thank you very much for your help. im sorry it took me so long to respond. here are my hijack this and ewindo logs.
Logfile of HijackThis v1.99.1
Scan saved at 7:57:27 PM, on 5/20/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\Yahoo!\browser\ybrowser.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
c:\windows\system32\dowpcj.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Jack\Desktop\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapp.../search/ie.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://yahoo.sbc.com/dslR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapp.../search/ie.htmlR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.emachines.com/F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ActiveX Control - {21D916BD-3AF3-4E79-90F7-7F1536B07BAD} - C:\WINDOWS\System32\msurz.dll (file missing)
O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - c:\windows\system\BHOmod.dll (file missing)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [Setup experation] C:\WINDOWS\svchost.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\System32\ap9h4qmo.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\System32\gah95on6.exe
O4 - HKLM\..\Run: [veozgx] c:\windows\system32\dowpcj.exe
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\RunOnce: [ms_dwjf.exe] ms_dwjf.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {F90DD082-AF00-4640-84A2-74FC814A27C1} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F90DD082-AF00-4640-84A2-74FC814A27C1} - (no file) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: ChatSpace Full Java Client 4.0.0.301 -
http://www.ldschat.c...va/cfs40301.cabO16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zon...er.cab31267.cabO16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {4B55FE21-325E-48D5-9B39-9B430D639EE8} (ScanFile.FileScan) -
http://www.contentpu...om/ScanFile.CABO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by13fd.bay13....es/MsnPUpld.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab31267.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{73BDADEB-F29F-49DF-A527-553378F35305}: NameServer = 69.50.176.156,195.225.176.31
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
and here is my ewindo scan.
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 7:50:01 PM, 5/20/2005
+ Report-Checksum: 5C7360B4
+ Date of database: 5/17/2005
+ Version of scan engine: v3.0
+ Duration: 23 min
+ Scanned Files: 38855
+ Speed: 27.99 Files/Second
+ Infected files: 80
+ Removed files: 80
+ Files put in quarantine: 80
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0
+ Binder: Yes
+ Crypter: Yes
+ Archives: No
+ Scanned items:
C:\
+ Scan result:
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@19495311[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@adknowledge[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy &
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy &
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@advertising[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@atdmt[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@com[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy &
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy &
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@fastclick[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@hitbox[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy &
[email protected][2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@indiads[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@LPpacificsunwear[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@realmedia[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@real[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@S144556[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy &
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy &
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@tradedoubler[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy &
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Cookies\chrissy & alyssa@valueclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Chrissy & Alyssa\Local Settings\Temp\4.tmp\thnall1ac.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Jack\Cookies\jack@atdmt[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jack\Desktop\backups\backup-20050415-224643-849.dll -> Spyware.HotSearchBar.d -> Cleaned with backup
C:\Documents and Settings\Jack\Desktop\backups\backup-20050416-235802-325.dll -> Spyware.HotSearchBar.d -> Cleaned with backup
C:\Documents and Settings\Jack\Desktop\backups\backup-20050417-002946-659.dll -> Spyware.HotSearchBar.d -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\Cookies\jack@advertising[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\Cookies\jack@atdmt[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\Cookies\jack@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\Cookies\jack@fastclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\Cookies\jack@realmedia[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\Cookies\
[email protected][2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\Cookies\jack@tribalfusion[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\Cookies\
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\DJY\uacupg.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\temp.frB0A7 -> Trojan.Delf.cf -> Cleaned with backup
C:\Documents and Settings\Jack\Local Settings\Temp\ZWZ\auraupg1.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Vuc and Stacy\Cookies\vuc and stacy@fastclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Vuc and Stacy\Cookies\vuc and
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Vuc and Stacy\Local Settings\Temp\DrTemp\wupdt.exe -> TrojanDownloader.Intexp.c -> Cleaned with backup
C:\Documents and Settings\Vuc and Stacy\Local Settings\Temp\msldf.exe -> Dialer.Generic -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\17300E68-EDBB-459B-8333-C62873\AE996C5E-1A7A-48EA-BAE5-03C5F9 -> Spyware.HotSearchBar.d -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\25ADA301-8BEB-41CC-98C8-239197\7FE5717D-C7C1-499E-BE22-F0EF8C -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\27FA170A-A9E9-49D9-A25B-49FC0A\224B5521-F99B-4FD3-A79A-70EFE5 -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\2EF9931B-4A7B-44DF-92E7-A5E84B\5CAEE2A3-21C8-4029-AB36-9BDAF7 -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\31875144-0DA3-43A4-B67D-8BDE3A\3103552B-6DB4-4C32-BD93-E7800F -> Trojan.Agent.cp -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\477A9603-0578-4442-85B1-6E4090\872D5F14-5BF5-4260-9DF2-13A9DA -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4CBAEB58-31D9-4CC2-88D0-33CDEA\8FDA43C0-E041-4CA2-BAA3-963F19 -> Spyware.HotSearchBar.d -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\5A0E99D1-97BD-4406-85DA-95B8A6\D3510754-333A-4F18-98AB-063847 -> Spyware.SBSoft.h -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\5F69DE46-F9F8-4782-940A-C780BF\5F6A2830-7C27-4C46-AD8C-933A5A -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\60982CD5-218A-428D-BD45-F3C439\2E2CF0F5-A61F-43F2-BE04-F214B4 -> Trojan.Agent.db -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\6ADC2673-28B1-463B-BD7C-BBB8CB\153F11ED-86C2-4B90-AB98-DF2BFB -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\72936451-6564-4D43-B327-40FFDF\CD00210B-3623-4F10-9421-2CFDBD -> Spyware.HotSearchBar.d -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\74F27AE0-61D0-4079-89CD-DA2E84\2724EDB4-AE15-4483-A30C-1706B8 -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\8F7D67E3-2E98-4727-B489-A9752A\6989B13C-EDA5-4AB7-85A2-297679 -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\908B2004-44D8-49BD-8874-0B1039\9BAFF382-207F-4003-956C-8F5B61 -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\944FD26E-3C7A-437E-B06A-F55F67\0CE899C7-3660-400B-AF7C-026965 -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\9DA79536-6A24-4162-BFE7-B40383\5FE814BD-C535-437F-B0BD-13503A -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\A8A63BCC-ECD7-4FF5-B823-9B4859\3ECB01DE-71E5-4EA3-AD50-08797B -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\BF3E2DFA-D3CE-4B29-80B4-D7D6DC\B796D2BD-B85A-40DE-AF4B-6BF5C6 -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\CE8D5E75-C2F5-4091-8B79-884156\4E06F5BC-BA95-475C-94E2-0B2193 -> TrojanProxy.Small.bk -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E4FC2978-4B5C-4122-98F9-695BF0\D40D946C-23EE-4127-97D6-D67C59 -> Spyware.HotSearchBar.d -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E5A8B3E5-D38A-464C-8999-0CA94E\9B57014E-5B31-4919-9596-69C784 -> Not-A-Virus.HackTool.Hidd.k -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E61F56D8-2D10-4A83-AA12-B6C56C\A0CF0586-A991-4EDA-BDD2-BFB993 -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\EA4A7E6C-3CE1-4D1F-BD64-58D343\BFEF78BA-BB17-4565-8A19-BA0BEB -> Spyware.BetterInternet -> Cleaned with backup
C:\WINDOWS\idkracqag.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\WINDOWS\Nail.exe -> Trojan.Nail -> Cleaned with backup
C:\WINDOWS\svcproc.exe -> Trojan.Stervis.c -> Cleaned with backup
C:\WINDOWS\system32\5wo.dll -> Trojan.Delf.cf -> Cleaned with backup
C:\WINDOWS\system32\aygkaxl.exe -> Trojan.Agent.cp -> Cleaned with backup
C:\WINDOWS\system32\DrPMon.dll -> Trojan.Agent.db -> Cleaned with backup
C:\WINDOWS\system32\iwwwn.exe -> Trojan.Delf.cf -> Cleaned with backup
C:\WINDOWS\system32\nsj110.dll -> Spyware.Beginto.c -> Cleaned with backup
C:\WINDOWS\system32\nsl93.dll -> Spyware.Beginto.c -> Cleaned with backup
C:\WINDOWS\system32\nsx124.dll -> Spyware.Beginto.c -> Cleaned with backup
C:\WINDOWS\system32\shdocpl.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\svcnut.exe -> TrojanDownloader.Delf.ks -> Cleaned with backup
::Report End