersky AntiVirus (works only with MS Internet Explorer 5.0 or higher).
Go to http://www.kaspersky.com/virusscanner and click the "Kaspersky Online Scanner" button (NOT "Kaspersky File Scanner").
- In the new window that opens, click the "Accept" button to accept the user agreement, install the ActiveX control, and download the program.
- When you get the Windows dialog asking if you want to install this software, click the "Install" button.
- When the "Update progress" line changes to "Ready" and the "NEXT ->" button lights up with a green arrow, click it.
- Click on the "Scan Settings" button, and in the next window select the "extended" database, and click Ok.
- Under "Please select a target to scan:", click My Computer to start the scan.
When the scan is finished, click the "Save as Text" button, and save the file as kavscan.txt to your Desktop, close the Kaspersky On-line Scanner window, and post the text in kavscan.txt in your next reply.C:\Documents and Settings\Izis\Local Settings\Temp\
Download the trial version of Spy Sweeper from
Here
Install it using the Standard Install option. (You will be asked for your e-mail address, it is safe to give it. If you receive alerts from your firewall, allow all activities for Spy Sweeper)
You will be prompted to check for updated definitions, please do so.
(This may take several minutes)
Click on Options > Sweep Options and check Sweep all Folders on Selected drives. Check Local Disc C. Under What to Sweep, check every box.
Click on Sweep and allow it to fully scan your system.
When the sweep has finished, click Remove. Click Select All and then Next
From 'Results', select the Session Log tab. Click Save to File and save the log somewhere convenient.
Exit Spy Sweeper.
Restart your computer.
Then download Avenger from here:
http://swandog46.geekstogo.com/
Open the program. Check the 'Input script manually' option.
Click the Magnifying Glass icon.
In the box that opens, paste this:
Files to delete:
D:\BSINSTALL.exe
C:\WINDOWS\Тasks\rundll32.exe
C:\WINDOWS\zytanyiv.exe
C:\WINDOWS\WPRE.exe
C:\WINDOWS\system32\scmt16.exe
C:\WINDOWS\system32\run.exe
C:\WINDOWS\system32\install_id6.exe
C:\WINDOWS\system32\fxhuy.dat
C:\WINDOWS\pf78.exe
C:\WINDOWS\money.exe
C:\WINDOWS\cfg32p.dll
C:\Trelew.exe
C:\djiejrjk.exe
C:\Documents and Settings\Ewan\esys44.exe
and click 'Done'
Click the Traffic Light icon to start the program, and OK the prompts to reboot your PC.
Post the Avenger output.txt, which you can find at C:\Avenger\.txt; along with a new Kaspersky Online Scanner log.
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, June 13, 2006 10:43:53 PM
Operating System: Microsoft Windows XP Home Edition, (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 14/06/2006
Kaspersky Anti-Virus database records: 200318
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
Scan Statistics:
Total number of scanned objects: 49608
Number of viruses found: 81
Number of infected objects: 274
Number of suspicious objects: 2
Duration of the scan process: 00:50:40
Infected Object Name / Virus Name / Last Action
C:\djiejrjk.exe/data.rar/esys44.exe Infected: Trojan-Downloader.Win32.Adload.ap skipped
C:\djiejrjk.exe/data.rar/sc2.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\djiejrjk.exe/data.rar Infected: Trojan.WinREG.LowZones.f skipped
C:\djiejrjk.exe RarSFX: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CASClient8.zip/cas2stub.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CASClient8.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\Ewan\esys44.exe Infected: Trojan-Downloader.Win32.Adload.ap skipped
C:\Documents and Settings\Ewan\Local Settings\Temp\tp7543.exe Infected: Trojan-Downloader.Win32.Qoologic.ax skipped
C:\Documents and Settings\Izis\esys44.exe Infected: Trojan-Downloader.Win32.Adload.ap skipped
C:\Install.exe/data.rar/trufkz.html Infected: Trojan-Clicker.JS.Linker.g skipped
C:\Install.exe/data.rar/x.bat Infected: Trojan.WinREG.LowZones.f skipped
C:\Install.exe/data.rar/kans.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\Install.exe/data.rar/kansup.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\Install.exe/data.rar Infected: Trojan.WinREG.LowZones.f skipped
C:\Install.exe RarSFX: infected - 5 skipped
C:\My Downloads\BSPROINSTALL.exe/WISE0023.BIN/data0001.cab/VVSN.exe Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
C:\My Downloads\BSPROINSTALL.exe/WISE0023.BIN/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
C:\My Downloads\BSPROINSTALL.exe/WISE0023.BIN Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
C:\My Downloads\BSPROINSTALL.exe/WISE0027.BIN Infected: not-a-virus:AdWare.Win32.SaveNow.bo skipped
C:\My Downloads\BSPROINSTALL.exe WiseSFX: infected - 4 skipped
C:\My Downloads\BSPROINSTALL.exe WiseSFX Dropper: infected - 4 skipped
C:\Program Files\BSINSTALL.exe/WISE0024.BIN/data0001.cab/VVSN.exe Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
C:\Program Files\BSINSTALL.exe/WISE0024.BIN/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
C:\Program Files\BSINSTALL.exe/WISE0024.BIN Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
C:\Program Files\BSINSTALL.exe WiseSFX: infected - 3 skipped
C:\Program Files\BSINSTALL.exe WiseSFX Dropper: infected - 3 skipped
C:\Program Files\Common Files\simtest\sysstall.exe Infected: Trojan.Win32.Zapchast.bl skipped
C:\Program Files\Common Files\svchostsys\svchostsys.exe Infected: Trojan-Downloader.MSIL.Agent.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP0\A0000003.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP1\A0000017.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP1\A0000018.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.n skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP1\A0000197.exe Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP2\A0000201.exe Infected: Trojan-Downloader.Win32.VB.adb skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP2\A0000209.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP2\A0000235.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP2\A0000240.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP2\A0000241.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP2\snapshot\MFEX-3.DAT Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP2\snapshot\MFEX-4.DAT Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP2\snapshot\MFEX-5.DAT Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP29\A0002394.dll Infected: Backdoor.Win32.Haxdoor.im skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP29\A0002400.sys Infected: Backdoor.Win32.Haxdoor.im skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP29\A0002402.dll Infected: Backdoor.Win32.Haxdoor.im skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP29\A0002403.sys Infected: Backdoor.Win32.Haxdoor.im skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000255.exe Infected: Trojan-Downloader.Win32.VB.adb skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000261.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000271.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000278.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000322.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe/data0002/data0004 Infected: Trojan-Downloader.MSIL.Agent.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe/data0002/data0010 Infected: Trojan.Win32.Zapchast.bl skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe/data0002/data0011/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe/data0002/data0011/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe/data0002/data0011/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe/data0002/data0011/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe/data0002/data0011/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe/data0002/data0011/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe/data0002/data0011 Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe/data0002 Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000369.exe NSIS: infected - 10 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000370.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000388.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000389.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000390.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe/InpB/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe/InpB/SskCore.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe/InpB/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe/InpB/Ssk3RepairInstall.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ap skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe/InpB Infected: not-a-virus:AdWare.Win32.SurfSide.ap skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe CAB: infected - 5 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000393.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ap skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000394.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000410.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000411.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000412.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000413.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000414.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000417.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000418.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000419.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000420.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000421.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000432.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000449.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000450.exe Infected: Trojan-Clicker.Win32.VB.lv skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000454.exe Infected: not-a-virus:AdWare.Win32.SmartLoad.c skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000455.exe Infected: Trojan-Downloader.Win32.Adload.az skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000456.exe Infected: Trojan-Downloader.Win32.Adload.az skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000458.exe Infected: Trojan-Downloader.Win32.VB.ys skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000459.exe Infected: Trojan-Downloader.Win32.VB.ada skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000460.exe Infected: Trojan-Downloader.Win32.VB.ada skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000461.exe Infected: Trojan-Clicker.Win32.VB.lv skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000462.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000463.exe Infected: Trojan-Downloader.Win32.VB.adb skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000464.exe Infected: Trojan-Clicker.Win32.VB.nh skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000465.exe Infected: Trojan-Clicker.Win32.VB.ly skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000466.exe Infected: Trojan-Clicker.Win32.VB.ly skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000468.exe Infected: Backdoor.Win32.Haxdoor.il skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000470.exe Infected: Trojan-PSW.Win32.Sinowal.n skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000471.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000473.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000474.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000478.exe Infected: Trojan-Dropper.Win32.Agent.amf skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000479.exe Infected: Trojan-Dropper.Win32.Agent.hl skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000480.exe Infected: Trojan-Clicker.Win32.VB.ij skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000481.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000482.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000483.exe/data.rar/sc2.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000483.exe/data.rar Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000483.exe RarSFX: infected - 2 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000484.exe/data.rar/esys44.exe Infected: Trojan-Downloader.Win32.Adload.ap skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000484.exe/data.rar/sc2.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000484.exe/data.rar Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000484.exe RarSFX: infected - 3 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000485.exe/data.rar/sc2.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000485.exe/data.rar Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000485.exe RarSFX: infected - 2 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000486.sys Infected: Rootkit.Win32.Agent.l skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000487.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000488.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000489.sys Infected: Rootkit.Win32.Agent.l skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000490.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000492.sys Infected: Rootkit.Win32.Agent.l skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000493.exe Infected: Trojan-Clicker.Win32.Small.kr skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000494.exe Infected: Trojan-PSW.Win32.Sinowal.n skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000495.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000496.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000497.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000499.dll Infected: Trojan-PSW.Win32.Sinowal.m skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000500.exe Infected: Trojan-PSW.Win32.Sinowal.m skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000501.dll Infected: Trojan-PSW.Win32.Sinowal.m skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000502.exe Infected: Trojan-Downloader.Win32.Agent.akj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000503.dll Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000504.exe Infected: not-a-virus:AdWare.Win32.180Solutions.an skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000505.exe Infected: not-a-virus:AdWare.Win32.BHO.ah skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000507.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000508.exe Infected: not-a-virus:AdWare.Win32.Mirar.d skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000509.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000510.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000511.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000512.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000513.exe Infected: Trojan-Downloader.Win32.Adload.bo skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000514.exe Infected: Trojan-Downloader.Win32.Adload.bo skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000515.exe Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000516.exe Infected: not-a-virus:AdWare.Win32.Iebar.j skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000517.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000518.exe Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000520.exe Infected: Trojan-Downloader.Win32.Small.cqy skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000521.exe Infected: not-a-virus:AdWare.Win32.MediaMotor.l skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000526.exe Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000527.exe Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000528.exe Infected: P2P-Worm.Win32.SpyBot.gl skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000529.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000530.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000531.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000532.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000533.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000534.dll Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000535.exe Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000536.exe Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000537.exe Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000538.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000539.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000540.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000541.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000542.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000543.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000545.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000546.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000547.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000548.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000549.sys Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000550.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000551.vxd Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000552.exe Infected: Backdoor.Win32.Rbot.aqo skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000553.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000554.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000555.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000556.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000557.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000558.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000559.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000560.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000561.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000562.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000563.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000565.exe Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000566.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000567.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000568.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000569.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.n skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000570.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000571.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000572.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000573.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000574.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000575.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000576.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000577.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000578.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000579.exe Infected: Trojan.Win32.Agent.sx skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000580.exe Infected: Backdoor.Win32.Rbot.adf skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000581.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000582.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000583.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000584.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000585.exe Infected: Trojan-Downloader.Win32.Small.aav skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000586.exe Infected: Trojan-Proxy.Win32.Small.bo skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000587.dll Infected: Trojan-Downloader.Win32.Small.crd skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000588.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.n skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000589.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000590.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000591.exe Infected: Backdoor.Win32.SdBot.yx skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000592.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000593.exe Infected: P2P-Worm.Win32.SpyBot.gl skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000594.exe Infected: Trojan.Win32.Inject.t skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000595.dll Infected: not-a-virus:AdWare.Win32.Mirar.e skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000596.dll Infected: not-a-virus:AdWare.Win32.BHO.ah skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000598.exe Infected: Trojan-Downloader.Win32.Agent.akj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000599.dll Infected: not-a-virus:AdWare.Win32.Mirar.b skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000600.exe Infected: Trojan-Downloader.Win32.Small.cqs skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000601.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000602.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000603.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000604.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000605.exe Infected: Trojan-Downloader.Win32.Qoologic.c skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000606.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000607.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000608.exe Infected: Trojan-Downloader.Win32.PurityScan.cl skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000609.bat Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000612.dll Infected: Trojan-Downloader.Win32.Agent.agw skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000613.dll Infected: Trojan.Win32.Agent.sx skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\snapshot\MFEX-3.DAT Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\snapshot\MFEX-4.DAT Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\snapshot\MFEX-5.DAT Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe/stream/data0004 Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe/stream/data0008 Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe/stream Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe NSIS: infected - 5 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003460.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003461.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003463.exe Infected: Trojan-Downloader.Win32.PurityScan.co skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003464.exe Infected: Trojan-Downloader.Win32.Harnig.bn skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003476.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003477.exe Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003478.exe Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003479.exe Infected: Trojan-Downloader.Win32.VB.vz skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003480.exe/data0002 Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003480.exe/data0003 Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003480.exe/data0006 Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003480.exe/data0007 Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003480.exe NSIS: infected - 4 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe RarSFX: infected - 6 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003494.dll Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003495.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003496.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003497.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\Trelew.exe/data0006 Infected: Trojan-Dropper.Win32.VB.mz skipped
C:\Trelew.exe NSIS: infected - 1 skipped
C:\WINDOWS\system32\scmt16.exe Infected: Trojan-Downloader.Win32.Harnig.bn skipped
C:\WINDOWS\WPRE.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\WINDOWS\WPRE.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\WINDOWS\WPRE.exe NSIS: infected - 2 skipped
D:\BSINSTALL.exe/WISE0024.BIN/data0001.cab/VVSN.exe Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
D:\BSINSTALL.exe/WISE0024.BIN/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
D:\BSINSTALL.exe/WISE0024.BIN Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
D:\BSINSTALL.exe WiseSFX: infected - 3 skipped
D:\BSINSTALL.exe WiseSFX Dropper: infected - 3 skipped
Scan process completed.
http://swandog46.geekstogo.com/avenger.zip
Then if the download worked, follow the rest of the instruction in my post above.
42572BA8912F}\RP3\A0000388.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000389.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000390.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe/InpB/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe/InpB/SskCore.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe/InpB/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe/InpB/Ssk3RepairInstall.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ap skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe/InpB Infected: not-a-virus:AdWare.Win32.SurfSide.ap skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000391.exe CAB: infected - 5 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000393.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ap skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000394.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000410.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000411.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000412.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000413.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000414.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000417.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000418.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000419.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000420.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000421.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000432.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000449.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000450.exe Infected: Trojan-Clicker.Win32.VB.lv skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000454.exe Infected: not-a-virus:AdWare.Win32.SmartLoad.c skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000455.exe Infected: Trojan-Downloader.Win32.Adload.az skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000456.exe Infected: Trojan-Downloader.Win32.Adload.az skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000458.exe Infected: Trojan-Downloader.Win32.VB.ys skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000459.exe Infected: Trojan-Downloader.Win32.VB.ada skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000460.exe Infected: Trojan-Downloader.Win32.VB.ada skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000461.exe Infected: Trojan-Clicker.Win32.VB.lv skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000462.exe Infected: Trojan-Downloader.Win32.VB.aci skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000463.exe Infected: Trojan-Downloader.Win32.VB.adb skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000464.exe Infected: Trojan-Clicker.Win32.VB.nh skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000465.exe Infected: Trojan-Clicker.Win32.VB.ly skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000466.exe Infected: Trojan-Clicker.Win32.VB.ly skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000468.exe Infected: Backdoor.Win32.Haxdoor.il skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000470.exe Infected: Trojan-PSW.Win32.Sinowal.n skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000471.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000473.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000474.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000478.exe Infected: Trojan-Dropper.Win32.Agent.amf skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000479.exe Infected: Trojan-Dropper.Win32.Agent.hl skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000480.exe Infected: Trojan-Clicker.Win32.VB.ij skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000481.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000482.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000483.exe/data.rar/sc2.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000483.exe/data.rar Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000483.exe RarSFX: infected - 2 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000484.exe/data.rar/esys44.exe Infected: Trojan-Downloader.Win32.Adload.ap skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000484.exe/data.rar/sc2.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000484.exe/data.rar Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000484.exe RarSFX: infected - 3 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000485.exe/data.rar/sc2.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000485.exe/data.rar Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000485.exe RarSFX: infected - 2 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000486.sys Infected: Rootkit.Win32.Agent.l skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000487.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000488.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000489.sys Infected: Rootkit.Win32.Agent.l skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000490.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000492.sys Infected: Rootkit.Win32.Agent.l skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000493.exe Infected: Trojan-Clicker.Win32.Small.kr skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000494.exe Infected: Trojan-PSW.Win32.Sinowal.n skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000495.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000496.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000497.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000499.dll Infected: Trojan-PSW.Win32.Sinowal.m skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000500.exe Infected: Trojan-PSW.Win32.Sinowal.m skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000501.dll Infected: Trojan-PSW.Win32.Sinowal.m skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000502.exe Infected: Trojan-Downloader.Win32.Agent.akj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000503.dll Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000504.exe Infected: not-a-virus:AdWare.Win32.180Solutions.an skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000505.exe Infected: not-a-virus:AdWare.Win32.BHO.ah skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000507.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000508.exe Infected: not-a-virus:AdWare.Win32.Mirar.d skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000509.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000510.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000511.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000512.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000513.exe Infected: Trojan-Downloader.Win32.Adload.bo skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000514.exe Infected: Trojan-Downloader.Win32.Adload.bo skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000515.exe Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000516.exe Infected: not-a-virus:AdWare.Win32.Iebar.j skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000517.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000518.exe Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000520.exe Infected: Trojan-Downloader.Win32.Small.cqy skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000521.exe Infected: not-a-virus:AdWare.Win32.MediaMotor.l skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000526.exe Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000527.exe Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000528.exe Infected: P2P-Worm.Win32.SpyBot.gl skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000529.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000530.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000531.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000532.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000533.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000534.dll Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000535.exe Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000536.exe Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000537.exe Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000538.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000539.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000540.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000541.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000542.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000543.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000545.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000546.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000547.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000548.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000549.sys Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000550.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000551.vxd Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000552.exe Infected: Backdoor.Win32.Rbot.aqo skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000553.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000554.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000555.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000556.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000557.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000558.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000559.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000560.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000561.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000562.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000563.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000565.exe Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000566.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000567.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000568.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000569.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.n skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000570.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000571.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000572.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000573.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000574.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000575.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000576.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000577.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000578.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000579.exe Infected: Trojan.Win32.Agent.sx skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000580.exe Infected: Backdoor.Win32.Rbot.adf skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000581.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000582.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000583.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000584.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000585.exe Infected: Trojan-Downloader.Win32.Small.aav skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000586.exe Infected: Trojan-Proxy.Win32.Small.bo skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000587.dll Infected: Trojan-Downloader.Win32.Small.crd skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000588.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.n skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000589.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000590.exe Infected: Trojan.Win32.Painwin.a skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000591.exe Infected: Backdoor.Win32.SdBot.yx skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000592.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000593.exe Infected: P2P-Worm.Win32.SpyBot.gl skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000594.exe Infected: Trojan.Win32.Inject.t skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000595.dll Infected: not-a-virus:AdWare.Win32.Mirar.e skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000596.dll Infected: not-a-virus:AdWare.Win32.BHO.ah skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000598.exe Infected: Trojan-Downloader.Win32.Agent.akj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000599.dll Infected: not-a-virus:AdWare.Win32.Mirar.b skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000600.exe Infected: Trojan-Downloader.Win32.Small.cqs skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000601.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000602.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000603.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000604.exe Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000605.exe Infected: Trojan-Downloader.Win32.Qoologic.c skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000606.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000607.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000608.exe Infected: Trojan-Downloader.Win32.PurityScan.cl skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000609.bat Infected: Trojan.WinREG.LowZones.f skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000612.dll Infected: Trojan-Downloader.Win32.Agent.agw skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\A0000613.dll Infected: Trojan.Win32.Agent.sx skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\snapshot\MFEX-3.DAT Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\snapshot\MFEX-4.DAT Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP3\snapshot\MFEX-5.DAT Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe/stream/data0004 Infected: not-a-virus:AdWare.Win32.Adstart.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe/stream/data0007 Infected: not-a-virus:AdWare.Win32.Adstart.d skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe/stream/data0008 Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe/stream Infected: not-a-virus:AdWare.Win32.Adstart.b skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003459.exe NSIS: infected - 5 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003460.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003461.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003463.exe Infected: Trojan-Downloader.Win32.PurityScan.co skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003464.exe Infected: Trojan-Downloader.Win32.Harnig.bn skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003476.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003477.exe Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003478.exe Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003479.exe Infected: Trojan-Downloader.Win32.VB.vz skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003480.exe/data0002 Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003480.exe/data0003 Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003480.exe/data0006 Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003480.exe/data0007 Infected: Trojan.Win32.VB.tg skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003480.exe NSIS: infected - 4 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003491.exe RarSFX: infected - 6 skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003494.dll Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003495.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003496.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{C6B0CE17-9B19-44F3-AEB2-42572BA8912F}\RP30\A0003497.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\Trelew.exe/data0006 Infected: Trojan-Dropper.Win32.VB.mz skipped
C:\Trelew.exe NSIS: infected - 1 skipped
C:\WINDOWS\system32\scmt16.exe Infected: Trojan-Downloader.Win32.Harnig.bn skipped
C:\WINDOWS\WPRE.exe/data0004 Infected: Trojan-Downloader.Win32.Small.ctp skipped
C:\WINDOWS\WPRE.exe/data0005 Infected: Trojan-Downloader.Win32.Small.ajc skipped
C:\WINDOWS\WPRE.exe NSIS: infected - 2 skipped
D:\BSINSTALL.exe/WISE0024.BIN/data0001.cab/VVSN.exe Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
D:\BSINSTALL.exe/WISE0024.BIN/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
D:\BSINSTALL.exe/WISE0024.BIN Infected: not-a-virus:AdWare.Win32.SaveNow.z skipped
D:\BSINSTALL.exe WiseSFX: infected - 3 skipped
D:\BSINSTALL.exe WiseSFX Dropper: infected - 3 skipped
Scan process completed.
Click Create a Restore Point, and then click Next. Name your restore point. (I use the date as well as a descriptive term.)
Rescan with Kaspersky Scanner and post the new log. It should be easier to read by then.
KASPERSKY ONLINE SCANNER REPORT
Wednesday, June 28, 2006 12:26:34 AM
Operating System: Microsoft Windows XP Home Edition, (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 28/06/2006
Kaspersky Anti-Virus database records: 203292
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
Scan Statistics:
Total number of scanned objects: 56772
Number of viruses found: 22
Number of infected objects: 72 / 0
Number of suspicious objects: 3
Duration of the scan process: 00:54:00
Infected Object Name / Virus Name / Last Action
C:\djiejrjk.exe/data.rar/esys44.exe Infected: Trojan-Downloader.Win32.Adload.ap skipped
C:\djiejrjk.exe/data.rar/sc2.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\djiejrjk.exe/data.rar Infected: Trojan.WinREG.LowZones.f skipped
C:\djiejrjk.exe RarSFX: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6deff6ce380d25a5e32e9d069a6df4f6_8f3f1e18-e77e-42cb-9d50-ea485a4ce7ed Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CASClient8.zip/cas2stub.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CASClient8.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\Ewan\esys44.exe Infected: Trojan-Downloader.Win32.Adload.ap skipped
C:\Documents and Settings\Ewan\Local Settings\Temp\tp7543.exe Infected: Trojan-Downloader.Win32.Qoologic.ax skipped
C:\Documents and Settings\Fadi\.limewire\Cookies.dat Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\createtimes.cache Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\fileurns.bak Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\fileurns.cache Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\filters.props Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\gnutella.net Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\installation.props Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\licenses.cache Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\limewire.props Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\META-INF\MANIFEST.MF Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\pub1.key Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\public.key Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\questions.props Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\simpp.xml Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\splash.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\tables.props Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\01_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\02_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\03_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\04_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\05_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\chat.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\dir_closed.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\dir_open.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\forward_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\forward_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\kill.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\kill_on.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\lime.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\logo.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\notsearching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\pause_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\pause_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\play_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\play_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\question.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\rewind_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\rewind_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\searching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\splash.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\stop_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\stop_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\theme.txt Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\warning.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme.lwtp Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\01_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\02_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\03_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\04_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\05_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\chat.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\dir_closed.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\dir_open.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\forward_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\forward_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\kill.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\logo.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\notsearching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\pause_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\pause_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\play_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\play_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\question.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\rewind_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\rewind_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\search.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\searching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\splash.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\stop_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\stop_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\theme.txt Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\warning.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme.lwtp Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\01_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\02_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\03_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\04_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\05_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\chat.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\dir_closed.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\dir_open.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\forward_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\forward_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\kill.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\kill_on.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\lime.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\logo.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\notsearching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\pause_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\pause_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\play_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\play_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\question.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\rewind_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\rewind_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\searching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\splash.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\stop_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\stop_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\theme.txt Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\warning.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme.lwtp Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\01_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\02_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\03_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\04_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\05_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\chat.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\forward_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\forward_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\kill.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\kill_on.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\logo.png Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\notsearching.png Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\pause_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\pause_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\play_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\play_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\question.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\rewind_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\rewind_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\searching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\splash.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\stop_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\stop_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\theme.txt Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\warning.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme.lwtp Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\ttree.cache Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\update.xml Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\version.key Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\version.xml Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\data\audio.sxml Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\data\video.sxml Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\misc\application.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\misc\audio.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\misc\image.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\misc\text.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\misc\video.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\schemas\audio.xsd Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\schemas\video.xsd Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D20472 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D205A1 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D21B4D Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D21C7E Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D29F06 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D2A35E Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201E061FF Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201E06201 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201E068C0 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201E0863B Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\2B00000576 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\2B00001954 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\2B00001F32 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\2B00001FB3 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\2B00001FB4 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\3\0201D2A6CF Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\3\0201E010D7 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\3\0201E0635A Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\3\05696D73656E64 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\AdobeCMapFnt07.lst Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\AdobeSysFnt07.lst Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\Collab\RSS Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\JavaScripts\glob.settings.js Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\Preferences\AutoFillDefaults.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\Preferences\defaultHeuristics.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\Updater\udlog.txt Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\Updater\udstore.js Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\UserCache.bin Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Online Services\Photoshop Album Starter Edition\cache\cache.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Online Services\Photoshop Album Starter Edition\cache\entry.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Online Services\Photoshop Album Starter Edition\clients\Photoshop Album Starter Edition\notifications.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Online Services\Photoshop Album Starter Edition\clients\Photoshop Album Starter Edition\preferences.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\apd.prf Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\customevents.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\email.xml Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\jpegviewer.xml Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\Logse30.txt Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\psa.prf Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\psase30.xml Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\status.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Apple Computer\iTunes\CD Info.cidb Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Apple Computer\iTunes\iTunes.pref Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Apple Computer\QuickTime\QTPlayerSession.xml Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\desktop.ini Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\GDIPFONTCACHEV1.DAT Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Install.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\InterVideo\WinRip\Music Gallery.XML Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\InterVideo\WinRip\WinRip.pls Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Kazaa Lite\db\data1024.dbb Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Kazaa Lite\db\data256.dbb Object is locked skipped
Wednesday, June 28, 2006 12:26:34 AM
Operating System: Microsoft Windows XP Home Edition, (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 28/06/2006
Kaspersky Anti-Virus database records: 203292
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
Scan Statistics:
Total number of scanned objects: 56772
Number of viruses found: 22
Number of infected objects: 72 / 0
Number of suspicious objects: 3
Duration of the scan process: 00:54:00
Infected Object Name / Virus Name / Last Action
C:\djiejrjk.exe/data.rar/esys44.exe Infected: Trojan-Downloader.Win32.Adload.ap skipped
C:\djiejrjk.exe/data.rar/sc2.reg Infected: Trojan.WinREG.LowZones.f skipped
C:\djiejrjk.exe/data.rar Infected: Trojan.WinREG.LowZones.f skipped
C:\djiejrjk.exe RarSFX: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6deff6ce380d25a5e32e9d069a6df4f6_8f3f1e18-e77e-42cb-9d50-ea485a4ce7ed Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CASClient8.zip/cas2stub.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CASClient8.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\Ewan\esys44.exe Infected: Trojan-Downloader.Win32.Adload.ap skipped
C:\Documents and Settings\Ewan\Local Settings\Temp\tp7543.exe Infected: Trojan-Downloader.Win32.Qoologic.ax skipped
C:\Documents and Settings\Fadi\.limewire\Cookies.dat Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\createtimes.cache Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\fileurns.bak Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\fileurns.cache Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\filters.props Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\gnutella.net Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\installation.props Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\licenses.cache Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\limewire.props Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\META-INF\MANIFEST.MF Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\pub1.key Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\public.key Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\questions.props Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\simpp.xml Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\splash.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\tables.props Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\01_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\02_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\03_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\04_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\05_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\chat.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\dir_closed.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\dir_open.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\forward_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\forward_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\kill.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\kill_on.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\lime.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\logo.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\notsearching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\pause_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\pause_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\play_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\play_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\question.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\rewind_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\rewind_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\searching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\splash.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\stop_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\stop_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\theme.txt Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme\warning.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\black_theme.lwtp Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\01_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\02_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\03_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\04_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\05_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\chat.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\dir_closed.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\dir_open.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\forward_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\forward_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\kill.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\logo.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\notsearching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\pause_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\pause_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\play_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\play_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\question.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\rewind_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\rewind_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\search.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\searching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\splash.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\stop_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\stop_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\theme.txt Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme\warning.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\classic_theme.lwtp Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\01_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\02_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\03_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\04_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\05_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\chat.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\dir_closed.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\dir_open.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\forward_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\forward_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\kill.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\kill_on.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\lime.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\logo.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\notsearching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\pause_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\pause_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\play_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\play_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\question.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\rewind_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\rewind_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\searching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\splash.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\stop_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\stop_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\theme.txt Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme\warning.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\limewire_theme.lwtp Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\01_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\02_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\03_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\04_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\05_star.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\chat.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\forward_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\forward_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\kill.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\kill_on.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\logo.png Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\notsearching.png Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\pause_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\pause_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\play_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\play_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\question.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\rewind_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\rewind_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\searching.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\splash.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\stop_dn.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\stop_up.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\theme.txt Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme\warning.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\themes\windows_theme.lwtp Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\ttree.cache Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\update.xml Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\version.key Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\version.xml Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\data\audio.sxml Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\data\video.sxml Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\misc\application.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\misc\audio.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\misc\image.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\misc\text.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\misc\video.gif Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\schemas\audio.xsd Object is locked skipped
C:\Documents and Settings\Fadi\.limewire\xml\schemas\video.xsd Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D20472 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D205A1 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D21B4D Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D21C7E Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D29F06 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201D2A35E Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201E06201 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201E068C0 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\0201E0863B Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\2B00000576 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\2B00001954 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\2B00001F32 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\2B00001FB3 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\0\2B00001FB4 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\3\0201D2A6CF Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\3\0201E010D7 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\3\0201E0635A Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\acccore\caches\bart\3\05696D73656E64 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\AdobeCMapFnt07.lst Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\AdobeSysFnt07.lst Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\Collab\RSS Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\JavaScripts\glob.settings.js Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\Preferences\AutoFillDefaults.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\Preferences\defaultHeuristics.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\Updater\udlog.txt Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\Updater\udstore.js Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Acrobat\7.0\UserCache.bin Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Online Services\Photoshop Album Starter Edition\cache\cache.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Online Services\Photoshop Album Starter Edition\cache\entry.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Online Services\Photoshop Album Starter Edition\clients\Photoshop Album Starter Edition\notifications.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Online Services\Photoshop Album Starter Edition\clients\Photoshop Album Starter Edition\preferences.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\apd.prf Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\customevents.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\email.xml Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\jpegviewer.xml Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\Logse30.txt Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\psa.prf Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\psase30.xml Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Adobe\Photoshop Album\3.0\status.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Apple Computer\iTunes\CD Info.cidb Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Apple Computer\iTunes\iTunes.pref Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Apple Computer\QuickTime\QTPlayerSession.xml Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\desktop.ini Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\GDIPFONTCACHEV1.DAT Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Install.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\InterVideo\WinRip\Music Gallery.XML Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\InterVideo\WinRip\WinRip.pls Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Kazaa Lite\db\data1024.dbb Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Kazaa Lite\db\data256.dbb Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Kazaa Lite\db\np.tmp Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Lavasoft\Ad-Aware\description.ini Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2005-03-21 13-45-44.txt Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Lavasoft\Ad-Aware\Quarantine\auto-quarantine- 2005-03-21 14-45-20.bckp Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Lavasoft\Ad-Aware\settings.awc Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Lavasoft\Ad-Aware\stats.awd Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Leadertech\PowerRegister\PowerReg.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\2wire.com\movies\home\32.swf\2Wire_home.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\bestbuy.com\BestBuy_US\en_US\images\global\features\f_20051120_homefeat_1.swf\ViewedBefore.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\cartoonnetwork.com\CN_users.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\disney.go.com\disneychannel\dcGlobalNav.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\disney.go.com\disneychannel\dcGlobalNavLSOdeleter.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\disney.go.com\disneychannel\dcGlobalNavTicker.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\disney.go.com\disneychannel\dcSynergy.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\disney.go.com\disneychannel\disneychannel_email.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\disney.go.com\disneychannel\global\dc_base.swf\LondonQuotes.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\disney.go.com\disneychannel\global\dc_base.swf\RavenQuotes.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\disney.go.com\disneychannel\LiloAndStitchEmailTicker.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\disney.go.com\disneychannel\suitelifePoll.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\iriver.com\images\flash\intro_campaign.swf\myData.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\ivillage.com\rightcol\rightcol.swf\ivillage.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\localhost\core.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\midaddle.com\sharedObject.swf\Mcookie.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\mochibot.com\com.mochibot.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\orbitzgames.com\OrbitzGames.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\orbitzgames.com\shuffle.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\propecia.com\propecia\consumer\flash\bandwidth-sendVars.swf\remeberCookie.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\psc.disney.go.com\disneychannel\hannahmontana\modules\main_nav.swf\undefined.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\psc.disney.go.com\disneychannel\hannahmontana\modules\poll.swf\undefined.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\psc.disney.go.com\disneychannel\hannahmontana\modules\ticker.swf\undefined.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\psc.disney.go.com\disneychannel\hannahmontana\modules\tunes.swf\Songs.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\serving-sys.com\BurstingRes\Site-1069\Type-2\37C0215A-5E84-43E2-BB88-B63EE7AA5A72.swf\77126.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\serving-sys.com\BurstingRes\Site-1069\Type-2\5B7B62A6-3170-4525-8E1A-07E1300BFF08.swf\105896.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\serving-sys.com\BurstingRes\Site-1069\Type-2\67C28C7D-13F6-4050-839B-8CD3D650777B.swf\77126.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\serving-sys.com\BurstingRes\Site-1069\Type-2\8B01635F-925D-44B4-9E4A-9F1FF80E30D1.swf\105896.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\static.userplane.com\presence\m\presence.swf\presence.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\video.google.com\googleplayer.swf\mediaPlayerUserSettings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\warnerbros.com\mxo_redesign\med\mx0_main.swf\MatrixOnlineNav.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\www.heavy.com\channels\cover3.swf\TestMovie_Config_Info.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\www.nick.com\turbonick\sidebar\main.swf\UserPrefs.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\www.pepsimundo.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\#SharedObjects\JMEWYSXT\www.youtube.com\soundData.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#2wire.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bestbuy.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cartoonnetwork.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#disney.go.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#ebaystatic.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#highlineauctions.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iriver.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#ivillage.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#local\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#midaddle.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#mochibot.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#orbitzgames.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#propecia.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#psc.disney.go.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#serving-sys.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.userplane.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#video.google.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#warnerbros.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.heavy.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.nick.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.pepsimundo.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.youtube.com\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Address Book\Fadi.wab Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Address Book\Fadi.wab~ Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Credentials\S-1-5-21-1454471165-113007714-854245398-1004\Credentials Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\107367539B7C89418A100A6FF29C5EAC Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\3C83474D61E624A4F9844DF935AFE217 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\486CC6AFD08942336C61FCD401C4A1D1 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\A66496915E372C06F0D8C0CC31F81B97 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\Content\F482C95F83F1B59228F1B1E720F2EDF1 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\107367539B7C89418A100A6FF29C5EAC Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\3C83474D61E624A4F9844DF935AFE217 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\486CC6AFD08942336C61FCD401C4A1D1 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\A66496915E372C06F0D8C0CC31F81B97 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\CryptnetUrlCache\MetaData\F482C95F83F1B59228F1B1E720F2EDF1 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1454471165-113007714-854245398-1004\46cf91f505436539d231e2ec05769fbd_8f3f1e18-e77e-42cb-9d50-ea485a4ce7ed Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1454471165-113007714-854245398-1004\51a9c104ddc5c110c035d1e61ca5bd2d_8f3f1e18-e77e-42cb-9d50-ea485a4ce7ed Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1454471165-113007714-854245398-1004\83aa4cc77f591dfc2374580bbd95f6ba_8f3f1e18-e77e-42cb-9d50-ea485a4ce7ed Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Forms\WINWORD.box Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\HTML Help\hh.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Media Player\0026C72A.wpl Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Backgrounds\map.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Backgrounds\TFR35.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Backgrounds\TFR36.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Backgrounds\TFR37.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Backgrounds\TFR38.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Backgrounds\TFR39.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Backgrounds\TFR5C.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\ListCache.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\MapFile\TFR59.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\MapFile\TFR5B.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\MapFile\TFR5D.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\sqmdata00.sqm Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\sqmdata01.sqm Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\map.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR29.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR2A.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR2B.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR2C.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR2D.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR2E.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR2F.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR30.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR31.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR32.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR33.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\UserTile\TFR5A.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\map.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR3C.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR3E.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR40.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR42.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR44.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR46.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR48.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR4A.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR4C.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR4E.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR50.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR52.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR54.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR56.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\1095916927\Winks3\TFR58.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\MSN Messenger\4261166245\sqmdata00.sqm Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\fbc2.tmp Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\MSO1033.acl Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\1033.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\847.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\another layout.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\burthdai list.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\Desktop.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\Drivers ed Poem.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\Drivers Ed.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\Drunk Driving Essay.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\Drunk Driving Pictures.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\fadi mp3.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\index.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\My Documents.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\REFERENCES.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\Removable Disk (H).LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\Resume 2004.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\Resume Wizard.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\Resume1.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\tc.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Recent\Templates.LNK Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\VB10.pip Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Office\Word10.pip Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Proof\CUSTOM.DIC Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Protect\S-1-5-21-1454471165-113007714-854245398-1004\24fe0b5a-77eb-4bf9-9e18-2fe5a200f812 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Protect\S-1-5-21-1454471165-113007714-854245398-1004\47618c7c-17de-4ed3-951d-e6fb66d519de Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Protect\S-1-5-21-1454471165-113007714-854245398-1004\5cc84152-7bb8-4020-95b4-ddcd677b3bb2 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Protect\S-1-5-21-1454471165-113007714-854245398-1004\70f1e2d7-ff75-4b90-a286-11669a01f101 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Protect\S-1-5-21-1454471165-113007714-854245398-1004\722e4c81-3f40-4244-890e-6586c7ee8902 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Protect\S-1-5-21-1454471165-113007714-854245398-1004\96d6ad18-dada-407f-bb8e-39859b33844d Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Protect\S-1-5-21-1454471165-113007714-854245398-1004\9e3a2952-f742-4cec-b1e0-6f1c6c557eec Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Protect\S-1-5-21-1454471165-113007714-854245398-1004\b8681b46-ee5f-40c7-8097-f40428fa3674 Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Protect\S-1-5-21-1454471165-113007714-854245398-1004\Preferred Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Templates\Normal.dot Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Windows\Themes\Custom.theme Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Microsoft\Windows Messenger\1095916927\ListCache.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\MSN6\msndata001.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\MSN6\msndata002.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\MSN6\msndata003.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\MSN6\msndata004.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\MSN6\msndata005.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\MSN6\msndata006.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\MSN6\msndata007.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\MSN6\msndata008.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\Msg\20_1149283758\1570c_RBBE_IPM.swf Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\Msg\20_1149283758\start34.smi Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\Msg\3115_1150662057\060617_bom.html Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\Msg\4155_1150236877\20060613151437newmusicalerts.html Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\Msg\4155_1150499965\20060616161925newmusicalerts.html Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\Msg\7010_1149706239\6_7_ipm1.html Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\Msg\Category.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\Msg\Messages.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\Msg\SCategory.dat Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealMediaSDK\ac100000.txt Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\cookies.txt Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\Backup\iscomplete Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\CD.CDX Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\CD.DBF Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\CDTRAX.CDX Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\CDTRAX.DBF Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\PLAYGRPS.CDX Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\PLAYGRPS.DBF Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\PLAYLIST.CDX Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\PLAYLIST.DBF Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\PLAYLIST.FPT Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\PLAYTRAX.CDX Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\PLAYTRAX.DBF Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\TRACKS.DBF Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\TRACKS.FPT Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\TRACKS2.CDX Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\TRAKINFO.CDX Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\TRAKINFO.DBF Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\db\version Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\ErrorLogs\CDBurning.log Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\ErrorLogs\DownloadMgr.log Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\ErrorLogs\GenDevices.log Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\ErrorLogs\pdgenctnomad.log Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\ErrorLogs\pdgenwmdm.log Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\-- T E C H N O M U S I C . C O M -- N....lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\00063734.saf.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\00064404.saf.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\00068455.mpg.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\00076065.mpg.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\00091418.mpg.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\00091689.mpg.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\00093344.mpg.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\00094279.mpg.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\1.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\14.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\19.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\2.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\240359a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\276867a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\298202a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\3.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\308408a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\308456a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\310818a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\521987a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\569104a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\630422c.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\633943a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\633943b.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\636423a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\638735a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\641541a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\644876a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\644876b.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\644908a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\646342a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\647461a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\647702a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\647790a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\647870b.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\647870c.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\647870d.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\648210a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\648210c.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\648232a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\649032a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\649469a.lnk Object is locked skipped
C:\Documents and Settings\Fadi\Application Data\Real\RealPlayer\History\649677b.lnk Object is locked skipped