Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

CPU downloading very slow.Looks like my son is at it again

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

CPU downloading very slow.Looks like my son is at it again

Unread postby pcp3 » April 25th, 2006, 9:06 am

Logfile of HijackThis v1.99.1
Scan saved at 9:03:46 AM, on 04/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\system32\winlogon.exe
C:\PROGRA~1\Yahoo!\browser\YBrowser.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Copy of HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control) - http://www.imagestation.com/common/clas ... r=1,1,0,30
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-3-36.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/viru ... ebscan.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.ne ... tector.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsup ... veData.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A758EEE-A254-4679-896E-D798B424421F}: NameServer = 68.94.156.1 68.94.157.1
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: ewido security suite control - Unknown owner - C:\Documents and Settings\paul piccirillo\Desktop\ewido anti-malware\ewidoctrl.exe (file missing)
O23 - Service: ewido security suite guard - Unknown owner - C:\Documents and Settings\paul piccirillo\Desktop\ewido anti-malware\ewidoguard.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, April 25, 2006 8:40:30 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 25/04/2006
Kaspersky Anti-Virus database records: 189743
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 70975
Number of viruses found: 18
Number of infected objects: 212
Number of suspicious objects: 0
Duration of the scan process: 00:57:51

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\WINDOWS\Downloaded Program Files\turbo.inf Infected: not-a-virus:AdWare.Win32.BetterInternet.as skipped
C:\WINDOWS\SYSTEM32\windialup\2443[1]\windialup.exe Infected: not-a-virus:Porn-Dialer.Win32.RTSMini skipped

Scan process completed.
pcp3
Regular Member
 
Posts: 52
Joined: May 2nd, 2005, 8:05 am
Advertisement
Register to Remove

Unread postby Bob4 » April 25th, 2006, 3:43 pm

Welcome to the Malware removal forums. I will be more than happy to help you work on your problems. Please give me some time to review your log as this can be a lengthy process. I will be back with you as soon as I can. As I am an undergrad my answers will be checked by an expert before I post back.

In the meantime
The fixes we will use are specific to your problems and should only be used for this issue on this machine.

Please only use this topic to reply to. Do not start another thread.
If any other issues arise let me know.
The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear. So lets do this to the end!
Please if you decide to seek help at another forum let us know. There is a shortage of helpers and tying 2 of us up is a waste of time.
If you have any questions about any advice given here please STOP and ask!



Create a folder called HJT either in C: and place the hijackthis.exe in there. This will ensure we have back ups made and it doesn't get deleted .
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6070
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby pcp3 » April 25th, 2006, 5:45 pm

Thanks for helping me.I will do as you ask.
pcp3
Regular Member
 
Posts: 52
Joined: May 2nd, 2005, 8:05 am

Unread postby Bob4 » April 26th, 2006, 6:30 am

Clean out the temporary files.
Please download System Security Suite
Mark the page under the "Items to Clean" tab like this. Run the program.




Download the following:


Free 30 day trial of
A 2 Squared

Install and run a scan.
Let it clean anything it finds.






- Download and install the 14 day trial version of Spy Sweeper from here (If you receive alerts from your firewall, allow all activities for Spy Sweeper)
- Install it using the Standard Install option. (You will be asked for your e-mail address, it is safe to give it)
- You will be prompted to check for updated definitions, please do so. (This may take several minutes)
- Then configure Spy Sweeper as follows:
- From the left pane, click Options
- Then select\click the Sweep Options tab
* Under Where to Sweep: Ensure the following is selected\checked..
Sweep all Folders on Selected drives
* Under What to Sweep: Ensure the following are selected\checked...
Sweep Memory
Sweep Registry
Sweep Cookies
Sweep All Users accounts
Do Not Sweep System Restore Folder
Enable Direct Disk Sweeping
Sweep For Rootkits

- After that's done, select Sweep from the left pane & click on the Start button
- Allow Spysweeper to reboot your machine. This is a necessary step to kill the infection
- When the sweep has finished, click Remove. Click Select All and then Next
- From "Results, select the Session Log tab. Click Save to File and save the log somewhere convenient.
- Exit Spy Sweeper.
- Post the Spy Sweeper log in your next reply along with a new HJT log.





Ewido
Download Ewido

Install ewido
During the installation, uncheck the following under Additional Options:
Install background guard
Install scan via context menu

You will need to update ewido to the latest definition files.
On the left hand side of the main screen click update
Click on Start
The update will start and a progress bar will show the updates being installed. After the updates are installed,
exit ewido.
Do Not Use It Yet.

Theres alot going on in this Kaperskys log. Now I see he has ewido listed in 023 lines..But I'm thinking here it should take care of quite alot of that. A few of the trojans listed I see where spy sweeper was run in a few logs with this in a Kaperskys log.







Safe mode:
Please reboot to safe mode:
After the very first black screen start tapping the
F8 key untill prompted with a list choose safe
mode.
Heres how








Ewido Part 2
Ewido
Close all open windows/programs/folders. Have nothing else open while ewido performs its scan!
Click on scanner
Click on Settings
Under "How to scan" all boxes should be selected
Under "Possibly unwanted software" all boxes should be selected
Under "What to scan" select scan every file
Click OK
Click on Complete system scan
Let the program scan the machine
If ewido finds anything, it will pop up a notification. NOTE: You may choose to select this for all files found.
Remove anything it finds
When scan is completed, click Save report to your desktop.
Post the report in your next reply.
Exit ewido.


Run another scan from kaperskys after you do all of the above. Save the log.


Post a new HJT log along with the results of Ewido and the log from Kaperskys..
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6070
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby pcp3 » April 26th, 2006, 2:29 pm

I cant use A2 squared.It asks me for a code number to sign in.Ewido showed nothing no infected files.here is the other 2.KASPERSKY ON-LINE SCANNER REPORT
Wednesday, April 26, 2006 1:15:15 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 26/04/2006
Kaspersky Anti-Virus database records: 190030


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 68499
Number of viruses found 18
Number of infected objects 212
Number of suspicious objects 0
Duration of the scan process 00:53:10

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe NSIS: infected - 23 skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe NSIS: infected - 10 skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe NSIS: infected - 23 skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe NSIS: infected - 10 skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe NSIS: infected - 23 skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe NSIS: infected - 10 skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe NSIS: infected - 23 skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe NSIS: infected - 10 skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe NSIS: infected - 23 skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe NSIS: infected - 10 skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe NSIS: infected - 23 skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe NSIS: infected - 10 skipped

C:\WINDOWS\Downloaded Program Files\turbo.inf Infected: not-a-virus:AdWare.Win32.BetterInternet.as skipped

C:\WINDOWS\SYSTEM32\windialup\2443[1]\windialup.exe Infected: not-a-virus:Porn-Dialer.Win32.RTSMini skipped

Scan process completed.
********
8:43 AM: | Start of Session, Wednesday, April 26, 2006 |
8:43 AM: Spy Sweeper started
8:43 AM: Sweep initiated using definitions version 665
8:43 AM: Starting Memory Sweep
8:49 AM: Memory Sweep Complete, Elapsed Time: 00:05:51
8:49 AM: Starting Registry Sweep
8:49 AM: Found Adware: blazefind
8:49 AM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\bridge.dll (ID = 104541)
8:49 AM: Found Adware: ist istbar
8:49 AM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\d_loader.exe (ID = 129173)
8:49 AM: Found Adware: wild media - minigolf
8:49 AM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/wildapp.dll\ (2 subtraces) (ID = 135051)
8:49 AM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/minigolf_affiliate.exe\ (2 subtraces) (ID = 135052)
8:49 AM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\wildapp.dll (ID = 135057)
8:49 AM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\minigolf_affiliate.exe (ID = 135058)
8:50 AM: Registry Sweep Complete, Elapsed Time:00:00:25
8:50 AM: Starting Cookie Sweep
8:50 AM: Found Spy Cookie: about cookie
8:50 AM: monica@about[2].txt (ID = 2037)
8:50 AM: Found Spy Cookie: adknowledge cookie
8:50 AM: monica@adknowledge[2].txt (ID = 2072)
8:50 AM: Found Spy Cookie: adlegend cookie
8:50 AM: monica@adlegend[2].txt (ID = 2074)
8:50 AM: Found Spy Cookie: hbmediapro cookie
8:50 AM: monica@adopt.hbmediapro[2].txt (ID = 2768)
8:50 AM: Found Spy Cookie: atwola cookie
8:50 AM: monica@ar.atwola[2].txt (ID = 2256)
8:50 AM: Found Spy Cookie: ask cookie
8:50 AM: monica@ask[2].txt (ID = 2245)
8:50 AM: monica@atwola[1].txt (ID = 2255)
8:50 AM: Found Spy Cookie: bannerspace cookie
8:50 AM: monica@bannerspace[1].txt (ID = 2284)
8:50 AM: Found Spy Cookie: classmates cookie
8:50 AM: monica@classmates[1].txt (ID = 2384)
8:50 AM: Found Spy Cookie: did-it cookie
8:50 AM: monica@did-it[1].txt (ID = 2523)
8:50 AM: Found Spy Cookie: gostats cookie
8:50 AM: monica@gostats[2].txt (ID = 2747)
8:50 AM: Found Spy Cookie: go.com cookie
8:50 AM: monica@go[1].txt (ID = 2728)
8:50 AM: Found Spy Cookie: clickandtrack cookie
8:50 AM: monica@hits.clickandtrack[2].txt (ID = 2397)
8:50 AM: monica@psc.disney.go[2].txt (ID = 2729)
8:50 AM: Found Spy Cookie: reunion cookie
8:50 AM: monica@reunion[1].txt (ID = 3255)
8:50 AM: monica@travelwithkids.about[2].txt (ID = 2038)
8:50 AM: monica@www.disney.go[1].txt (ID = 2729)
8:50 AM: monica@www.reunion[1].txt (ID = 3256)
8:50 AM: Found Spy Cookie: xiti cookie
8:50 AM: monica@xiti[1].txt (ID = 3717)
8:50 AM: Found Spy Cookie: 2o7.net cookie
8:50 AM: pauly piccirillo@2o7[1].txt (ID = 1957)
8:50 AM: Found Spy Cookie: 64.62.232 cookie
8:50 AM: pauly piccirillo@64.62.232[1].txt (ID = 1987)
8:50 AM: pauly piccirillo@64.62.232[2].txt (ID = 1987)
8:50 AM: pauly piccirillo@64.62.232[3].txt (ID = 1987)
8:50 AM: pauly piccirillo@64.62.232[5].txt (ID = 1987)
8:50 AM: Found Spy Cookie: 888 cookie
8:50 AM: pauly piccirillo@888[1].txt (ID = 2019)
8:50 AM: pauly piccirillo@about[2].txt (ID = 2037)
8:50 AM: Found Spy Cookie: yieldmanager cookie
8:50 AM: pauly piccirillo@ad.yieldmanager[2].txt (ID = 3751)
8:50 AM: Found Spy Cookie: adecn cookie
8:50 AM: pauly piccirillo@adecn[2].txt (ID = 2063)
8:50 AM: pauly piccirillo@adknowledge[2].txt (ID = 2072)
8:50 AM: pauly piccirillo@adlegend[1].txt (ID = 2074)
8:50 AM: Found Spy Cookie: nextag cookie
8:50 AM: pauly piccirillo@adq.nextag[1].txt (ID = 5015)
8:50 AM: Found Spy Cookie: cc214142 cookie
8:50 AM: pauly piccirillo@ads.cc214142[1].txt (ID = 2367)
8:50 AM: pauly piccirillo@ask[1].txt (ID = 2245)
8:50 AM: Found Spy Cookie: atlas dmt cookie
8:50 AM: pauly piccirillo@atdmt[2].txt (ID = 2253)
8:50 AM: Found Spy Cookie: belnk cookie
8:50 AM: pauly piccirillo@ath.belnk[2].txt (ID = 2293)
8:50 AM: pauly piccirillo@atwola[1].txt (ID = 2255)
8:50 AM: Found Spy Cookie: azjmp cookie
8:50 AM: pauly piccirillo@azjmp[1].txt (ID = 2270)
8:50 AM: Found Spy Cookie: bizrate cookie
8:50 AM: pauly piccirillo@bizrate[2].txt (ID = 2308)
8:50 AM: pauly piccirillo@boardgames.about[1].txt (ID = 2038)
8:50 AM: pauly piccirillo@buenavistarecords.go[1].txt (ID = 2729)
8:50 AM: Found Spy Cookie: barelylegal cookie
8:50 AM: pauly piccirillo@c.fsx[1].txt (ID = 2286)
8:50 AM: pauly piccirillo@c3.gostats[1].txt (ID = 2748)
8:50 AM: Found Spy Cookie: cassava cookie
8:50 AM: pauly piccirillo@cassava[1].txt (ID = 2362)
8:50 AM: Found Spy Cookie: ccbill cookie
8:50 AM: pauly piccirillo@ccbill[1].txt (ID = 2369)
8:50 AM: pauly piccirillo@classmates[2].txt (ID = 2384)
8:50 AM: Found Spy Cookie: danni cookie
8:50 AM: pauly piccirillo@danni[1].txt (ID = 2493)
8:50 AM: pauly piccirillo@dist.belnk[2].txt (ID = 2293)
8:50 AM: pauly piccirillo@espn.go[2].txt (ID = 2729)
8:50 AM: Found Spy Cookie: experclick cookie
8:50 AM: pauly piccirillo@experclick[2].txt (ID = 2639)
8:50 AM: pauly piccirillo@gostats[1].txt (ID = 2747)
8:50 AM: pauly piccirillo@go[2].txt (ID = 2728)
8:50 AM: pauly piccirillo@hollywoodrecords.go[1].txt (ID = 2729)
8:50 AM: Found Spy Cookie: screensavers.com cookie
8:50 AM: pauly piccirillo@i.screensavers[2].txt (ID = 3298)
8:50 AM: pauly piccirillo@nextag[1].txt (ID = 5014)
8:50 AM: pauly piccirillo@proxy.espn.go[1].txt (ID = 2729)
8:50 AM: pauly piccirillo@reunion[2].txt (ID = 3255)
8:50 AM: pauly piccirillo@rsi.espn.go[1].txt (ID = 2729)
8:50 AM: Found Spy Cookie: servlet cookie
8:50 AM: pauly piccirillo@servlet[1].txt (ID = 3345)
8:50 AM: pauly piccirillo@sports.espn.go[2].txt (ID = 2729)
8:50 AM: Found Spy Cookie: stlyrics cookie
8:50 AM: pauly piccirillo@stlyrics[1].txt (ID = 3461)
8:50 AM: Found Spy Cookie: tacoda cookie
8:50 AM: pauly piccirillo@tacoda[1].txt (ID = 6444)
8:50 AM: pauly piccirillo@teenadvice.about[1].txt (ID = 2038)
8:50 AM: Found Spy Cookie: teensforcash cookie
8:50 AM: pauly piccirillo@teensforcash[2].txt (ID = 3509)
8:50 AM: Found Spy Cookie: webpower cookie
8:50 AM: pauly piccirillo@webpower[1].txt (ID = 3660)
8:50 AM: Found Spy Cookie: touchclarity cookie
8:50 AM: pauly piccirillo@webtracking.touchclarity[1].txt (ID = 3566)
8:50 AM: Found Spy Cookie: collegefucktour cookie
8:50 AM: pauly piccirillo@www.collegefucktour[2].txt (ID = 2440)
8:50 AM: pauly piccirillo@www.danni[2].txt (ID = 2494)
8:50 AM: Found Spy Cookie: redzip cookie
8:50 AM: pauly piccirillo@www.redzip[2].txt (ID = 3250)
8:50 AM: pauly piccirillo@www.screensavers[1].txt (ID = 3298)
8:50 AM: Found Spy Cookie: upspiral cookie
8:50 AM: pauly piccirillo@www.upspiral[1].txt (ID = 3615)
8:50 AM: pauly piccirillo@xiti[1].txt (ID = 3717)
8:50 AM: Found Spy Cookie: 421 cookie
8:50 AM: kathy piccirillo@421[2].txt (ID = 1971)
8:50 AM: Found Spy Cookie: askmen cookie
8:50 AM: kathy piccirillo@askmen[2].txt (ID = 2247)
8:50 AM: kathy piccirillo@ask[2].txt (ID = 2245)
8:50 AM: kathy piccirillo@atwola[1].txt (ID = 2255)
8:50 AM: kathy piccirillo@bizrate[1].txt (ID = 2308)
8:50 AM: Found Spy Cookie: directtrack cookie
8:50 AM: kathy piccirillo@directtrack[1].txt (ID = 2527)
8:50 AM: kathy piccirillo@disneyworld.disney.go[1].txt (ID = 2729)
8:50 AM: kathy piccirillo@goeurope.about[1].txt (ID = 2038)
8:50 AM: kathy piccirillo@inventors.about[2].txt (ID = 2038)
8:50 AM: kathy piccirillo@limitedtoo.directtrack[2].txt (ID = 2528)
8:50 AM: kathy piccirillo@nextag[1].txt (ID = 5014)
8:50 AM: Found Spy Cookie: pcb.peoples cookie
8:50 AM: kathy piccirillo@pcb.peoples[1].txt (ID = 3121)
8:50 AM: Found Spy Cookie: pub cookie
8:50 AM: kathy piccirillo@pub[1].txt (ID = 3205)
8:50 AM: kathy piccirillo@search.about[1].txt (ID = 2038)
8:50 AM: Found Spy Cookie: jmnad1 cookie
8:50 AM: kathy piccirillo@www.jmnad1[2].txt (ID = 2888)
8:50 AM: kathy piccirillo@www.screensavers[2].txt (ID = 3298)
8:50 AM: kathy piccirillo@www.stlyrics[1].txt (ID = 3462)
8:50 AM: Cookie Sweep Complete, Elapsed Time: 00:00:12
8:50 AM: Starting File Sweep
9:59 AM: Found Adware: webhancer
9:59 AM: ntsautodial.ini (ID = 188794)
10:00 AM: Found Adware: directrevenue-abetterinternet
10:00 AM: polmx2.inf (ID = 83430)
10:00 AM: File Sweep Complete, Elapsed Time: 01:09:55
10:00 AM: Full Sweep has completed. Elapsed time 01:16:29
10:00 AM: Traces Found: 100
********
8:05 AM: | Start of Session, Wednesday, April 26, 2006 |
8:05 AM: Spy Sweeper started
8:41 AM: Your spyware definitions have been updated.
8:43 AM: | End of Session, Wednesday, April 26, 2006 |
pcp3
Regular Member
 
Posts: 52
Joined: May 2nd, 2005, 8:05 am

Unread postby Bob4 » April 27th, 2006, 7:21 pm

MY appologies . My directions were incomplete.
Go to .this site and create a free acct for A2 squared. They will e Mail you the code number you'll need.


PLease run that program and following the dircections above post a log for A2 squared..

I also need the log from Ewido and a new HJT log.
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6070
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby pcp3 » April 27th, 2006, 11:08 pm

a-squared Report
Scan started: 04/27/2006 9:19:21 PM
Scan finished: 04/27/2006 10:05:20 PM
Scan duration: 0h 45min 58sec
Scanned files: 109490
Infected files: 60

Object Diagnosis
C:\Program Files\limewire Trace.Directory.LimeWire
C:\Program Files\limewire\root Trace.Directory.LimeWire
C:\Documents and Settings\paul piccirillo\Start Menu\Programs\limewire Trace.Directory.LimeWire
C:\Program Files\limewire\clink.jar Trace.File.LimeWire
C:\Program Files\limewire\commons-httpclient.jar Trace.File.LimeWire
C:\Program Files\limewire\commons-logging.jar Trace.File.LimeWire
C:\Program Files\limewire\commons-net.jar Trace.File.LimeWire
C:\Program Files\limewire\copying Trace.File.LimeWire
C:\Program Files\limewire\daap.jar Trace.File.LimeWire
C:\Program Files\limewire\data.ser Trace.File.LimeWire
C:\Program Files\limewire\donotremove.htm Trace.File.LimeWire
C:\Program Files\limewire\genericwindowsutils.dll Trace.File.LimeWire
C:\Program Files\limewire\hashes Trace.File.LimeWire
C:\Program Files\limewire\i18n.jar Trace.File.LimeWire
C:\Program Files\limewire\icu4j.jar Trace.File.LimeWire
C:\Program Files\limewire\id3v2.jar Trace.File.LimeWire
C:\Program Files\limewire\install.log Trace.File.LimeWire
C:\Program Files\limewire\jcraft.jar Trace.File.LimeWire
C:\Program Files\limewire\jl011.jar Trace.File.LimeWire
C:\Program Files\limewire\jmdns.jar Trace.File.LimeWire
C:\Program Files\limewire\language.prop Trace.File.LimeWire
C:\Program Files\limewire\limewire on startup.lnk Trace.File.LimeWire
C:\Program Files\limewire\limewire.exe Trace.File.LimeWire
C:\Program Files\limewire\limewire.ico Trace.File.LimeWire
C:\Program Files\limewire\limewire.jar Trace.File.LimeWire
C:\Program Files\limewire\limewire20.dll Trace.File.LimeWire
C:\Program Files\limewire\log4j.jar Trace.File.LimeWire
C:\Program Files\limewire\log4j.properties Trace.File.LimeWire
C:\Program Files\limewire\logicrypto.jar Trace.File.LimeWire
C:\Program Files\limewire\looks.jar Trace.File.LimeWire
C:\Program Files\limewire\messagesbundle.properties Trace.File.LimeWire
C:\Program Files\limewire\messagesbundles.jar Trace.File.LimeWire
C:\Program Files\limewire\mp3sp14.jar Trace.File.LimeWire
C:\Program Files\limewire\pmf.ico Trace.File.LimeWire
C:\Program Files\limewire\progresstabs.jar Trace.File.LimeWire
C:\Program Files\limewire\source Trace.File.LimeWire
C:\Program Files\limewire\spacer.gif Trace.File.LimeWire
C:\Program Files\limewire\themes.jar Trace.File.LimeWire
C:\Program Files\limewire\tritonus.jar Trace.File.LimeWire
C:\Program Files\limewire\update.ver Trace.File.LimeWire
C:\Program Files\limewire\vorbis.jar Trace.File.LimeWire
C:\Program Files\limewire\windowsv5plusutils.dll Trace.File.LimeWire
C:\Program Files\limewire\xerces.jar Trace.File.LimeWire
C:\Program Files\limewire\xml.war Trace.File.LimeWire
C:\Program Files\limewire\xml-apis.jar Trace.File.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\LimeWire --> InstallDir Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Magnet\Handlers\LimeWire\Type --> urn:sha1 Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Magnet\Handlers\LimeWire --> DefaultIcon Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Magnet\Handlers\LimeWire --> Description Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Magnet\Handlers\LimeWire --> kt Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Magnet\Handlers\LimeWire --> ShellExecute Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LimeWire --> DisplayName Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LimeWire --> DisplayVersion Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LimeWire --> HelpLink Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LimeWire --> NoModify Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LimeWire --> NoRepair Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LimeWire --> Publisher Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LimeWire --> UninstallString Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LimeWire --> URLInfoAbout Trace.Registry.LimeWire
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LimeWire --> URLUpdateInfo Trace.Registry.LimeWire


Logfile of HijackThis v1.99.1
Scan saved at 10:20:04 PM, on 04/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Documents and Settings\paul piccirillo\Desktop\ewido anti-malware\ewidoctrl.exe
C:\Documents and Settings\paul piccirillo\Desktop\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\a-squared\a2start.exe
C:\PROGRA~1\Yahoo!\browser\YBrowser.exe
C:\Program Files\Copy of HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [LexPPS.exe] C:\WINDOWS\system32\lexpps.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control) - http://www.imagestation.com/common/clas ... r=1,1,0,30
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-3-36.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/viru ... ebscan.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.ne ... tector.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsup ... veData.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A758EEE-A254-4679-896E-D798B424421F}: NameServer = 68.94.156.1 68.94.157.1
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: ewido security suite control - ewido networks - C:\Documents and Settings\paul piccirillo\Desktop\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Documents and Settings\paul piccirillo\Desktop\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:08:03 PM, 04/27/2006
+ Report-Checksum: CDBD7745

+ Scan result:

C:\Documents and Settings\Monica\Cookies\monica@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Monica\Cookies\monica@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Monica\Cookies\monica@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\pauly piccirillo\Cookies\pauly piccirillo@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\pauly piccirillo\Cookies\pauly piccirillo@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\pauly piccirillo\Cookies\pauly piccirillo@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\pauly piccirillo\Cookies\pauly piccirillo@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\pauly piccirillo\Cookies\pauly piccirillo@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\pauly piccirillo\Cookies\pauly piccirillo@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\pauly piccirillo\Cookies\pauly piccirillo@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\pauly piccirillo\Cookies\pauly piccirillo@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\pauly piccirillo\Cookies\pauly piccirillo@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup


::Report End
pcp3
Regular Member
 
Posts: 52
Joined: May 2nd, 2005, 8:05 am

Unread postby Bob4 » April 28th, 2006, 2:03 pm

I know this seems redundant but please lets see 1 more Kaperskys scan and log.


Please do an online scan with Kaspersky Online Scanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then start to download the latest definition files.

Once the scanner is installed and the definitions downloaded, click Next.

Now click on Scan Settings
In the scan settings make sure that the following are selected:
Scan using the following Anti-Virus database:

Extended (If available otherwise Standard)
Scan Options:
Scan Archives
Scan Mail Bases
Click OK

Now under select a target to scan select My Computer

The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.

Now click on the Save as Text button:

Save the file to your desktop.

Copy and paste that information in your next post.
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6070
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby pcp3 » April 28th, 2006, 6:25 pm

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Friday, April 28, 2006 6:24:11 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 28/04/2006
Kaspersky Anti-Virus database records: 190481
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 68841
Number of viruses found: 18
Number of infected objects: 212
Number of suspicious objects: 0
Duration of the scan process: 00:54:43

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe NSIS: infected - 23 skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe NSIS: infected - 10 skipped
C:\WINDOWS\Downloaded Program Files\turbo.inf Infected: not-a-virus:AdWare.Win32.BetterInternet.as skipped
C:\WINDOWS\SYSTEM32\windialup\2443[1]\windialup.exe Infected: not-a-virus:Porn-Dialer.Win32.RTSMini skipped

Scan process completed.
pcp3
Regular Member
 
Posts: 52
Joined: May 2nd, 2005, 8:05 am

Unread postby Bob4 » April 29th, 2006, 1:40 pm

Please download the Killbox by Option^Explicit

Note: In the event you already have Killbox, this is a new version that I need you to download.
Save it to your desktop.
Please double-click Killbox.exe to run it.
Select:
Delete on Reboot
then Click on the All Files button.
Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):


C:\Documents and Settings\Administrator\My Documents\Data\all_files3.exe
C:\Documents and Settings\Administrator\My Documents\Data\all_files3b.exe
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3.exe
C:\Documents and Settings\Administrator\My Documents\Data\Data\all_files3b.exe
C:\Documents and Settings\Monica\My Documents\Data\all_files3.exe
C:\Documents and Settings\Monica\My Documents\Data\all_files3b.exe
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3.exe
C:\WINDOWS\Downloaded Program Files\turbo.inf
C:\WINDOWS\SYSTEM32\windialup\2443[1]\windialup.exe
C:\Documents and Settings\Default User\My Documents\Data\all_files3.exe
C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3.exe
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe
C:\Documents and Settings\Monica\My Documents\Data\Data\all_files3b.exe






Return to Killbox, go to the File menu, and choose Paste from Clipboard.

Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).


If your computer does not restart automatically, please restart it manually.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe.
Then try Killbox again.


Please post a new HJT log.

and 1 more time with a new Kaperskys log.
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6070
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby pcp3 » April 29th, 2006, 6:51 pm

Looks like all of the bad files are in Kill box now.Here you go.KASPERSKY ON-LINE SCANNER REPORT
Saturday, April 29, 2006 6:45:26 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 30/04/2006
Kaspersky Anti-Virus database records: 190661


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 69027
Number of viruses found 18
Number of infected objects 213
Number of suspicious objects 0
Duration of the scan process 00:54:43

Infected Object Name Virus Name Last Action
C:\!KillBox\all_files3.exe/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\!KillBox\all_files3.exe/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\!KillBox\all_files3.exe/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\!KillBox\all_files3.exe/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\!KillBox\all_files3.exe/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\!KillBox\all_files3.exe/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe NSIS: infected - 23 skipped

C:\!KillBox\all_files3.exe( 10)/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 10)/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 10)/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 10)/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\!KillBox\all_files3.exe( 10)/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\!KillBox\all_files3.exe( 10)/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 10)/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 10)/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 10)/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 10)/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 10)/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 10)/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\!KillBox\all_files3.exe( 10)/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\!KillBox\all_files3.exe( 10)/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe( 10)/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe( 10)/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 10)/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 10)/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 10)/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 10)/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\!KillBox\all_files3.exe( 10)/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 10)/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 10)/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 10) NSIS: infected - 23 skipped

C:\!KillBox\all_files3.exe( 3)/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 3)/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 3)/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 3)/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\!KillBox\all_files3.exe( 3)/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\!KillBox\all_files3.exe( 3)/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 3)/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 3)/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 3)/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 3)/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 3)/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 3)/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\!KillBox\all_files3.exe( 3)/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\!KillBox\all_files3.exe( 3)/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe( 3)/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe( 3)/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 3)/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 3)/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 3)/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 3)/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\!KillBox\all_files3.exe( 3)/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 3)/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 3)/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 3) NSIS: infected - 23 skipped

C:\!KillBox\all_files3.exe( 4)/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 4)/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 4)/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 4)/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\!KillBox\all_files3.exe( 4)/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\!KillBox\all_files3.exe( 4)/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 4)/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 4)/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 4)/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 4)/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 4)/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 4)/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\!KillBox\all_files3.exe( 4)/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\!KillBox\all_files3.exe( 4)/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe( 4)/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe( 4)/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 4)/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 4)/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 4)/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 4)/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\!KillBox\all_files3.exe( 4)/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 4)/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 4)/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 4) NSIS: infected - 23 skipped

C:\!KillBox\all_files3.exe( 6)/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 6)/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 6)/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 6)/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\!KillBox\all_files3.exe( 6)/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\!KillBox\all_files3.exe( 6)/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 6)/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 6)/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 6)/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 6)/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 6)/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 6)/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\!KillBox\all_files3.exe( 6)/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\!KillBox\all_files3.exe( 6)/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe( 6)/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe( 6)/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 6)/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 6)/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 6)/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 6)/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\!KillBox\all_files3.exe( 6)/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 6)/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 6)/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 6) NSIS: infected - 23 skipped

C:\!KillBox\all_files3.exe( 8)/data0002/data299033.zip/Setup.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 8)/data0002/data299033.zip/Files/3.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 8)/data0002/data299033.zip/Files/5.exe Infected: not-a-virus:AdWare.Win32.IEDriver.b skipped

C:\!KillBox\all_files3.exe( 8)/data0002/data299033.zip/Files/IEDRIVER.EXE Infected: Trojan-Downloader.Win32.Turown.h skipped

C:\!KillBox\all_files3.exe( 8)/data0002/data299033.zip/Files/ieupdate.exe Infected: Trojan-Downloader.Win32.Turown.b skipped

C:\!KillBox\all_files3.exe( 8)/data0002/data299033.zip/Files/td.exe Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 8)/data0002/data299033.zip Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 8)/data0002 Infected: Trojan-Downloader.Win32.Turown.a skipped

C:\!KillBox\all_files3.exe( 8)/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 8)/data0003/data0004 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 8)/data0003 Infected: not-a-virus:AdWare.Win32.Connector skipped

C:\!KillBox\all_files3.exe( 8)/data0004 Infected: Trojan-Downloader.Win32.Agent.ec skipped

C:\!KillBox\all_files3.exe( 8)/data0005/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.t skipped

C:\!KillBox\all_files3.exe( 8)/data0005/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe( 8)/data0005/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.af skipped

C:\!KillBox\all_files3.exe( 8)/data0005/data0002.cab/Sync.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 8)/data0005/data0002.cab/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 8)/data0005/data0002.cab Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 8)/data0005 Infected: not-a-virus:AdWare.Win32.SaveNow.v skipped

C:\!KillBox\all_files3.exe( 8)/data0006 Infected: not-a-virus:AdWare.Win32.EZula skipped

C:\!KillBox\all_files3.exe( 8)/data0007/data0120 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 8)/data0007 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 8)/data0008 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped

C:\!KillBox\all_files3.exe( 8) NSIS: infected - 23 skipped

C:\!KillBox\all_files3b.exe/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\!KillBox\all_files3b.exe/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\!KillBox\all_files3b.exe/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe NSIS: infected - 10 skipped

C:\!KillBox\all_files3b.exe( 1)/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\!KillBox\all_files3b.exe( 1)/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\!KillBox\all_files3b.exe( 1)/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe( 1)/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe( 1)/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 1)/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 1)/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 1)/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 1)/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 1)/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 1) NSIS: infected - 10 skipped

C:\!KillBox\all_files3b.exe( 2)/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\!KillBox\all_files3b.exe( 2)/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\!KillBox\all_files3b.exe( 2)/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe( 2)/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe( 2)/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 2)/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 2)/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 2)/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 2)/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 2)/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 2) NSIS: infected - 10 skipped

C:\!KillBox\all_files3b.exe( 5)/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\!KillBox\all_files3b.exe( 5)/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\!KillBox\all_files3b.exe( 5)/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe( 5)/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe( 5)/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 5)/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 5)/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 5)/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 5)/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 5)/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 5) NSIS: infected - 10 skipped

C:\!KillBox\all_files3b.exe( 7)/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\!KillBox\all_files3b.exe( 7)/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\!KillBox\all_files3b.exe( 7)/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe( 7)/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe( 7)/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 7)/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 7)/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 7)/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 7)/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 7)/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 7) NSIS: infected - 10 skipped

C:\!KillBox\all_files3b.exe( 9)/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions skipped

C:\!KillBox\all_files3b.exe( 9)/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval.b skipped

C:\!KillBox\all_files3b.exe( 9)/data0003/data0003/data0002 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe( 9)/data0003/data0003/data0005 Infected: Trojan-Downloader.Win32.Keenval skipped

C:\!KillBox\all_files3b.exe( 9)/data0003/data0003/data0006 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 9)/data0003/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 9)/data0003 Infected: not-a-virus:AdWare.Win32.Perfnav.d skipped

C:\!KillBox\all_files3b.exe( 9)/data0014/data0002 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 9)/data0014/data0003 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 9)/data0014 Infected: not-a-virus:AdWare.Win32.BargainBuddy.a skipped

C:\!KillBox\all_files3b.exe( 9) NSIS: infected - 10 skipped

C:\!KillBox\turbo.inf Infected: not-a-virus:AdWare.Win32.BetterInternet.as skipped

C:\!KillBox\windialup.exe Infected: not-a-virus:Porn-Dialer.Win32.RTSMini skipped

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP36\A0004985.exe Infected: not-a-virus:Porn-Dialer.Win32.RTSMini skipped

Scan process completed.
Logfile of HijackThis v1.99.1
Scan saved at 6:50:44 PM, on 04/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Documents and Settings\paul piccirillo\Desktop\ewido anti-malware\ewidoctrl.exe
C:\Documents and Settings\paul piccirillo\Desktop\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Yahoo!\browser\YBrowser.exe
C:\PROGRA~1\Yahoo!\browser\YBrowser.exe
C:\Program Files\Copy of HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control) - http://www.imagestation.com/common/clas ... r=1,1,0,30
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-3-36.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/viru ... ebscan.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.ne ... tector.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsup ... veData.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A758EEE-A254-4679-896E-D798B424421F}: NameServer = 68.94.156.1 68.94.157.1
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: ewido security suite control - ewido networks - C:\Documents and Settings\paul piccirillo\Desktop\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Documents and Settings\paul piccirillo\Desktop\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
pcp3
Regular Member
 
Posts: 52
Joined: May 2nd, 2005, 8:05 am

Unread postby Bob4 » April 29th, 2006, 8:26 pm

Go to C:/!killbox and delete that entire folder.



I have 1 optional fix for you to consider.
You have iTunesHelper.exe running at Startup. iTunesHelper.exe is a process belonging to Itunes MP3 streaming tool by Apple which allows you to play MP3's. This process speeds up iTunes when it starts, and the program also monitors for connected iPod devices. This program is not required to start automatically as you can start it manually if you need it. It is advised that you disable this program so that it does not take up necessary resources. It may be worthwhile to fix it with HijackThis. This is the item to fix in HijackThis:

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe




Great news ! Image

Your log now appears to be clean.

Lets do a few things to tidy up.
Please do these in the order I suggest!

UNDO SHOW ALL FILES
click on the My Computer icon.
Select the Tools menu and click Folder Options.
After the new window appears select the View tab.
Deselect in the checkbox labeled Display the contents of system folders.
Deselect the checkbox labeled Show hidden files and folders.
Select the checkmark from the checkbox labeled Hide file extensions for known file types.
Replace the checkmark from the checkbox labeled Hide protected operating system files.
Press the Apply button and then the OK .
Now many important files are safe.




Clean out the temporary files.
Please download System Security Suite
Mark the page under the "Items to Clean" tab like this. Run the program.

Click OK and then yes to perform these actions.







Please create a 'clean' System Restore Point:
The reason for doing this is in case you need system restore you don't put back all we just took out.
Right click My Computer
Then Propeties then system restore
Place a check mark by turn off system restore
Click APPLY
Windows will give you a warning click yes
REBOOT

Now go right back to the same place and unchecksystem restore
Click APPLYand OK

A few things to help with possible threats



Download SpywareBlaster

Install SpywareBlaster

SpywareBlaster will add a large list of programs and sites to your Internet Explorer settings that will protect you from accidentally running or downloading known malicious programs.
After the installation, click Download Latest Protection Updates. When it finishes, click Enable All Protection.




Download and keep these updated and run weekly

Adaware
Tutorial

spybot seach & destroy
Tutorial





You can read about alot safer surfing here



Keep windows updated
Or:
Right click my computer open properties, go to automatic updates and click on Automatic (recommended)

And it goes without saying do not open Email from someone you don't know.


How you may have become infected




Safe and Happy Surfing. :)
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6070
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby pcp3 » April 29th, 2006, 9:22 pm

Thank You very much.I followed your advice and shut down Itunes.One more question is there any way to shut AIM today without shutting down AIM.My kids use AIm so it has to stay.thanks again
pcp3
Regular Member
 
Posts: 52
Joined: May 2nd, 2005, 8:05 am

Unread postby Bob4 » April 30th, 2006, 6:30 am

I found this article on it. I have never tried it as I don't use AIM.

http://www.bigblueball.com/forums/aim-s ... -good.html

Turning off AIM Today for good
Have you had problems with the AIM Today window popping up when you sign-on, even though you've setup AIM to turn it off? BigBlueBall member zjam sent me this tip for turning off the AIM Today window for good!

Go to AIM Preferences, click Sign on/off and put a check in Show AIM.com window at sign on, hit Apply and OK then close AIM.
Reopen AIM, and click My AIM "in the top left corner of your buddy list" on that drop down menu click Select Useful Tools... "a Internet Explorer window should pop up" "may vary dependent on your browser settings" in that window click the link that says remove menu, then that window will close out.
Now go back into your AIM preferences and once again disable Show AIM.com windows at sign on.
Close AIM
Reopen AIM...and if your followed the 5 easy steps correctly it should now be gone for good...or at least till the next version of AIM
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6070
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby pcp3 » May 1st, 2006, 12:40 pm

Thanks once again! This site is great.
pcp3
Regular Member
 
Posts: 52
Joined: May 2nd, 2005, 8:05 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 40 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware