[merchantz]

It is not shutting down to the blue screen in normal mode which is good!

It is running slow/stuttering a lot when iTunes runs.

Is there a way to test if it is fully recovered?

What Virus protection would you recommend for standard use?

Cheers

[Advertisements]

Hi, merchantz

Please run the F-Secure Online Scanner to discard any other problems:

Note: This Scanner is for Internet Explorer Only!

• Follow the Instruction Here for installation.
• Accept the License Agreement.
• Once the ActiveX installs,Click Full System Scan
• Once the download completes,the scan will begin automatically.
• The scan will take some time to finish,so please be patient.
• When the scan completes, click the Automatic cleaning (recommended) button.
• Click the Show Report button and Copy&Paste the entire report in your next reply along with a fresh Hijackthis log.

As an Antivirus, Node32 has received excellent reviews.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein.

[JSntgRvr]

Hi, merchantz

Please run the F-Secure Online Scanner to discard any other problems:

Note: This Scanner is for Internet Explorer Only!

• Follow the Instruction Here for installation.
• Accept the License Agreement.
• Once the ActiveX installs,Click Full System Scan
• Once the download completes,the scan will begin automatically.
• The scan will take some time to finish,so please be patient.
• When the scan completes, click the Automatic cleaning (recommended) button.
• Click the Show Report button and Copy&Paste the entire report in your next reply along with a fresh Hijackthis log.

As an Antivirus, Node32 has received excellent reviews.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein.

[merchantz]

Ok Hijack Log.....

Logfile of HijackThis v1.99.1
Scan saved at 22:16:42, on 04/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com/en/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vcl.vaio.sony...eu/PforVAIO.htm
O3 - Toolbar: DiskView - {6A882320-BDD0-4ff4-BE3A-D8BAF82668E9} - C:\Program Files\Vyooh\DiskView\VizBar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe









Scanning Report
Wednesday, January 03, 2007 22:22:32 - 23:29:19

Computer name: OLLILAPTOP
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\ D:\ I:\
Result: 302 malware found
Adware.BHO(generic) (spyware)

* System (Disinfected)

Adware.MyToolbar (spyware)

* System (Disinfected)

W32/DLoader.BISV (virus)

* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035763.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035765.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035767.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035769.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035771.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035773.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035809.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035811.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035813.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035815.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035817.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035819.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035821.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035823.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035825.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035827.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035829.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035831.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035833.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035835.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035837.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035839.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035841.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035843.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035845.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035847.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035849.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035851.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035853.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035855.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035857.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035859.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035861.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035863.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035865.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035867.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035869.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035871.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035873.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035875.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035877.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035879.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035881.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035883.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035885.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035887.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035889.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035891.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035893.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035895.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035897.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035899.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035901.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035903.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035905.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035907.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035909.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035911.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035913.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035915.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035917.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035919.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035921.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035923.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035925.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035927.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035929.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035931.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035933.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035935.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035937.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035939.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035941.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035951.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035967.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035983.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035985.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035991.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036009.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036023.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036035.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036045.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036099.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036101.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036103.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036105.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036107.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036109.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036111.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036113.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036115.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036117.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036119.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036121.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036123.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036125.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036127.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036129.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036131.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036133.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036135.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036137.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036139.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036141.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036143.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036145.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036147.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036149.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036151.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036153.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036155.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036157.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036159.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036161.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036163.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036165.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036167.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036169.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036171.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036173.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036175.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036177.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036179.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036181.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036183.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036185.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036187.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036189.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036191.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036193.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036195.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036197.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036199.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036201.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036203.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036205.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036207.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036209.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036211.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036213.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036215.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036217.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036219.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036221.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036223.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036225.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036227.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036229.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036231.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036233.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036235.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036237.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036239.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036241.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036243.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036245.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036247.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036249.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036251.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036253.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036255.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036257.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036259.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036261.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036263.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036265.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036267.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036269.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036271.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036273.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036275.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036277.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036279.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036281.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036283.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036285.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036287.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036289.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036291.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036293.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036295.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036297.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036299.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036301.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036303.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036305.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036307.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036309.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036311.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036313.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036315.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036317.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036319.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036321.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036323.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036325.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036327.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036329.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036331.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036333.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036335.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036337.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036339.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036341.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036343.EXE (Submitted)

W32/DLoader.BJTC (virus)

* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035943.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035945.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035947.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035949.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035953.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035955.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035957.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035959.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035961.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035963.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035965.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035969.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035971.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035973.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035975.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035977.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035979.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035981.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035987.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035989.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035993.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035995.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035997.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0035999.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036001.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036003.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036005.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036007.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036011.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036013.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036015.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036017.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036019.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036021.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036025.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036027.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036029.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036031.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036033.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036037.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036039.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036041.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036043.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036047.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036049.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036051.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036053.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036055.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036057.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036059.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036061.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036063.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036065.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036067.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036069.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036071.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036073.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036075.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036077.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036079.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036081.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036083.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036085.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036087.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036089.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036091.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036093.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036095.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0036097.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0046535.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0046537.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0046539.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0046541.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0046550.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\A0046551.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE09.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE19.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE29.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE39.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE49.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE59.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE69.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE79.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE_0.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE_1.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE_2.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE_3.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE_4.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE_5.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE_6.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE_7.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE_8.EXE (Submitted)
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\DOCTORWEB\QUARANTINE\UPDATE_9.EXE (Submitted)

Win32.TrojanDownloader.Delf (spyware)

* System (Disinfected)

Statistics
Scanned:

* Files: 30883
* System: 4706
* Not scanned: 6

Actions:

* Disinfected: 3
* Renamed: 0
* Deleted: 0
* None: 299
* Submitted: 299

Files not scanned:

* C:\HIBERFIL.SYS
* C:\PAGEFILE.SYS
* C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
* C:\WINDOWS\SOFTWAREDISTRIBUTION\EVENTCACHE\{81651A54-51C8-4829-A889-11328E6C0068}.BIN
* C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
* C:\DOCUMENTS AND SETTINGS\OLIVER STANDING\LOCAL SETTINGS\TEMP\HSPERFDATA_OLIVER STANDING\3532

Options
Scanning engines:

* F-Secure Libra: 2.4.2, 2007-01-02
* F-Secure AVP: 7.0.171, 2007-01-03
* F-Secure Orion: 1.2.37, 2006-12-29
* F-Secure Blacklight: 1.0.53, 0000-00-00
* F-Secure Draco: 1.0.35, 0260-02-44
* F-Secure Pegasus: 1.19.0, 2006-11-19

Scanning options:

* Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX
* Use Advanced heuristics

Copyright © 1998-2006 Product support |Send virus sample to F-Secure
F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.

[JSntgRvr]

Hi, merchantz

That took care of it.

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

O3 - Toolbar: DiskView - {6A882320-BDD0-4ff4-BE3A-D8BAF82668E9} - C:\Program Files\Vyooh\DiskView\VizBar.dll (file missing)

Now close all windows and browsers, other than HiJackThis, then click Fix Checked.

Close Hijackthis.

The rest of the log looks clear. Congratulations.

Whenever you have a chance upgrade your JAVA. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Ugrading Java:

• Download the latest version of Java Runtime Environment (JRE) 6.
• Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
• Click the "Download" button to the right.
• Check the box that says: "Accept License Agreement".
• The page will refresh.
• Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
• Check any item with Java Runtime Environment (JRE or J2SE) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java version.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on the download to install the newest version.

Reset and Re-enable your System Restore to remove bad files that have been backed up by Windows. The files in System Restore are protected to prevent any programmes changing them. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected.)

To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

(Windows XP)

1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK..

Create a Restore point:

• Click Start, point to All Programs, point to Accessories, point to System Tools, and then click System Restore.
• In the System Restore dialog box, click Create a restore point, and then click Next.
• Type a description for your restore point, such as "After Cleanup", then click Create.

The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

• Spybot Search & Destroy - Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.
  
• AdAware - Another very powerful tool which searches and kills nasties that infect your system. AdAware and Spybot Search & Destroy compliment each other very well.
  
• SpywareBlaster - Great prevention tool to keep nasties from installing on your system.
  
• SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.
  
• IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
  
• CleanUP! - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  
• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• Google Toolbar - Free google toolbar that allows you to use the powerful Google search engine from the bar, but also blocks pop up windows.
  
• Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein.

Best wishes!

[JSntgRvr]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.