Logfile of HijackThis v1.99.1
Scan saved at 12:57:56 PM, on 10/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\cisvc.exe
C:\WINNT\ehome\ehSched.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\ehome\ehtray.exe
C:\WINNT\system32\CTHELPER.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Gateway Utilities\GWInkMonitor.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Thomson multimedia\RCA Lyra MP3 Jukebox\Profiler\LYRAHDDProfilerTrayApp.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\WINNT\ehome\ehmsas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\SIGMA\Photo Pro\SIGMA_AutoLaunch.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINNT\System32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINNT\system32\cleanmgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\WINNT\system32\cidaemon.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 207.80.59.209:80
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\ycomp5_2_3_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_2_3_0.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINNT\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway Utilities\GWInkMonitor.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [LyraHDProfiler] "C:\Program Files\Thomson multimedia\RCA Lyra MP3 Jukebox\Profiler\LYRAHDDProfilerTrayApp.exe"
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [NI.UWAS5LP_0001_0811] "C:\Documents and Settings\JD\Local Settings\Temporary Internet Files\Content.IE5\2P0V8NAJ\WAS5Scan[1].exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Keyboard Preload Check] C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:Keyboard Preload Check
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - Startup: SIGMA Photo Pro AutoLaunch.lnk = C:\Program Files\SIGMA\Photo Pro\SIGMA_AutoLaunch.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Free WebSite Tools.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zon...kr.cab27571.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) -
http://go.microsoft....738&clcid=0x409O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zon...er.cab28578.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai...all/xscan53.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...StatsClient.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) -
http://us.dl1.yimg.c.../ymmapi_416.dllO16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) -
http://chat.yahoo.com/cab/yvwrctl.cabO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 12:48:14 PM, 10/16/2005
+ Report-Checksum: D5B70C0D
+ Scan result:
HKLM\SOFTWARE\Altnet -> Spyware.Altnet : Error during cleaning
HKLM\SOFTWARE\Altnet\Dashboard -> Spyware.Altnet : Error during cleaning
HKLM\SOFTWARE\Altnet\Dashboard\Messages -> Spyware.Altnet : Error during cleaning
HKLM\SOFTWARE\Altnet\Dashboard\Settings -> Spyware.Altnet : Error during cleaning
HKLM\SOFTWARE\Altnet\Dashboard\Setup -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\Dashboard\Temp Internet Shares -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\LocalFiles -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\TopSearch -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25.1 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25.1\CLSID\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4.1 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4.1\CLSID\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\adm.EXE\\AppID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE\\AppID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\BHO.PerfectNavBHO -> Spyware.KeenValue : Cleaned with backup
HKLM\SOFTWARE\Classes\BHO.PerfectNavBHO\CLSID -> Spyware.KeenValue : Cleaned with backup
HKLM\SOFTWARE\Classes\BHO.PerfectNavBHO\CLSID\\ -> Spyware.KeenValue : Cleaned with backup
HKLM\SOFTWARE\Classes\BHO.PerfectNavBHO\CurVer -> Spyware.KeenValue : Cleaned with backup
HKLM\SOFTWARE\Classes\BHO.PerfectNavBHO.1 -> Spyware.KeenValue : Cleaned with backup
HKLM\SOFTWARE\Classes\BHO.PerfectNavBHO.1\CLSID\\ -> Spyware.KeenValue : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{21FFB6C0-0DA1-11D5-A9D5-00500413153C} -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{8B8F6968-2F24-41E3-B653-E9613226F14D} -> Spyware.KeenValue : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{8B8F6968-2F24-41E3-B653-E9613226F14D}\TypeLib\\ -> Spyware.SearchUpgrader : Cleaned with backup
HKLM\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX\CLSID\\ -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX.1\CLSID\\ -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{DE289BFA-737B-4ABB-A4EC-F8753551B875} -> Spyware.SearchUpgrader : Cleaned with backup
HKLM\SOFTWARE\Classes\WinadX.Installer -> Spyware.BlazeFind : Cleaned with backup
HKLM\SOFTWARE\Classes\WinadX.Installer\CLSID -> Spyware.BlazeFind : Cleaned with backup
HKLM\SOFTWARE\Classes\WinadX.Installer\CLSID\\ -> Spyware.WinFavorites : Cleaned with backup
HKLM\SOFTWARE\Cydoor -> Spyware.Cydoor : Cleaned with backup
HKLM\SOFTWARE\Gator.com -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\AppInfo -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\CMEII -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gs -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/Install.dll\\.Owner -> Spyware.CnsMin : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/Install.dll\\{205FF73B-CA67-11D5-99DD-444553540006} -> Spyware.CnsMin : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/WinadX.dll\\.Owner -> Spyware.WinFavorites : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/WinadX.dll\\{15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -> Spyware.WinFavorites : Cleaned with backup
HKU\S-1-5-21-4011730921-3500939666-135915560-500\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup
C:\Documents and Settings\JD\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-6fd9f626-52f8636b.class -> TrojanDownloader.Small.wv : Cleaned with backup
C:\Documents and Settings\JD\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-487b52a0-26266d45.zip/Beyond.class -> TrojanDropper.Beyond.g : Cleaned with backup
C:\Documents and Settings\JD\Cookies\jd@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\JD\Cookies\jd@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\JD\Cookies\jd@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\JD\Cookies\jd@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\JD\Cookies\
[email protected][1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\JD\Cookies\jd@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\JD\Cookies\jd@valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\JD\Desktop\My Stuff\Programs\Setup.exe -> Spyware.AlexaBar : Cleaned with backup
C:\Documents and Settings\Kayla\Local Settings\Application Data\Wildtangent\Cdacache\00\00\0F.dat/files\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
C:\Program Files\Altnet -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\My Altnet Shares -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.cab -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.ivd.cab -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab (incomplete) -> Spyware.Altnet : Cleaned with backup
C:\Program Files\BullsEye Network -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\BullsEye Network\ad.dat -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\BullsEye Network\ub.dat -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Common Files\Sony Shared\Visualizer\ExlGen.dll -> Dialer.Generic : Cleaned with backup
C:\Program Files\ISTbar -> Spyware.ISTBar : Cleaned with backup
C:\Program Files\ISTbar\navmain.bmp -> Spyware.ISTBar : Cleaned with backup
C:\Program Files\ISTbar\search.bmp -> Spyware.ISTBar : Cleaned with backup
C:\Program Files\ISTbar\version_xml.php -> Spyware.ISTBar : Cleaned with backup
C:\Program Files\ISTbar\xml_istbar.php -> Spyware.ISTBar : Cleaned with backup
C:\Program Files\Mightsoft\Audio Editor Pro\areditor.exe -> Backdoor.Agobot.we : Cleaned with backup
C:\Program Files\Save -> Spyware.SaveNow : Cleaned with backup
C:\Program Files\Save\ReadMe.txt -> Spyware.SaveNow : Cleaned with backup
C:\Program Files\Save\save.db -> Spyware.SaveNow : Cleaned with backup
C:\Program Files\Save\save.htm -> Spyware.SaveNow : Cleaned with backup
C:\Program Files\Save\store.db -> Spyware.SaveNow : Cleaned with backup
C:\Program Files\Web_Rebates -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Ap1150 -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Ap1150\merc1187.dat -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Ap1150\psid1187.dat -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Ap1150\topr1150.dat -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Da1150 -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Da1150\1150sh.dat -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Da1150\41b5360c7efd.dat -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Da1150\JD -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Da1150\JD\41b53614383f.dat -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\README.txt -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150 -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\foot1150c_rb.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\foot1150c_ub.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\f_popo1150c_rb.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\f_popo1150c_ub.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\f_spec1150c_rb.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\f_spec1150c_ub.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\popo1150c.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\pref1150c.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\remv1150c.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\scri1150a.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Html\spec1150c.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Images -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Images\p.gif -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Images\topr_c_envelope.gif -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Images\topr_c_footer.gif -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Images\topr_c_hdr_autotrack_remove.gif -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Images\topr_c_hdr_settings.gif -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Images\topr_c_hdr_settings_toprebates.gif -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Images\topr_c_pop_circles.gif -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Images\topr_c_pop_circles_bg2.gif -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Sy1150 -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Sy1150\1150_0.dat -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Sy1150\1150_1.dat -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Sy1150\1150_2.dat -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150 -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\foot1150c_rb.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\foot1150c_ub.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\f_popo1150c_rb.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\f_popo1150c_ub.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\f_spec1150c_rb.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\f_spec1150c_ub.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\log.txt -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\popo1150c.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\pref1150c.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\remv1150c.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm -> Spyware.WebRebates : Cleaned with backup
C:\Program Files\Web_Rebates\Sy1150\Tp1150\spec1150c.htm -> Spyware.WebRebates : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP670\A0088003.sys -> Trojan.Rootkit.Agent.af : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP675\A0091417.exe -> Spyware.AlexaBar : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP675\A0091418.exe -> Spyware.AlexaBar : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP686\A0094496.dll -> TrojanDownloader.Small.bpk : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP690\A0097837.dll -> Spyware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP696\A0100075.dll -> Spyware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP696\A0100566.dll -> TrojanDownloader.ConHook.k : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP697\A0100594.dll -> Spyware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP697\A0100606.dll -> Spyware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP697\A0100619.dll -> Spyware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{14777EC5-8DD8-4F5E-8CCA-9D8D102AA20D}\RP697\A0100632.dll -> Spyware.Virtumonde : Cleaned with backup
C:\WINNT\system32\drivers\df_kmd.sys -> Trojan.Rootkit.Agent.af : Cleaned with backup
C:\WINNT\system32\mac80ex.idf/C:/WINNT/system32/msbe.dll -> Spyware.BargainBuddy : Cleaned with backup
C:\WINNT\system32\mac80ex.idf/C:/Program Files/BullsEye Network/bin/bargains.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINNT\system32\mac80ex.idf/C:/Program Files/BullsEye Network/bin/adv.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINNT\system32\mac80ex.idf/C:/Program Files/BullsEye Network/bin/adx.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINNT\wt\wtupdates\webd\4.1.1\files\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
C:\WINNT\wt\wtupdates\wtwebdriver\files\3.3.1.001\npwthost.dll -> Spyware.WildTangent : Cleaned with backup
C:\WINNT\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
C:\WINNT\wt\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
::Report End