Thanks! Things appear back to normal. here are the scans.
Logfile of HijackThis v1.99.1
Scan saved at 4:24:55 PM, on 7/21/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Juno\exec.exe
c:\jetsuite\jsdaemon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\jetsuite\JETSTAT.EXE
C:\WINDOWS\wanmpsvc.exe
c:\jetsuite\JSFMAN.EXE
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\America Online 9.0\aolwbspd.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\CSA\Hijack this\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://my.juno.com/s/spR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell4me.com/mywayR3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\JUSearch\SearchEnh1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: JunoBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\Juno\toolbar.dll
O3 - Toolbar: JunoBar - {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - C:\Program Files\Juno\Toolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKCU\..\Run: [Juno_uoltray] C:\Program Files\Juno\exec.exe regrun
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\JUSearch\hcm.exe" -w
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: Check For Dope Wars Updates.lnk = C:\Program Files\Dopewars\WiseUpdt.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: DllCmd32.lnk = C:\jetsuite\DLLCMD32.EXE
O4 - Global Startup: HP LaserJet 3100 Status.lnk = C:\jetsuite\JETSTAT.EXE
O8 - Extra context menu item: &Search -
http://bar.mywebsear...?p=ZBzeb030YYUSO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} -
http://wwws.musicmat...enWebRadio.html (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://my.juno.com/s/sp
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoft.../as5/asinst.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{FC3939DF-90AA-4FF8-BB8A-70AAC58C8CA9}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: jsdaemon - JetFax, Inc. - c:\jetsuite\jsdaemon.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Pre-run Files Present
~~~ Program Files ~~~
AntiVirusGold
~~~ Shortcuts ~~~
Online Dating.lnk
~~~ Favorites ~~~
adult
cars
sexual life
shopping
job search.url
poker.url
Online Gambling.url
online dating.url
Black Jack Online.url
Online Pharmacy\Adipex.url
Black Jack Online.url
Home Loan.url
Network Security.url
Online Dating.url
Online Pharmacy.url
Remove Spyware.url
Spam Filters.url
Take It Here - Free * TGP.url
Web Detective.url
Online Gambling folder
Online Pharmacy folder
~~~ system32 folder ~~~
oleadm.dll
intel32.exe
oleadm32.dll
wp.bmp
intmonp.exe
ole32vbs.exe
msole32.exe
hp***.tmp
shnlog.exe
intmon.exe
hhk.dll
logfiles
~~~ Windows directory ~~~
screen.html
sites.ini
popuper.exe
~~~ Drive root ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Post-run Files Present
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Wininet.dll ~~~
CLEAN!
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 3:13:55 PM, 7/21/2005
+ Report-Checksum: 1731B0B1
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FF8DA190-3574-11D4-8068-0060082AE372} -> Spyware.BingoFun : Cleaned with backup
C:\Program Files\Common Files\nlfnbtft\nrlrerbnnp\barhlbppl.exe -> Adware.Gator : Cleaned with backup
C:\Program Files\Common Files\nlfnbtft\pjtrcanr\jcrjlarl.exe -> Adware.Gator : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP277\A0027427.exe -> TrojanDropper.Small.aaw : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP284\A0028520.DLL -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0028595.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0028596.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0028625.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0029595.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0029597.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0029617.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0030596.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0030598.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0031596.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0031597.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0032595.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0032596.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0032616.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0032622.exe -> Trojan.Favadd.ae : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0032646.exe -> Trojan.Puper.ab : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0032647.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP289\A0032648.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP290\A0032672.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP293\A0032722.exe -> Trojan.Puper.ab : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP293\A0032723.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP293\A0032724.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP293\A0032751.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP293\A0032756.exe -> Trojan.Puper.ab : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP293\A0032757.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP293\A0032760.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP293\A0032779.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032821.dll -> Adware.Gator : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032822.dll -> Adware.Gator : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032823.dll -> Adware.Gator : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032824.exe -> Adware.Gator : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032931.DLL -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032934.EXE -> Spyware.Wesbar : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032936.DLL -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032938.DLL -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032939.SCR -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032941.DLL -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032942.EXE -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032943.DLL -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032944.DLL -> Spyware.Wesbar : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032945.DLL -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032946.DLL -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032956.DLL -> Spyware.MyWebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032960.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032961.exe -> Trojan.Puper.ab : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032962.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032969.exe -> Trojan.Puper.ab : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032970.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP294\A0032971.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP295\A0033969.exe -> Trojan.Puper.ab : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP295\A0033970.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP295\A0033971.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP296\A0034001.exe -> Trojan.Favadd.ae : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP296\A0034009.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP296\A0034014.exe -> Trojan.Puper.w : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP296\A0034015.exe -> Trojan.Puper.ab : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP296\A0034017.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP297\A0034069.exe -> Trojan.Puper.aa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP297\A0034151.dll -> Trojan.Puper.t : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP297\A0034227.exe -> TrojanDownloader.Zlob.q : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP297\A0034238.exe -> Trojan.Agent.ff : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP297\A0034298.exe -> Trojan.Small.eu : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP297\A0034302.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP297\A0034307.exe -> Trojan.Puper.w : Cleaned with backup
C:\WINDOWS\SYSTEM32\f3PSSavr.scr -> Spyware.MyWebSearch : Cleaned with backup
::Report End
Incident Status Location
Adware:adware/funweb No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\f3initialsetup1.0.0.8.inf
Adware:adware/popuper No disinfected C:\DOCUMENTS AND SETTINGS\ALL USERS\DESKTOP\Remove Spyware.url
Adware:adware/mywebsearch No disinfected HKEY_CLASSES_ROOT\CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239}
Adware:adware/myway No disinfected HKEY_LOCAL_MACHINE\software\classes\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-117173c4-5724410f.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-14336c1d-647d6d8c.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-18277250-1bea9d84.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-1fed52ea-4392746b.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-2d846299-66882e5e.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-328e5f69-2a97fea7.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-3873b1a5-1746daad.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-408f90f9-16a120a8.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-44a144ed-14ff1c1d.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-66e1ddb8-405aebaa.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-7b55500e-2eac0c88.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\NAPERVILLE\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-8687c6b-4b8c8b25.zip[Dummy.class]
Adware:Adware/FunWeb No disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.8.inf