First of all I'd like to thankyou so very much for having this great forum!
I've done everything you say to do at geekstogo.com for
a severe infection. I've also run other AntiSpyware programs for example: Microsoft AntiSpyware BETA1. In the Microsoft AntiSpyware BETA1 community forums I was told to come to your site for help. I have had Norton Internet Security Pro for many years.
I have had the quarantine area of Norton Anti Virus infected along with the Microsoft AntiSpyware quarantine recently infected.
After running all the programs your site recommends,
now when I run a virus report at Symantec the report is down
from 866 files infected to finding only 14. Although I
have deleted approx 1800 infected files with all the
adware/spyware removal tools geekstogo.com says to
download. I found the most effective was Ewido Security
Suite, it deleted 922 infected files after I had run many
other adware removal tools. And the online Ewido scan deleted another 226 files.
Symantec reports the following files on my computer as still infected:
C:\WINDOWS\n_adprxb.dat is infected with Adware.Iefeats
C:\WINDOWS\n_bhdtsj.dat is infected with Adware.WinProtect
C:\WINDOWS\n_dgfizo.dat is infected with Adware.Iefeats
C:\WINDOWS\n_ixxohn.dat is infected with Adware.Iefeats
C:\WINDOWS\n_nigkud.dat is infected with Adware.Iefeats
C:\WINDOWS\n_okbtnx.dat is infected with Adware.WinProtect
C:\WINDOWS\n_olslrr.dat is infected with Adware.WinProtect
C:\WINDOWS\n_ozpizl.dat is infected with Adware.WinProtect
C:\WINDOWS\n_poneyh.dat is infected with Adware.Iefeats
C:\WINDOWS\n_rojbbs.dat is infected with Adware.WinProtect
C:\WINDOWS\n_vkgunc.dat is infected with Adware.WinProtect
C:\WINDOWS\n_xpytru.dat is infected with Adware.Iefeats
C:\WINDOWS\n_yfjvdj.dat is infected with Adware.Iefeats
I have tried to remove those files with symantecs information pages but to no prevail.
I have found I still can't use the microsoft update page and I'm still
getting the aboutblank IE popup when I start my computer.
Microsoft gave me a download link for Windows XP Service
Pack 2 but I can't download it, Ive tried a dozen times
and the connection always gets cut off after about 60%
downloaded. But all other problems affected are gone.
I have joined your message board in hope that you all
can help me figure out how to remove the adware/spyware I
have left on my system.
My hijackthis log file is as follows:
Logfile of HijackThis v1.99.1
Scan saved at 12:15:53 PM, on 8/3/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security Professional\NISUM.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Norton Internet Security Professional\ccPxySvc.exe
C:\Program Files\Symantec\DeepSight Extractor\ExtractorService.exe
C:\PROGRA~1\DIRECWAY\bin\dpcproxy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\WINDOWS\System32\Smtray.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\WINDOWS\system32\pctspk.exe
C:\COMPAQ\CPQINET\CPQInet.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program Files\quickenw\QAGENT.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\DIRECWAY\BIN\dpcstart.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\DIRECWAY\bin\dpcnav.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\securitysuite.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Common Files\Symantec Shared\NMain.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Rich\My Documents\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\hybcr.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\hybcr.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\hybcr.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\hybcr.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\hybcr.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\hybcr.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Compaq
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:83
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Class - {FFB59007-30E2-88D1-986B-566D8510B4B3} - C:\WINDOWS\ieba.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [Smapp] Smtray.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [QAGENT] C:\Program Files\quickenw\QAGENT.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [msiy32.exe] C:\WINDOWS\msiy32.exe
O4 - HKLM\..\Run: [d3bx.exe] C:\WINDOWS\d3bx.exe
O4 - HKLM\..\Run: [sdkkz.exe] C:\WINDOWS\sdkkz.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - Global Startup: Dpcstart.lnk = C:\Program Files\DIRECWAY\BIN\dpcstart.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=3c01&lc=0409
O16 - DPF: Yahoo! Blackjack - http://download.game...nts/y/jt0_x.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: YExplorer1_8US.CAB - http://photos.groups...plorer1_8us.cab
O16 - DPF: {0C253E15-E096-4E07-BDF9-110895A258D4} (CamfrogWEB Control) - http://camfrogweb.co..._instmodule.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....sa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1122604899732
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {7565A160-5C60-4866-A120-F4D5B2BA3AAE} (FSLoaderCtrl Class) - http://www.clickedyc...fsloader_v3.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comne...iveSecurity.cab
O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://getdway.com/d.../dpcsysinfo.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://www.imgag.com...all/Crusher.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec....sa/SymAData.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.va...OCX/FlashAX.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalci...illama/ampx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{294205DE-7878-4C85-995F-3906D9589990}: Domain = direcway.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{294205DE-7878-4C85-995F-3906D9589990}: NameServer = 66.82.4.8
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = direcway.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{294205DE-7878-4C85-995F-3906D9589990}: Domain = direcway.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{294205DE-7878-4C85-995F-3906D9589990}: NameServer = 66.82.4.8
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = direcway.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{294205DE-7878-4C85-995F-3906D9589990}: Domain = direcway.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{294205DE-7878-4C85-995F-3906D9589990}: NameServer = 66.82.4.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = direcway.com
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\ccPxySvc.exe
O23 - Service: Deepsight Extractor (DeepsightExtractor) - Unknown owner - C:\Program Files\Symantec\DeepSight Extractor\ExtractorService.exe
O23 - Service: DIRECWAY Webcast (DPC_SRV_WEBCAST) - Hughes Network Systems - C:\PROGRA~1\DIRECWAY\bin\dpcproxy.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: DeepSight Extractor Service for NPF03 (ExtractorServiceNPF03) - Unknown owner - C:\Program Files\Symantec\DeepSight Extractor\ExtractorServiceNPF03.exe
O23 - Service: DeepSight Extractor Service for NPF04 (ExtractorServiceNPF04) - Unknown owner - C:\Program Files\Symantec\DeepSight Extractor\ExtractorServiceNPF04.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Internet Security Professional Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\NISUM.EXE
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
My Ewido Log file is as follows:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 12:53:13 AM, 8/3/2005
+ Report-Checksum: 2FE649DF
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{07D80144-9372-FEAC-AEDD-21AE8732F067} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{18EAFE7B-570B-346C-ADEF-9CDDA8A1986F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1D232F9D-941D-5CD9-732F-8F6EC1977CF2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{208BD4D8-3DA2-3736-A8E6-F3AF3479FA31} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{280CA95C-CBA3-486E-5BCD-B3B542DA458A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B5A2313-AE67-454E-9A8B-F74070E57F1B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2FB10B1F-E342-08A1-CBAA-D4A2CD2ABAC6} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{30C5202D-2CDD-8C6D-6CD3-86CBAC73988B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{32411A5D-AEB5-6507-BD50-A6A678D49817} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4C96C433-2EDC-3926-B873-410DB1199685} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{57CEBAAD-4565-C660-5FAF-624E13DBE3B7} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5F4B11A7-C0A8-0B95-8741-481C8B0029E3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{624EE67A-66C6-27E6-9794-46F79063227D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{795714A8-C9C0-E8BD-30DB-A0DA3B603993} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{826D0369-102B-4A44-F27B-D9DCC50A8EE6} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{83932FFA-626F-D818-24C0-738D1BC631BF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8669ABB2-7410-3460-F449-E119DCA24CC4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8E615C3C-F769-DC70-D84B-F21ECCE41EE6} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8E883EC3-ABB5-0CD9-EC0A-78CB81A818D1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{98832348-0E38-D102-51A5-517934760119} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9C149FC6-86A5-C649-4760-9E20AC138BED} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A5B3B4A7-6BD2-E7CE-E654-7A1D658D1BB3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{AEBAA38C-A5F4-D0FD-904B-5A1C7FCA25AF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B063B761-34B8-42D9-CBCD-08B0A1D3E8D4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BC0DC8BD-646D-FA46-8739-116B4F8B8228} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C2E5E32B-0FD0-16A5-10FE-EDA2D4478683} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C35C2F78-0E5E-F4AA-FD24-04CC74056392} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D605EAFF-2C3A-4619-43C1-4FFB062F68DE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D85FBAA5-5F33-6173-D800-EFD4E38AE63E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E24280F1-5872-DD80-6349-14510DFCB851} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EB7A1A2D-9C0D-C8D4-8A9B-F6E22A647B85} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EFC71F6E-8006-6787-AAD0-B50964B31181} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F2352FD0-B78A-FC66-EE98-5DFBF99E1F48} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FB118E8B-875C-AD27-289B-C22A5B4AA454} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FBA372DA-732C-2096-07DB-AA0E71833D10} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FDEDD1BB-EE5D-1AF2-C50B-11681C5E2A93} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SE -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SW -> Spyware.CoolWebSearch : Cleaned with backup
[1408] C:\WINDOWS\ntfg.exe -> Trojan.Agent.bi : Cleaned with backup
[2356] C:\WINDOWS\d3bx.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
[896] C:\WINDOWS\ieba.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\Documents and Settings\Rich\Cookies\[email protected][2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Rich\Cookies\rich@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\WINDOWS\addab.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addaz32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\addbo32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\adden32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addez.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\addfa32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\addfk32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\addin32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addmq32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\addna.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addnx32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addpj32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addpl.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addrt32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\addws.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\apiam.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\apiaw32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apibd32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\apibn.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apics32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\apicx32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apiel32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\apifp32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\apiig32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apikw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apimp32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apims32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apinh32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apiqr.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apirv32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\apisq32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apivk.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apivm32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apiwy32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apixy32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apizx32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appae32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appal.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appal.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\appdp.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appfh32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appgv32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appij32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appjy.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appll32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\applt.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\appmd.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\appnw.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appol32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appwc32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlbh.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlbn.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\atlcu.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\atldo.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlid32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlju.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\atlks.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atllf.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\atllq32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\atlmx.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlnq32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlpf32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlpz.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlsw.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atltv32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\atltw.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\atlup32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\atlxb.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlxl.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlxn32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\AtxTCBizControl03.ini:obdzan -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\AtxTCBizControl03.ini:swcgfs -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\AtxTCBizPref03.ini:gzkzfm -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\AtxTCBizPref03.ini:sjgwhu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\bejcr.txt:nifext -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\bipew.txt:fvbevf -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\bipew.txt:lsyprg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\bipew.txt:sdlkkd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\bzsgb.txt:rkvlse -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\bzsgb.txt:safabj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\bzsgb.txt:tixawj -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\cdzwc.txt:iwmmfd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cdzwc.txt:sinded -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cjnzx.txt:gywasl -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\cjnzx.txt:lneaeo -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\ckypu.txt:apxrhn -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ckypu.txt:lbfryg -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ckypu.txt:qrdloi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\control.ini:slagoq -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\cpyrf.txt:hixbwi -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\craf.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crbp.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\creg32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\creo.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\criy32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crju32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crlg.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\crlt.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\crmk.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\crnq.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crog32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crpp32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\crqd.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\crrd.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\crrm32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crty.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\crty32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crwi32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crxr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cscyo.txt:lsuhsu -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3bu32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3bx.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3dl32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3ed.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3en32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3fk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3hj32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3hu32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3hz.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3iv.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3ke32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3lb32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3lq32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3nc.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3nl.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3nm.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3nn32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3nw32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3vf.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3vq32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3wh.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3xb32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3xv32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3yo32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3ze32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3zt32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\d3zv32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\desktop.ini:jqwyuw -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\desktop.ini:ozddek -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\ActiveSecurity.ocx -> Not-A-Virus.VirTool.Collector : Cleaned with backup
C:\WINDOWS\dpcnav.INI:xbhbcg -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dxkbc.txt:pourav -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\eajis.txt:alkkyr -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\efaxview.ini:rvpffw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\emell.txt:igakbw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\emell.txt:iymkep -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\emell.txt:kxhhks -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\emezx.txt:jwzshh -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\fexjp.txt:amqnor -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\fexjp.txt:ibfsma -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\fexjp.txt:snpabk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fexjp.txt:xcgngm -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\fexjp.txt:ytvzxn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\fyycq.txt:naiwdb -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\gcpyr.txt:bzytkb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\gcpyr.txt:guadwk -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\gcpyr.txt:lknuft -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\gcpyr.txt:mophvo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\guxph.txt:islbyp -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\hduan.txt:frmrlh -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\hduan.txt:qajvnu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\hduan.txt:rrqlfy -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\IconList.txt:gdpuet -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\IconList.txt:ugcovq -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\IconList.txt:ztpmyd -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\ieba.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iebl32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iedd.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\iefn.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iegg32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ieja.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\iemb.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\iepd.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\iepg.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ierc32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ierm.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ietv32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ieub.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iewm.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\iexf.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iexw32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ieyh.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ieyh.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ieyl.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iezn.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\iiffn.txt:lhtfdn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipad32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ipbu.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipgc32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipia32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ipla.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipmn.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ipnw32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ipov32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ippu32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iprs32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipsz.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iptc32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipuc32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ipxb.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ipye32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipyo.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipyq32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\javabl32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javabz.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javade32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\javadp32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javahi.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javall.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javalw.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\javamc.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\javamu.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javanf.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\javann32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javany32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\javapv32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javaqb.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javaqg.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javaqv.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javarp32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javavp.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javawm32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\javaxb.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javaxq.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\javaxt32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javaxv32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\javayd.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\javayt32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javazg.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\javazv.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javazv.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\jeabw.txt:dinenc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\kdekb.txt:lnlmne -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\kdekb.txt:mqsmag -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\kdekb.txt:ziqcgd -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\lgodf.txt:nlhwoa -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\lgodf.txt:wzymsi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Living Waterfalls.scr:gbskmy -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\Living Waterfalls.scr:pwiusn -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\lsuhs.txt:hzkvga -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\lycge.txt:znmbfr -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\mfcaf.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\mfcaw.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\mfcck.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfccq.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcei32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\mfcgo.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\mfchr.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfckb32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfclq.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcly.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\mfcpy32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\mfcqf32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcqq32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\mfcsh.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcvt32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcvu32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\mfcxf.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcym32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\msaq32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mscg32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msde32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\msel.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msem32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msgh32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msgm32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msgt32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msir32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\msis32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msiy32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\msks32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msma.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\msmv32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\msoffice.ini:atxhgv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msqa.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msrj32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\msru.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msue.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\msuq32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msvw.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msvz.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mswf32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msyv.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mszc.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\mvvcb.txt:zbssxf -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\myxki.txt:rrkpnh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ndfwy.txt:tdgiod -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ndfwy.txt:tfozfs -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netbk.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netbt32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\netcn.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\netfd.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netfp32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nethg.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\netkh32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netlh32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netmd32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\netoq.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\netph32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netpv32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\netqr32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\netqw.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netue.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netue32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netva.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\netvd.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\nmmsj.txt:eqkrcn -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\nmmsj.txt:jmeagg -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ntbh.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ntdk32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nteu32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntfg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntfi.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntgz.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nthk32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nthm32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\nthy32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ntkj32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ntkl.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntmm.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ntnz32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntrp.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntrr.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\nttj32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ntvj32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ntxo32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ntye.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntzw32.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_bpokyg.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_bsashh.txt:aoicdv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_bsashh.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ckkdkn.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ctifxo.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_czbwvh.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_dnpavb.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_eilbai.txt:boswgt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_eilbai.txt:snwgnw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_eilbai.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_ezlgqi.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_fauxkx.txt:ayhlgb -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_fauxkx.txt:ifsjpj -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_fauxkx.txt:msvivb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_fauxkx.txt:reaipi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_fauxkx.txt:wkgiht -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_fauxkx.txt -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_hjozfx.txt:efkjuc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_hjozfx.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_hngnxm.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_hyfcmq.txt:csfecr -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_hyfcmq.txt:jvtakc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_hyfcmq.txt -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_kjvstb.txt:vsxkwt -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_kjvstb.txt:znaixi -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_kjvstb.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_lgskhg.txt:cwlffm -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_lgskhg.txt:laaeii -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_lgskhg.txt -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\n_lnueak.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_obnaeq.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_oeqfyw.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_osaqcc.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_rocnad.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_rypbri.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_smevmo.txt:xccbas -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_smevmo.txt -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\n_sqzpbd.txt:rykmcv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_sqzpbd.txt:wheucu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_sqzpbd.txt -> TrojanDownloader.Agent.oq : Cleaned with backup
C:\WINDOWS\n_tehjik.txt:qcvpud -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_tehjik.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_tnosek.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_umkrlp.txt:pzlvvv -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_umkrlp.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_vmdygn.txt:hlesfj -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_vmdygn.txt:ksejgo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_vmdygn.txt:mllgrf -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_vmdygn.txt -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_vzapkp.txt:slgdey -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\n_vzapkp.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_yexykt.txt:bntdil -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_yexykt.txt:cwmduv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_yexykt.txt:xxwqti -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_yexykt.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_zhljmb.txt:jaskpc -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\n_zhljmb.txt:ozljnq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_zhljmb.txt:pqoevl -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_zhljmb.txt -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_zlfscd.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\n_zqhgfh.txt:cvllwo -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\n_zqhgfh.txt:gpgutx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\n_zqhgfh.txt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\oaywu.txt:gzdopb -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\oaywu.txt:ydoibq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\oaywu.txt:yqyznh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ocwqu.txt:fooesb -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ocwqu.txt:rrjfpk -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:apgyhh -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\orun32.ini:dxfrvd -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\orun32.ini:fcvwzw -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\orun32.ini:jiuyeh -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\orun32.ini:ozngli -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\orun32.ini:xaizmu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ouwyj.txt:ysflfs -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\oyaml.txt:kvbatl -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\ozngl.txt:tkyhnv -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Palace.reg:dffxyk -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\Palace.reg:puotpr -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\Palace.reg:yjeirj -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\pdedq.txt:oyrdsa -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\QDQICK.ini:cdxqes -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\QDQICK.ini:smxfgd -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\qhbxh.txt:nptirf -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\qhbxh.txt:vehvyv -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\QUICKEN.INI:coftmt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\QUICKEN.INI:eirsxh -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\quvzp.txt:damyvl -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\raszw.txt:junmut -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\rudvi.txt:ordqlx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\rudvi.txt:ttanbd -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\sdkck32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkdc.exe -> TrojanDownloader.Agent.ap : Cleaned with backup
C:\WINDOWS\sdkfc.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkge.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkig32.dll -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkjf.exe -> TrojanDownloader.Agent.