Logfile of HijackThis v1.99.1
Scan saved at 4:22:25 PM, on 6/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\Google\Gmail Notifier\G001-1.0.24.0\gnotify.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\HPJETDSC.EXE
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\Program Files\Sony\OpenMG Jukebox\Omgtray.exe
C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
C:\Program Files\McAfee\McAfee VirusScan\Webscanx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://searchbar.fin...iteyouneed.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://searchbar.fin...iteyouneed.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://searchbar.fin...iteyouneed.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.mdg.caR1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
http://searchbar.fin...iteyouneed.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://websearch.drs...esearch.cgi?id=R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://websearch.drs...esearch.cgi?id=R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://default-homep.../start.cgi?hklmR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://websearch.drs...esearch.cgi?id=R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://websearch.drs...esearch.cgi?id=R3 - URLSearchHook: IncrediFindBHO Class - {0026AD90-C86F-4269-97F3-DAB4897C6D06} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O1 - Hosts: 80.69.74.15 auto.search.msn.com
O2 - BHO: F1 Organizer Class - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\System32\ATPART~1.DLL (file missing)
O2 - BHO: NavErrRedir Class - {0026AD90-C86F-4269-97F3-DAB4897C6D06} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll (file missing)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {302A3240-4805-4a34-97D7-1645A0B08410} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [lar] C:\WINDOWS\system32\llass.exe
O4 - HKLM\..\Run: [easywww] C:\windows\easywww2.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Alogserv] C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKLM\..\Run: [sgsm32m] C:\WINDOWS\system32\sgsm32m.exe
O4 - HKLM\..\Run: [sjter40m] C:\WINDOWS\system32\sjter40m.exe
O4 - HKLM\..\Run: [kvdqyji] rundll32 C:\WINDOWS\system32:kvdqyji.dll,Init 1
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.24.0\gnotify.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [lar] C:\WINDOWS\system32\llass.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HP JetDiscovery] HPJETDSC.EXE
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /startmonitor
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: OpenMG Jukebox Startup.lnk = C:\Program Files\Sony\OpenMG Jukebox\Omgtray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.mdg.ca
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zon...kr.cab30149.cabO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zon...er.cab30149.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab30149.cabO20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVSync Manager (AvSynMgr) - Networks Associates Technologies, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 4:12:41 PM, 6/11/2005
+ Report-Checksum: 2CB70310
+ Date of database: 6/11/2005
+ Version of scan engine: v3.0
+ Duration: 23 min
+ Scanned Files: 46956
+ Speed: 32.95 Files/Second
+ Infected files: 111
+ Removed files: 111
+ Files put in quarantine: 111
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0
+ Binder: Yes
+ Crypter: Yes
+ Archives: No
+ Scanned items:
C:\
D:\
+ Scan result:
C:\Documents and Settings\admin\Cookies\admin@advertising[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\admin\Cookies\admin@atdmt[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\admin\Cookies\admin@bfast[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\admin\Cookies\admin@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\admin\Cookies\
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\admin\Cookies\
[email protected][2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\admin\Local Settings\Temp\polmx.exe -> TrojanDownloader.Agent.ae -> Cleaned with backup
C:\Documents and Settings\admin\Local Settings\Temp\THI560D.tmp\farmmext.exe -> Spyware.ConsCorr -> Cleaned with backup
C:\Documents and Settings\admin\Local Settings\Temp\wupdt.exe -> TrojanDownloader.Intexp -> Cleaned with backup
C:\Documents and Settings\D\Cookies\d@276[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\d@5[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\d@6[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\
[email protected][2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\d@advertising[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\d@atdmt[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\d@bfast[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\d@fastclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\d@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\d@S126436[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\d@S150137[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Cookies\
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\D\Local Settings\Temp\DrTemp\INTLRECO.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\D\Local Settings\Temp\polall1m.exe -> TrojanDownloader.Agent.ae -> Cleaned with backup
C:\Documents and Settings\D\Local Settings\Temp\preInsTT.exe -> Trojan.KeyHost.e -> Cleaned with backup
C:\Documents and Settings\D\Local Settings\Temp\twaintec.dll -> Spyware.BiSpy.t -> Cleaned with backup
C:\Documents and Settings\Ed\Cookies\
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Ed\Cookies\ed@bluestreak[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Ed\Cookies\ed@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Ed\Cookies\ed@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Ed\Cookies\ed@real[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Ed\Cookies\ed@tribalfusion[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\APC\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\APL\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\BTH\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\BZL\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\cd_clint.dll -> Spyware.Cydoor -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\CKY\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\Del8.tmp -> Spyware.180solutions -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\DFN\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\djtopr1150.exe -> Spyware.WebRebates.g -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\EAC\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\EHD\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\EJN\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\FTU\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\GKN\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\GRM\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\GTJ\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\HQP\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\HXQ\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\jkill.exe -> Spyware.VX2 -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\KYJ\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\LIQ\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\MBI\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\MVT\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\RIH\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\RZP\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\SFG\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\SSM\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\SZY\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\THI1574.tmp\preInsTT.exe -> Trojan.KeyHost.e -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\THI1574.tmp\twaintec.dll -> Spyware.BiSpy.c -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\THI40C1.tmp\preInsTT.exe -> Trojan.KeyHost.e -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\THI40C1.tmp\twaintec.dll -> Spyware.BiSpy.c -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\TLE\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\TWK\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\UWG\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\VVC\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\WMV\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\WZN\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\XSQ\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\YDF\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\Ed\Local Settings\Temp\ZYF\aurareco.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Program Files\Common Files\SearchUpgrader\SearchUpgrader.exe -> TrojanDownloader.Keenval.g -> Cleaned with backup
C:\Program Files\IncrediFind\BHO\IncFindBHO180.dll -> Trojan.Keenval.a -> Cleaned with backup
C:\Program Files\MyWay\myBar\1.bin\MY2NS.EXE -> Spyware.MyWay.b -> Cleaned with backup
C:\Program Files\MyWay\myBar\1.bin\MYWAYPLUGINPROXY.CLASS -> Spyware.MyWay -> Cleaned with backup
C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL -> Spyware.MyWay.e -> Cleaned with backup
C:\updaterInstall_112.exe -> TrojanDownloader.Keenval -> Cleaned with backup
C:\WINDOWS\$NtServicePackUninstall$\netmeet.htm -> Worm.Nimda -> Cleaned with backup
C:\WINDOWS\96wu19rd.exe -> TrojanDropper.Small.gt -> Cleaned with backup
C:\WINDOWS\Bolger.dll -> Spyware.BetterInternet -> Cleaned with backup
C:\WINDOWS\farmmext.exe -> Spyware.ConsCorr -> Cleaned with backup
C:\WINDOWS\ncmyb.dll -> Spyware.180solutions -> Cleaned with backup
C:\WINDOWS\nfvbluikpcz.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\WINDOWS\polmx.exe -> TrojanDownloader.Agent.ae -> Cleaned with backup
C:\WINDOWS\preInsTT.exe -> Trojan.KeyHost.e -> Cleaned with backup
C:\WINDOWS\redirect9a.exe -> Spyware.VB.ge -> Cleaned with backup
C:\WINDOWS\systb.dll -> Spyware.ToolBar.ImiBar.b -> Cleaned with backup
C:\WINDOWS\systb.exe -> Trojan.Imiserv.c -> Cleaned with backup
C:\WINDOWS\system32\ATPartners.dll -> TrojanDownloader.Rameh.c -> Cleaned with backup
C:\WINDOWS\system32\BO2809040510.exe -> Spyware.VirtualBouncer.d -> Cleaned with backup
C:\WINDOWS\system32\dyrmjnd.exe -> Trojan.Agent.cp -> Cleaned with backup
C:\WINDOWS\system32\in10b6s.dll -> Trojan.Revop.c -> Cleaned with backup
C:\WINDOWS\system32\MegasearchBarSetup.exe -> Spyware.MegaSearch -> Cleaned with backup
C:\WINDOWS\system32\msbb.exe -> Spyware.180solutions -> Cleaned with backup
C:\WINDOWS\system32\msbb321.dll -> Spyware.180solutions -> Cleaned with backup
C:\WINDOWS\system32\PopOops.dll -> Spyware.VirtualBouncer.g -> Cleaned with backup
C:\WINDOWS\system32\PopOops2.dll -> Spyware.VirtualBouncer.g -> Cleaned with backup
C:\WINDOWS\system32\redirect5.exe -> Spyware.DotComMisc.ToolBar.b -> Cleaned with backup
C:\WINDOWS\system32\SWLAD1.dll -> Spyware.VirtualBouncer.g -> Cleaned with backup
C:\WINDOWS\system32\SWLAD2.dll -> Spyware.VirtualBouncer.g -> Cleaned with backup
C:\WINDOWS\system32\SWRT01.dll -> Spyware.VirtualBouncer.g -> Cleaned with backup
C:\WINDOWS\system32\WebRebates.exe -> Spyware.WebRebates.b -> Cleaned with backup
C:\WINDOWS\Temp\Altnet\bdedownloader.dll -> Spyware.Altnet.b -> Cleaned with backup
C:\WINDOWS\Temp\Altnet\dman25.dll -> Spyware.BrillianDigital -> Cleaned with backup
C:\WINDOWS\wupdsnff.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\WINDOWS\wupdt.exe -> TrojanDownloader.Intexp -> Cleaned with backup
::Report End