OK, I did everything that was to be done. But, the ccleaner does not show up in safe mode. I ran it in normal mode.
Here is the HJT log
Logfile of HijackThis v1.99.1
Scan saved at 1:34:49 PM, on 7/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ShortKeys2\shklite.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\turyb.dll/sp.html#44768
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://my.ebay.com/w...y...H:MYEBAY:USR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://websearch.drs...esearch.cgi?id=R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\turyb.dll/sp.html#44768
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://websearch.drs...esearch.cgi?id=R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://websearch.drs...esearch.cgi?id=R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.sony.com/vaiopeopleR3 - Default URLSearchHook is missing
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: ShortKeys Lite.lnk = C:\Program Files\ShortKeys2\shklite.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_07\bin\npjpi142_07.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_07\bin\npjpi142_07.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.t...all/xscan60.cabO16 - DPF: {163A949D-2A1F-4B4C-AE46-83D0F59BE189} (X4 Control) -
http://192.168.2.104/XHD.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....738&clcid=0x409O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
http://us.chat1.yimg...v45/yacscom.cabO16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.r...ip/RdxIE601.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupd...b?1101941899821O16 - DPF: {7CDD074F-98A9-4DB4-9DD2-B6F26B5F30DA} (InstallerAX Class) -
http://foxmovies.a.c...installerAX.cabO16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) -
http://chat.yahoo.com/cab/yacsui.cabO16 - DPF: {7EC687F9-9EFB-4FA3-A5BA-197C3461448A} (Rm Control) -
http://67.67.86.193/RM.cabO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2) -
https://java.sun.com...indows-i586.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.popcap.co...aploader_v6.cabO16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) -
http://www.sparedoll...age/XUpload.ocxO18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
Here is the Ewido scan
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 1:07:59 PM, 7/29/2005
+ Report-Checksum: D3504700
+ Scan result:
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
[840] c:\windows\system32\vnbfetn.exe -> Adware.BetterInternet : Cleaned with backup
:mozilla.14:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.36:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.37:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.38:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.39:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.137:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.138:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.139:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.151:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.152:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.153:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.154:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.155:C:\Documents and Settings\bilall suleman\Application Data\Mozilla\Firefox\Profiles\hpxzu9ny.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\bilall suleman\Cookies\bilall suleman@abetterinternet[1].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\bilall suleman\Cookies\bilall
[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\bilall suleman\Cookies\bilall
[email protected][2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\bilall suleman\Cookies\bilall suleman@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\bilall suleman\Cookies\bilall
[email protected][2].txt -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Documents and Settings\bilall suleman\Cookies\bilall suleman@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\bilall suleman\Cookies\bilall
[email protected][1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Documents and Settings\bilall suleman\Local Settings\Temp\180sainstallernusalm.exe/clientax.dll -> Spyware.180Solutions : Cleaned with backup
C:\Documents and Settings\bilall suleman\Local Settings\Temp\Cookies\bilall
[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\bilall suleman\Local Settings\Temp\Cookies\bilall
[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\bilall suleman\Local Settings\Temp\Cookies\bilall
[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\0DB38A3C-A96A-48C9-9DE6-CB0166\15C112F7-F8E5-4F18-8D04-B9FF00 -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1E54BBDC-45CE-4900-9EFD-4973CC\7E7EAEED-7826-4DF1-A7AB-B5172F -> TrojanDownloader.IstBar.jm : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1E54BBDC-45CE-4900-9EFD-4973CC\A4D0D7E7-9CCF-48DB-9D36-6D6B79 -> TrojanDownloader.IstBar.jm : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1F4693D6-6543-4B4C-830F-62E3A9\34DE9390-A83B-4E5D-A015-F4A106 -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\406E74C9-45E8-415B-8EA2-8238AA\096AB18B-E9EA-4548-9E0E-7FFD54 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\837CA503-7754-41DC-A870-1CEC36\2E52A1C1-EED3-4352-8421-928957 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\837CA503-7754-41DC-A870-1CEC36\316AD56A-0653-4FF5-8A78-F5F019 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\837CA503-7754-41DC-A870-1CEC36\5B20DF7F-FBCC-4B81-B86A-F5E575 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\837CA503-7754-41DC-A870-1CEC36\60755A0D-BC26-4853-A060-9A5CBC -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\88E3DD3C-9F85-4881-A70E-CA18A6\51C63F21-72F9-41AF-B37E-59A860 -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\8F5561FF-6A91-4743-B94F-233866\CA6A758C-3920-48ED-AF1B-FFCA27 -> TrojanDownloader.Agent.ex : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98AAFE24-B037-4290-BC6B-94A576\01749DF6-9F6A-4122-B2FC-442357 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98AAFE24-B037-4290-BC6B-94A576\C0AAD91C-E473-4C5D-8005-B40BEF -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98AAFE24-B037-4290-BC6B-94A576\DA242039-33EE-4591-84E0-35D8D0 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\98AAFE24-B037-4290-BC6B-94A576\EA1E3677-C183-4F57-A47A-E49ED3 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\B87C964B-57EE-4771-9AD0-76A2A7\2483E8E9-394A-4792-83FF-04267F -> Spyware.Pacer : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\BD0816E2-E58D-445E-8D74-C794C4\076F8BF0-84AA-49B0-B027-55010F -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\C84BE41D-C55E-46B6-B46C-A0537E\A49D3838-829B-4681-848D-BB5CE9 -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\C90BA6B4-E6BB-49C5-BD95-FFB2D2\3E19984D-5820-4715-B275-69A8B5 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\C90BA6B4-E6BB-49C5-BD95-FFB2D2\CF8B3470-6803-4E02-A085-B4985D -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\C90BA6B4-E6BB-49C5-BD95-FFB2D2\F1FC28B2-C5E9-4F92-9F28-5ED69E -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\C90BA6B4-E6BB-49C5-BD95-FFB2D2\F98EC7FC-5D22-4FDB-8D8C-997A59 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E096FC8E-65A5-46E5-BE51-DF5596\47B94950-6893-48A7-A4FE-68B8CB -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E69B7480-8B99-4A17-B52A-9D0988\000C6562-623D-4BE4-9994-7981EF -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E69B7480-8B99-4A17-B52A-9D0988\65DADF98-A49E-4285-8A1C-2F9467 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E69B7480-8B99-4A17-B52A-9D0988\BF83E2AB-73C9-45C5-BDB3-64BCF6 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E69B7480-8B99-4A17-B52A-9D0988\F08D2978-196C-4615-BBD7-0AA10D -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Mozilla Firefox\plugins\npzango.dll -> Spyware.WinAD : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.PornWare.PopCap.b : Cleaned with backup
C:\WINDOWS\dsr.dll -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\dsr.exe -> Trojan.Imiserv.c : Cleaned with backup
C:\WINDOWS\iryth.txt:tsbed -> TrojanDownloader.Agent.kd : Cleaned with backup
C:\WINDOWS\jdkcwr.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\Model.txt:jmvgw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\vnbfetn.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\Temp\b.com -> TrojanDropper.Agent.pb : Cleaned with backup
::Report End