Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

what do i do now? [RESOLVED]

Started by otismansfla , May 12 2005 07:17 PM

  • This topic is locked This topic is locked

#31
otismansfla
Posted 13 June 2005 - 01:54 PM

otismansfla

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
yes that cleared it and returned me to my chosen homepage,,,,,,,,,,,,,,,,thank-you again,,,,,,,,,does this mean i have some of this click search still in my computer?and if so should i just go to tools each time?.......again thank you for your help...........you are the MAN/WOMAN!!...........whatever the case may be..............take care ..................Otis
  • 0

Advertisements

#32
Guest_usetobe_*
Posted 13 June 2005 - 02:01 PM

Guest_usetobe_*
  • Guest
I think there maybe a remnant left in the registery, that is not found by HJT.

Open up internet explorer, click on tools then internet options, then click on security, click on restricted sites icon, then click on rstricted sites button and enter the www address of the clickserch site in the add box, then click the add button then apply and ok.

Let me know if you get any warnings about the site been in another zone.
  • 0

#33
otismansfla
Posted 14 June 2005 - 11:58 AM

otismansfla

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
hello usetobe..............thank-you for answering me so fast..............i did not recieve any warnings........after i clicked add .....i wasnt able to click apply because it didnt highlight itself...........i clicked ok and it kicked me back to the icon page...........but omg!............can i delete all the sites in the restricted sites page?..........some of them are scary..............i have been back onto my homepage without any difficulties since that one time ....so maybe it was a freak accident..........i do think you are correct about some remnants left tho......there are times when the computer acts funny .............ive done three scans with avg and on the last 2 the same infections that i deleted were there again...........all 600 of them.....i deleted them again ............the computer is still running great.............the firewall is awesome...............thank you again........................otis
  • 0

#34
Guest_usetobe_*
Posted 14 June 2005 - 12:03 PM

Guest_usetobe_*
  • Guest
Hello otis, no please leave the one's in restricted zone alone, that means that you cannot access those sites.

Please carry out an online virus scan from the link below, save the log it produces and post it back in this thread.

Panda active scan
  • 0

#35
otismansfla
Posted 14 June 2005 - 03:51 PM

otismansfla

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Incident Status Location

Adware:Adware/SaveNow No disinfected Windows Registry
Adware:Adware/MyWay No disinfected C:\Program Files\MySearch
Adware:Adware/StatBlaster No disinfected Windows Registry
Adware:Adware/FavoriteMan No disinfected C:\WINDOWS\downloaded program files\ATPartners.inf
Adware:Adware/Tubby No disinfected C:\WINDOWS\SYSTEM\MTC.ini
Adware:Adware/Adsmart No disinfected C:\WINDOWS\sys???.exe
Adware:Adware/Adsmart No disinfected C:\WINDOWS\SYSMON.EXE
Spyware:Spyware/Bridge No disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.1\jao.dll
Adware:Adware/NetPals No disinfected C:\WINDOWS\Downloaded Program Files\ATPartners.inf
Spyware:Spyware/Bridge No disinfected C:\WINDOWS\Downloaded Program Files\jao.dll
Adware:Adware/Tubby No disinfected C:\WINDOWS\SYSTEM\MTC.ini
Adware:Adware/TopSpyware No disinfected C:\WINDOWS\SYSTEM\spoolsrv32.exe
Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\SYSTEM\bi2.exe
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\INF\BI2.INF
Virus:Exploit/ByteVerify Disinfected C:\WINDOWS\.jpi_cache\jar\1.0\count.jar-5980bc51-3b05af09.zip[BlackBox.class]
Virus:Exploit/ByteVerify Disinfected C:\WINDOWS\.jpi_cache\jar\1.0\count.jar-5980bc51-3b05af09.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\WINDOWS\.jpi_cache\jar\1.0\count.jar-5980bc51-3b05af09.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\WINDOWS\.jpi_cache\jar\1.0\count.jar-5980bc51-3b05af09.zip[Beyond.class]
  • 0

#36
Guest_usetobe_*
Posted 15 June 2005 - 01:17 AM

Guest_usetobe_*
  • Guest
Hi otis,

Launch Notepad, and copy/paste the box below into a new text file. Save it as FindFile.bat and save it on your Desktop.

dir C:\WINDOWS\sys???.exe /a h > files.txt
notepad files.txt


Locate FindFile.bat on your Desktop and double-click on it. It will open Notepad with some text in it. Please post the text here.
  • 0

#37
otismansfla
Posted 15 June 2005 - 04:25 PM

otismansfla

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
C:\WINDOWS\Desktop>
C:\WINDOWS\Desktop>CODEdir C:\WINDOWS\sys???.exe /a h > files.txt
Bad command or file name

C:\WINDOWS\Desktop>notepad files.txt

C:\WINDOWS\Desktop>
  • 0

#38
Guest_usetobe_*
Posted 15 June 2005 - 04:32 PM

Guest_usetobe_*
  • Guest
Hi otis,

Do it again, but this time just the bit in the white box, not the word code at the top.


just this bit

dir C:\WINDOWS\sys???.exe /a h > files.txt
notepad files.txt
  • 0

#39
otismansfla
Posted 15 June 2005 - 05:15 PM

otismansfla

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
C:\WINDOWS\Desktop>dir C:\WINDOWS\sys???.exe /a h > files.txt
Too many parameters - h

C:\WINDOWS\Desktop>notepad files.txt

C:\WINDOWS\Desktop>
  • 0

#40
Guest_usetobe_*
Posted 16 June 2005 - 10:57 AM

Guest_usetobe_*
  • Guest
Hi Ots,

Please disable spysweeper and also Spybot teatimer.

I need you open up notepad, to copy all of the Killbox file paths below and paste them into Notepad.

C:\Program Files\MySearch
C:\WINDOWS\downloaded program files\ATPartners.inf
C:\WINDOWS\SYSTEM\MTC.ini
C:\WINDOWS\SYSMON.EXE
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\jao.dll
C:\WINDOWS\Downloaded Program Files\ATPartners.inf
C:\WINDOWS\Downloaded Program Files\jao.dll
C:\WINDOWS\SYSTEM\spoolsrv32.exe
C:\WINDOWS\SYSTEM\bi2.exe
C:\WINDOWS\INF\BI2.INF


* Please double-click Killbox.exe to run it.

* Select "Delete on Reboot".

* Open the Notepad file where you saved the file paths earlier and copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C

* Return to Killbox, go to the File menu, and choose "Paste from Clipboard".

* Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.

If your computer does not restart automatically, please restart it manually.

Then carry out a free online virus check from the following link

Kaspersky

Then carry out a further online scan at ACTIVESCAN.

Panda Activescan

Paste back the results
  • 0

Advertisements

#41
otismansfla
Posted 17 June 2005 - 02:41 PM

otismansfla

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Incident Status Location

Adware:Adware/SaveNow No disinfected Windows Registry
Adware:Adware/MyWay No disinfected C:\Program Files\MySearch
Adware:Adware/nCase No disinfected C:\WINDOWS\msbb*
Adware:Adware/StatBlaster No disinfected Windows Registry
Adware:Adware/nCase No disinfected C:\WINDOWS\msbb.exe.temp
-------------------------------------------------------------------------------
KASPERSKY ANTI-VIRUS WEB SCANNER REPORT
Friday, June 17, 2005 13:04:33
Operating System: Microsoft Windows Millennium Edition
Kaspersky Anti-Virus Web Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 17/06/2005
Kaspersky Anti-Virus database records: 126702
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - Critical Areas:
C:\WINDOWS
C:\WINDOWS\TEMP\

Scan Statistics:
Total number of scanned objects: 14944
Number of viruses found: 2
Number of infected objects: 4
Number of suspicious objects: 0
Duration of the scan process: 1479 sec

Infected Object Name - Virus Name
C:\WINDOWS\.jpi_cache\jar\1.0\javainstaller.jar-4514e5ea-3b5949d2.zip/javainstaller/InstallerApplet.class Infected: Trojan.Java.OpenStream.w
C:\WINDOWS\.jpi_cache\jar\1.0\javainstaller.jar-4514e5ea-3b5949d2.zip Infected: Trojan.Java.OpenStream.w
C:\WINDOWS\.jpi_cache\jar\1.0\archive.jar-60d4ac05-2abcb4bc.zip/binny/binny.class Infected: Trojan.Java.Binny.a
C:\WINDOWS\.jpi_cache\jar\1.0\archive.jar-60d4ac05-2abcb4bc.zip Infected: Trojan.Java.Binny.a

Scan process completed.
-------------------------------------------------------------------------------
KASPERSKY ANTI-VIRUS WEB SCANNER REPORT
Friday, June 17, 2005 14:52:20
Operating System: Microsoft Windows Millennium Edition
Kaspersky Anti-Virus Web Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 17/06/2005
Kaspersky Anti-Virus database records: 126702
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
a:\
c:\
d:\

Scan Statistics:
Total number of scanned objects: 39301
Number of viruses found: 25
Number of infected objects: 887
Number of suspicious objects: 0
Duration of the scan process: 6128 sec

Infected Object Name - Virus Name
c:\_RESTORE\TEMP\A0128372.CPY Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\TEMP\A0171690.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0171695.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0171700.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0171705.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0171710.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0172694.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0172707.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0172715.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0173698.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0173705.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0173713.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0175692.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0176702.CPY Infected: Trojan-Dropper.Win32.Small.uy
c:\_RESTORE\TEMP\A0176707.CPY Infected: Trojan-Dropper.Win32.Small.uy
c:\_RESTORE\TEMP\A0176766.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0176782.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0177699.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0177741.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0178736.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0178739.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0180691.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0180694.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0180699.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0180702.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0180704.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0180707.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0180709.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0180712.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0180714.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0180717.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0180719.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0180722.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0180724.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0180727.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0181692.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0181695.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0181699.CPY Infected: Trojan-Dropper.Win32.Small.uy
c:\_RESTORE\TEMP\A0181707.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0181710.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0181712.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0181715.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0182740.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0182743.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0183691.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0183694.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0183696.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0183699.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0183704.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0183707.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0183710.CPY Infected: Trojan-Dropper.Win32.Small.uy
c:\_RESTORE\TEMP\A0184736.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0184739.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0184741.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0184744.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0184746.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0184749.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0184751.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0184754.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0184763.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0184766.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0184773.CPY Infected: Trojan-Dropper.Win32.Small.uy
c:\_RESTORE\TEMP\A0184911.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0184914.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0184916.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0184919.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0184921.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0184924.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0184926.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0184929.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0184994.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0184997.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0185036.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0185039.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0185041.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0185044.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0185046.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0185049.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0185926.CPY Infected: Trojan-Dropper.Win32.Small.uy
c:\_RESTORE\TEMP\A0185932.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\TEMP\A0185951.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0185954.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0185955.CPY Infected: Trojan.Win32.TopAntiSpyware.h
c:\_RESTORE\TEMP\A0186033.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\TEMP\A0186037.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0186040.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0186042.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0186053.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0186056.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0186977.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0186980.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0186982.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0188010.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0188013.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0188015.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0188945.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0189938.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0190932.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0190946.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0190949.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0190961.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\TEMP\A0191010.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0191021.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0191024.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0191942.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\TEMP\A0191948.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0191949.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0191955.CPY Infected: Trojan-Downloader.Win32.Agent.kf
c:\_RESTORE\TEMP\A0192984.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0192997.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0193000.CPY Infected: Trojan.Win32.Agent.ct
c:\_RESTORE\TEMP\A0193002.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0194020.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\TEMP\A0194073.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0194087.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0194516.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0194521.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0194588.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194589.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194590.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194592.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0194593.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194594.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194595.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194598.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194599.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194600.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194602.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0194603.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194604.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194605.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194608.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194609.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194610.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194612.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194613.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194614.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194616.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194617.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194618.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194620.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194621.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194622.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194624.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194625.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194626.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194629.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194630.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194631.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194633.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194634.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194635.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194637.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194638.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194639.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194642.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194965.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194966.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194976.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194977.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194978.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0194990.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0195003.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0195012.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\TEMP\A0195073.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0196040.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0196044.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0196058.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0196061.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0196075.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0196078.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0197132.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\TEMP\A0197137.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197139.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0197142.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0197145.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197148.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197152.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0197256.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197259.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197278.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0197296.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197299.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197301.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0197335.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197336.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197337.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197340.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197341.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197342.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197350.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197351.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197352.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197504.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197507.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197509.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0197537.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197540.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197542.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0197565.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197566.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197567.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197574.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197577.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197581.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0197588.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197593.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197603.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197606.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197613.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197616.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197620.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0197621.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197624.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197635.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197638.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197654.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197657.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197666.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197669.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197672.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197675.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197683.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197686.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197689.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197692.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0197789.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197790.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197791.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0197824.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0197829.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0198714.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0198725.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0198728.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0198846.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0198847.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0198852.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199001.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0199012.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199015.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199045.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0199056.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199059.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199104.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0199115.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199118.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199128.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199129.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0199134.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199196.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199197.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199198.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199200.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199201.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199202.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199204.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199205.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199206.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199208.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199209.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199210.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199212.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199213.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199214.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199216.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199217.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199218.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199338.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199341.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199342.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0199357.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199358.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199359.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199361.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199362.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199363.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199377.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199380.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0199383.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199402.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199405.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199407.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0199476.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0199477.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199482.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199484.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0199498.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199501.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199503.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0199522.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199527.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199529.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0199555.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199558.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199562.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0199605.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199608.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199611.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0199616.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0199619.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0199621.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0199627.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199628.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199629.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199631.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199632.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0199633.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0200646.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0200649.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0201884.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0201976.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202012.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202016.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202068.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202073.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202075.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202079.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202084.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202086.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202110.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202113.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202115.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202132.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202135.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202137.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202149.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202152.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202155.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202213.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202218.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202220.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202229.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202232.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202236.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202239.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202242.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202246.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202249.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202252.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202256.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202259.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202264.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202266.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0202274.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0202277.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0202281.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0203291.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0203294.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0203296.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0203316.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0203319.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0203322.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0203326.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0203329.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0203332.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0203438.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0203454.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0203457.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0204085.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0204088.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0204090.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0204105.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0204108.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0204110.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0204123.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0204126.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0204128.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0206621.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0206624.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0206627.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0206695.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0206700.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0206702.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0207700.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0207703.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0207706.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0207712.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0207715.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0207718.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0207723.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0207726.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0207728.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0207733.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0207736.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0207780.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0207783.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0207788.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0207846.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0207850.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0207853.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0207856.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0207875.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0207878.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0207881.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0207885.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0207888.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0207891.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0207898.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0207903.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208067.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208123.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208126.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208152.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208158.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208161.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208164.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208214.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208217.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208220.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208224.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208227.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208230.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208236.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208241.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208243.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208246.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208251.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208253.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208256.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208261.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208263.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208267.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208271.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208273.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208302.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208305.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208310.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208318.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208321.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208324.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208329.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208332.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208334.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208337.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208342.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208344.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208492.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208495.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208497.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208511.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208516.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208518.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208522.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208526.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208528.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208536.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208539.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208542.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0208546.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0208549.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0208552.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209489.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209492.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209497.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0209529.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209532.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209534.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0209565.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209568.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209572.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0209575.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209578.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209582.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209585.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0209588.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209592.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209595.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209597.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0209615.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209618.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209620.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0209635.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209638.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209642.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0209655.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209658.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209668.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209671.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209673.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0209706.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0209707.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0209708.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0209709.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0209713.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0209753.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0209793.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0209794.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0209795.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0209796.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0209802.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209805.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0209808.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209829.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209832.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0209835.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209846.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209847.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0209852.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209863.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0209866.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0209868.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0210803.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0210806.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211024.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211027.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211029.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0211032.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0219129.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0219131.CPY Infected: Trojan-Downloader.Win32.Agent.ga
c:\_RESTORE\TEMP\A0211069.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0211070.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211071.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211072.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0211073.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211074.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211075.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211076.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0211077.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211078.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211079.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211080.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211081.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0211082.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211083.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211084.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211085.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211086.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0211087.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211088.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211089.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211090.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0211126.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211129.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211133.CPY Infected: Trojan.Win32.Agent.ct
c:\_RESTORE\TEMP\A0211140.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0219133.CPY Infected: Trojan-Proxy.Win32.Sobit.e
c:\_RESTORE\TEMP\A0219137.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211199.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211200.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0211205.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211235.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0211238.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211241.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211249.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0211252.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211255.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211295.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211296.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0211301.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211303.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0211306.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211311.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211313.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0211316.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211319.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211323.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0211336.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211339.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211409.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0211420.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211423.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211428.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211431.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211433.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0211444.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211447.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0211455.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0211458.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0211461.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0212371.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0212378.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0213383.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0213395.CPY Infected: Trojan-Dropper.Win32.Small.vn
c:\_RESTORE\TEMP\A0213398.CPY Infected: Trojan.Win32.Agent.ct
c:\_RESTORE\TEMP\A0213401.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0213403.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0213406.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0214409.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214473.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0214477.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0214481.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0214489.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0214490.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214491.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214492.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214493.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214494.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0214495.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214496.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214497.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214498.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0214499.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214500.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214501.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214505.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214506.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214507.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0214508.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214509.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214510.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0214516.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0214519.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0214521.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0214609.CPY Infected: Trojan.Win32.Agent.ct
c:\_RESTORE\TEMP\A0214610.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0214613.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0214619.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0214629.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0214632.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0214634.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0215635.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0215638.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0215642.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0215650.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\A0215657.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0215660.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0215664.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0215671.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0215674.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0215684.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0215687.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0215689.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0217699.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0217702.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0217703.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\WP.1 Infected: Trojan.Win32.Agent.ct
c:\_RESTORE\TEMP\A0217748.CPY Infected: Trojan-Dropper.Win32.Small.zp
c:\_RESTORE\TEMP\A0217751.CPY Infected: Trojan-Downloader.Win32.Adload.g
c:\_RESTORE\TEMP\A0217753.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\TEMP\A0217762.CPY Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\TEMP\A0222838.CPY Infected: Trojan.Win32.WebSearch.j
c:\_RESTORE\TEMP\A0222839.CPY Infected: Trojan.Win32.WebSearch.i
c:\_RESTORE\TEMP\JAO.0 Infected: Trojan-Spy.Win32.Briss.k
c:\_RESTORE\TEMP\JAO.1 Infected: Trojan-Spy.Win32.Briss.k
c:\_RESTORE\ARCHIVE\FS2204.CAB/A0160801.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\ARCHIVE\FS2204.CAB/A0160856.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2204.CAB/A0160867.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2204.CAB Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2198.CAB/A0157714.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\ARCHIVE\FS2198.CAB/A0157768.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2198.CAB/A0157782.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2198.CAB Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2200.CAB/A0158747.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2200.CAB Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2201.CAB/A0158797.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2201.CAB Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2208.CAB/A0160892.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2208.CAB Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2214.CAB/A0160903.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2214.CAB Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2223.CAB/A0161978.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2223.CAB/A0161983.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2223.CAB/A0162009.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2223.CAB/A0162020.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2223.CAB Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2217.CAB/A0160948.CPY Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2217.CAB Infected: Trojan-Dropper.Win32.Small.ty
c:\_RESTORE\ARCHIVE\FS2225.CAB/A0162991.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\ARCHIVE\FS2225.CAB Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\ARCHIVE\FS2240.CAB/A0165136.CPY Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\ARCHIVE\FS2240.CAB Infected: Trojan-Dropper.Win32.Small.yw
c:\_RESTORE\ARCHIVE\FS2258.CAB/A0168308.CPY Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\ARCHIVE\FS2258.CAB Infected: Trojan-Dropper.Win32.Small.oy
c:\_RESTORE\ARCHIVE\FS1452.CAB/A0121210.CPY Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1452.CAB Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1460.CAB/A0121417.CPY Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1460.CAB Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1461.CAB/A0121469.CPY Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1461.CAB Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1546.CAB/A0123439.CPY Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1546.CAB Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1517.CAB/A0121698.CPY Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1517.CAB Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1552.CAB/A0125746.CPY Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1552.CAB Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1534.CAB/A0121963.CPY Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1534.CAB Infected: Backdoor.Win32.Agent.en
c:\_RESTORE\ARCHIVE\FS1535.CAB/A0122019.CPY Infected: Backdoor.Win32.Agent.en
c:\_RE
  • 0

#42
Guest_usetobe_*
Posted 17 June 2005 - 02:51 PM

Guest_usetobe_*
  • Guest
Hi otis.

I need you open up notepad, to copy all of the Killbox file paths below and paste them into Notepad.

C:\Program Files\MySearch
C:\WINDOWS\msbb.exe.temp
C:\WINDOWS\.jpi_cache\jar\1.0\javainstaller.jar-4514e5ea-3b5949d2.zip/javainstaller/InstallerApplet.class
C:\WINDOWS\.jpi_cache\jar\1.0\javainstaller.jar-4514e5ea-3b5949d2.zip
C:\WINDOWS\.jpi_cache\jar\1.0\archive.jar-60d4ac05-2abcb4bc.zip/binny/binny.class
C:\WINDOWS\.jpi_cache\jar\1.0\archive.jar-60d4ac05-2abcb4bc.zip

* Please double-click Killbox.exe to run it.

* Select "Delete on Reboot".

* Open the Notepad file where you saved the file paths earlier and copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C

* Return to Killbox, go to the File menu, and choose "Paste from Clipboard".

* Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.

If your computer does not restart automatically, please restart it manually.

Rescan with HJT and post th log back
  • 0

#43
otismansfla
Posted 17 June 2005 - 03:21 PM

otismansfla

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Logfile of HijackThis v1.99.1
Scan saved at 5:16:48 PM, on 6/17/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\DESKTOP\SSAAD.EXE
C:\PROGRAM FILES\COMMON FILES\ADAPTEC SHARED\CREATECD\CREATECD50.EXE
C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\AIM\AIM.EXE
C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\E_S10IC2.EXE
C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bellsouth.net/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Gateway Ink Monitor] C:\Program Files\Gateway\Gateway Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\WINDOWS\DESKTOP\SSAAD.EXE
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [OEMRUNONCE] c:\windows\options\cabs\oemrun.exe
O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\NORTON~1\DEFALERT.EXE
O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Ink Monitor] C:\PROGRA~1\EPSON\INKMON~1\InkMonitor.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Weather] C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE 1
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O8 - Extra context menu item: &Viewpoint Search - res://C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL/CXTSEARCH.HTML
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.support.f...oad/tgctlcm.cab
O16 - DPF: {3CC943C7-3C99-11D4-8135-0050041A5144} (RunExeActiveX.UserControl1) - file://C:\Program Files\Gateway\HelpSpot\RunExeActiveX.CAB
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/...gx/GrooveAX.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {8EF27A70-DD04-11D6-B7F6-00A0C9CD5F8A} - http://www.quikshield.com/qshsetup.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...ebscan_ansi.cab
  • 0

#44
Guest_usetobe_*
Posted 17 June 2005 - 03:39 PM

Guest_usetobe_*
  • Guest
hi otis.

To delete all the restore points on your computer, disable and re-enable system restore on the system. Click Start, Control Panel, and then the System icon. Click on the System Restore tab in the dialog box, select the Turn off System Restore check box, and click Apply. Clear the check box again to re-enable System Restore and then click OK.


Your log appears to be clear, however i will leave the thread open a little while whilst we make sure.

From your log, I see nothing in the ways of trojans, nor any evil entities attempting to possess your computer, except for Windows but it's too late for that one. :tazz:

Congratulations your log now appears to be clean. ;)

Here are some tips, to reduce the potential for spyware infection in the future, I strongly recommend installing the following applications:

Detect and Remove Programs:
  • How to use Ad-Aware to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware.
  • How to use Spybot to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware.
Prevention Programs:
  • Spywareblaster <= SpywareBlaster will prevent spyware from being installed.
  • Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts.
  • IE/Spyad <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
  • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
  • Google Toolbar <= Get the free google toolbar to help stop pop up windows.
Other necessary Programs:
  • AntiVirus Program<= An AntiVirus program is a must! Whether it is a free version like AVG or Anti-Vir, or a shareware version like Norton or Kapersky, this is a must have.
  • Firewall<= A firewall is definatley a must have. Two good free versions are Sygate and ZoneLabs.
  • More Secure Browser<= Internet Explorer is not the most secure and best browser. There are safer and better alternatives available. I recommend Firefox, however Opera and SlimBrowsers are good as well.
And also see TonyKlein's good advice
So how did I get infected in the first place? and AntiSpyware Net's spyware article: Spyware, Adware, Malware: What it is, how it got on my computer, how to get rid of it, and how to prevent it.
  • 0

#45
otismansfla
Posted 17 June 2005 - 09:07 PM

otismansfla

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
hello usetobe..........thank you again for your help......i click on the system icon in the control panel but the dialogue you ask for isnt there...........i will be out of town so i wont be able to read or respond for a few days.............take care and thank you again................otis
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP