I have done everything that you told me to do and apparently the ad popups are gone. But the infected files detected from the panda scan are still in my computer. What should I do about that? Thank you for all your help. Here are the logs:
Hijackthis log:Logfile of HijackThis v1.99.1
Scan saved at 12:41:40 AM, on 12/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\GetRight\getright.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.62.19.139:80
R3 - Default URLSearchHook is missing
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: C:\WINDOWS\adsldpbe.dll - {7507739F-BC2E-4DC3-B233-816783C25DC9} - C:\WINDOWS\adsldpbe.dll (file missing)
O2 - BHO: (no name) - {DA223E41-3F7F-4B2B-8CC8-22C6A1197EEB} - C:\WINDOWS\prflbmsgp32.dll (file missing)
O4 - HKLM\..\Run: [workflo] D:\install\WorkFlow.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Dgxyfo] C:\Program Files\Qynqx\Cwcombc.exe
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [o8jfc0Ph$vùõš/‚²‘ÆC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\uoxxls.exe
O4 - HKLM\..\Run: [o8jfc0PhP] C:\WINDOWS\uoxxls.exe
O4 - HKLM\..\Run: [uF3g34i] mf3bkup.exe
O4 - HKLM\..\Run: [Á³# K"h'þ9Óœ÷3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\uoxxls.exe
O4 - HKLM\..\Run: [winupdate] C:\Program Files\winupdate\winupdate.exe /auto
O4 - HKLM\..\Run: [EPSON Stylus CX5400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE /P19 "EPSON Stylus CX5400" /O6 "USB001" /M "Stylus CX5400"
O4 - HKLM\..\Run: [KAV50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe" -run -n PersonalPro -v 5.0.0.0
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [p2pnetworking] p2pnetworking.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\RunServices: [p2pnetworking] p2pnetworking.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [fosmRQG3U] symntfy.exe
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [alexa] c:\windows\alexa.exe
O4 - HKCU\..\Run: [ClearCookies] C:\WINDOWS\cc.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [warez] "C:\Program Files\Warez P2P Client\warez.exe" -h
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PDFtypewriter - {B5EE1724-E26C-4431-A8F3-96FC5FE55CA1} - C:\Program Files\PDFtypewriter\PDFtypewriterie.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: Secure Global Desktop Client, 3.4 -
https://asp2.extra-n...ava/ttaC-du.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....738&clcid=0x409O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Ewido log:---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 2:39:22 AM, 12/8/2005
+ Report-Checksum: 5773A4A2
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKU\S-1-5-21-57989841-1532298954-1801674531-1003\Software\Alexa Internet -> Spyware.Alexa : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Cuong\Application Data\Netscape\NSB\Profiles\fnr1aes4.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Cuong\Application Data\Netscape\NSB\Profiles\fnr1aes4.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Cuong\Application Data\Netscape\NSB\Profiles\fnr1aes4.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Cuong\Application Data\Netscape\NSB\Profiles\fnr1aes4.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Cuong\Application Data\Netscape\NSB\Profiles\fnr1aes4.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Cuong\Application Data\Netscape\NSB\Profiles\fnr1aes4.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Cuong\Cookies\cuong@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Cuong\Cookies\
[email protected][1].txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Cuong\Cookies\cuong@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Cuong\Cookies\
[email protected][1].txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\downloads\pacificpoker.exe -> Spyware.Casino : Cleaned with backup
C:\My Shared Folder\frank1.5.zip/setup.exe -> Downloader.IstBar.nk : Cleaned with backup
C:\My Shared Folder\frankbot.zip/1.wmv -> Downloader.WMA.Wimad.d : Cleaned with backup
C:\My Shared Folder\hold'em inspector.zip/setup.exe -> Downloader.IstBar.nj : Cleaned with backup
C:\My Shared Folder\party poker script.rar/setup.exe -> Downloader.IstBar.nj : Cleaned with backup
C:\Program Files\PDF Editor 2\setup.exe -> Trojan.Crypt.e : Cleaned with backup
C:\Program Files\Shareaza\Downloads\123 Flash Menü.zip/setup.exe -> Trojan.Crypt.e : Cleaned with backup
C:\Uploads\123 Flash Menü.zip/setup.exe -> Trojan.Crypt.e : Cleaned with backup
C:\WINDOWS\mpatrol.dll -> Downloader.Delf.vt : Cleaned with backup
C:\WINDOWS\q3627937.dll -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\q7228234.dll -> Spyware.Hijacker.Generic : Cleaned with backup
E:\command.exe -> Dropper.Delf.ev : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@adorigin[1].txt -> Spyware.Cookie.Adorigin : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@centrport[1].txt -> Spyware.Cookie.Centrport : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@clickagents[1].txt -> Spyware.Cookie.Clickagents : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Hitslink : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@excite[1].txt -> Spyware.Cookie.Excite : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@fastclick[1].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@mysearch[2].txt -> Spyware.Cookie.Mysearch : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@overture[2].txt -> Spyware.Cookie.Overture : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Overture : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@pro-market[1].txt -> Spyware.Cookie.Pro-market : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@qksrv[2].txt -> Spyware.Cookie.Qksrv : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@revenue[1].txt -> Spyware.Cookie.Revenue : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@statcounter[2].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][2].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\
[email protected][1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
E:\Documents and Settings\Dad\Local Settings\Temp\atiupdate.exe -> Downloader.Delf.ep : Cleaned with backup
E:\Program Files\MySearch\bar\1.bin\NPMYSRCH.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MySearch\bar\1.bin\S4BAR.DLL -> Spyware.MySearch : Cleaned with backup
E:\Program Files\MySearch\bar\1.bin\S4PLUGIN.DLL -> Spyware.MyWebSearch : Cleaned with backup
::Report End
panda log:Incident Status Location
Adware:adware/cws Not disinfected C:\Documents and Settings\Cuong\Favorites\Fun & Games
Dialer:dialer.cso Not disinfected HKEY_CLASSES_ROOT\CCACCESS.CHECKCONTROL
Adware:adware/spysheriff Not disinfected Windows Registry
Virus:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Cuong\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-4ef836e7-2d64bab7.zip[BlackBox.class]
Virus:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Cuong\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-4ef836e7-2d64bab7.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Cuong\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-4ef836e7-2d64bab7.zip[Dummy.class]
Virus:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Cuong\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-4ef836e7-2d64bab7.zip[Beyond.class]