I hope someone can help me as I have been now trying to sort this for 3 days and have only just today come across your site today. I have been experiencing loads of pop ups informing me I have spyware installed on my system, it seems to have now taken over Internet Explorer and as many scans as I have been trying whatever it is keeps coming back - to be honest I now haven't a clue what to do!
I have run all the prepartion tasks as requested and although it seemed to remove a lot of threats etc they just seem to come back. (Internet Explorer now does not work at all and I have to access the internet through BT Yahoo!)
Here is a copy of my Hijack Log (followed by the Ewido report):
Logfile of HijackThis v1.99.1
Scan saved at 17:40:49, on 23/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YPAGER.EXE
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Rach\LOCALS~1\Temp\se.dll/space.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Rach\LOCALS~1\Temp\se.dll/space.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BTopenworld
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\Program Files\E2G\IeBHOs.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {816BD0AB-1359-408A-9594-7CB7F2CF9215} - C:\WINDOWS\System32\nlcf.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: BT Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\Rach\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKLM\..\RunOnce: [MicrosoftAntiSpywareCleaner] C:\Program Files\Microsoft AntiSpyware\gcASCleaner.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [narkwk] C:\WINDOWS\System32\narkwk.exe
O4 - Global Startup: AOL 7.0 Tray Icon.lnk = C:\Program Files\AOL 7.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: BT Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - C:\Program Files\Yahoo!\browser\ysidebarIE.dll
O9 - Extra 'Tools' menuitem: BT &Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - C:\Program Files\Yahoo!\browser\ysidebarIE.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.btinternet.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} (RegUserCfgUI Class) - http://us.dl1.yimg.c..._1/yregucfg.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.../UK/install.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1129812282763
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://downloads.bro...tivePreQual.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.s...ta/SymAData.dll
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.s.../ActiveData.cab
O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} (webhelper Class) - https://register.bto...twebcontrol.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{819B6FA9-21E8-4E72-BDCD-C827B2388305}: NameServer = 194.74.65.68 194.72.9.34
O18 - Filter: text/html - {4D6101A6-AB56-48D4-BE5B-F9A6611DF701} - C:\WINDOWS\System32\nlcf.dll
O18 - Filter: text/plain - {4D6101A6-AB56-48D4-BE5B-F9A6611DF701} - C:\WINDOWS\System32\nlcf.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE
and the Ewido report
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 17:31:12, 23/10/2005
+ Report-Checksum: 9515E339
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control -> Spyware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control\CLSID -> Spyware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control\CLSID\\ -> Spyware.E2Give : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control\CurVer -> Spyware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control.1 -> Spyware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control.1\CLSID\\ -> Spyware.E2Give : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{1E1B2878-88FF-11D3-8D96-D7ACAC95951A}\TypeLib\\ -> TrojanSpy.PerfectKeylogger : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/HDPlugin1014.dll\\.Owner -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/HDPlugin1014.dll\\{DBAE7000-01EC-4162-8FEB-8A27AC937CA0} -> Spyware.Gator : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAssistant Uninstall -> Spyware.CoolWebSearch : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A} -> Spyware.Antispykeylog : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup
HKU\S-1-5-21-643571872-3238835185-2771580065-1007\Software\GIANTCompany\AntiSpyware\Alerts\2B319740-5E94-4AC4-A2FA-56B47B\\RegistryKey -> Spyware.E2Give : Cleaned with backup
HKU\S-1-5-21-643571872-3238835185-2771580065-1007\Software\GIANTCompany\AntiSpyware\Alerts\7F81E10B-EF94-4838-B65F-27A134\\RegistryKey -> Spyware.E2Give : Cleaned with backup
HKU\S-1-5-21-643571872-3238835185-2771580065-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup
HKU\S-1-5-21-643571872-3238835185-2771580065-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A} -> Spyware.Antispykeylog : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup
[516] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[540] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[584] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[596] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[736] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[796] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[836] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[876] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[928] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1088] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1112] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1120] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1300] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1324] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1364] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1520] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1556] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1624] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1868] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[324] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1540] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1664] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1640] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1820] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1944] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1980] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[1992] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[2016] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[2092] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[2228] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[2420] C:\WINDOWS\System32\narkwk.exe -> TrojanSpy.VB.eh : Cleaned with backup
[2456] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[2472] C:\WINDOWS\System32\narkwk.exe -> TrojanSpy.VB.eh : Error during cleaning
[2488] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[2532] C:\WINDOWS\System32\kwk_32.exe -> TrojanSpy.Agent.gk : Cleaned with backup
[2720] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[2756] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[2856] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[2880] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[3188] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
[3212] C:\WINDOWS\System32\kwk_32.dll -> TrojanSpy.Agent.gk : Error during cleaning
C:\Documents and Settings\Luis\Local Settings\Temporary Internet Files\Content.IE5\IR6F2GAI\exitpoplight[1].htm -> Trojan.NoClose.i : Cleaned with backup
C:\Documents and Settings\Rach\Cookies\rach@atdmt[1].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Rach\Cookies\rach@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Rach\Cookies\rach@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Rach\Cookies\rach@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Rach\Local Settings\Temp\Cookies\rach@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl4khdpsdpgmdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Rach\Local Settings\Temp\ei.exe.tcf -> TrojanDownloader.Small.bgl : Cleaned with backup
C:\Documents and Settings\Rach\Local Settings\Temp\jnnf.exe.tcf -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Rach\Local Settings\Temp\phnh.exe.tcf -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Rach\Local Settings\Temporary Internet Files\Content.IE5\85INW12V\ei[1].exe.tcf -> TrojanDownloader.Small.bgl : Cleaned with backup
C:\Documents and Settings\Rach\Local Settings\Temporary Internet Files\Content.IE5\LGKRDLC5\mm[1].js -> Spyware.Chitika : Cleaned with backup
C:\Documents and Settings\Rach\Local Settings\Temporary Internet Files\Content.IE5\OTUFK5EN\wbk244.tmp -> TrojanDropper.Zerolin : Cleaned with backup
C:\Documents and Settings\Will\Cookies\[email protected][1].txt -> Spyware.Cookie.Itrack : Cleaned with backup
C:\Program Files\E2G\IeBHOs.dll -> Spyware.E2Give : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1468C2F5-D806-4559-80D5-0C41FA\33D04B22-1AD9-4A53-B601-B04DD8 -> Spyware.E2Give : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\46E18FB0-DC0C-41DE-BA5F-449E96\829EEFA4-8510-4D92-8112-BE6AC1 -> Spyware.E2Give : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP1\A0000003.dll -> Spyware.E2Give : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP1\A0000304.exe -> TrojanSpy.Perfectkeylogger.153 : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP1\A0000305.dll -> Not-A-Virus.Monitor.Perflogger.i : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP1\A0000306.exe.tcf -> TrojanSpy.Agent.f : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP1\A0000307.exe.tcf -> TrojanSpy.Agent.f : Cleaned with backup
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP1\A0000308.exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\btwebcontrol.dll -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\SYSTEM32\kwk_32.exe -> TrojanSpy.Agent.gk : Cleaned with backup
C:\WINDOWS\SYSTEM32\narkwk.exe -> TrojanSpy.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\__delete_on_reboot__kwk_32.dll -> TrojanSpy.Agent.gk : Cleaned with backup
::Report End
Please help!!
Sign In
Create Account
