installed programs log
Adobe Acrobat 7.0 Professional
Adobe Flash Player ActiveX
AdwareAlert
aTube Catcher 1.0 rc2
AVG 7.5
CCleaner (remove only)
Collab
Diskeeper Professional Edition
DivX
DivX Player
EA SPORTS Rugby 06
EA SPORTS Rugby 2005
FL Studio 5
getPlus(R)_ocx
Google Toolbar for Internet Explorer
HijackThis 2.0.2
HP Extended Capabilities 6.1
HP Imaging Device Functions 6.1
HP Photosmart Essential
HP PSC & OfficeJet 6.1.A
HP Solution Center and Imaging Support Tools 6.1
HP Update
Intel(R) 536EP Modem
Macromedia Flash Player
Mega 200VWR
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Office Professional Edition 2003
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Nero Suite
NokiaFREE Unlock Codes Calculator
Online Armor 2.1
Realtek AC'97 Audio
REALTEK Gigabit and Fast Ethernet NIC Driver
RegCure 1.3.0.2
SAMSUNG Mobile USB Modem 1.0 Software
Samsung PC Studio 2.0 PIM & File Manager
Samsung PC Studio PC Sync
Serials 2005
Shop for HP Supplies
SLD CODEC PACK 1.5.3
Sonic Foundry Sound Forge 6.0
Starware Horoscopes Toolbar
VIA Platform Device Manager
VIA/S3G Display Driver
WhenU WeatherCast
Windows Installer 3.1 (KB893803)
WinRAR archiver
XviD MPEG-4 Video Codec
mbam log
Malwarebytes' Anti-Malware 1.11
Database version: 707
Scan type: Full Scan (C:\|)
Objects scanned: 106980
Time elapsed: 1 hour(s), 12 minute(s), 27 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 17
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 75
Files Infected: 208
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{6743c36c-cbfe-11db-9705-005056c00008} (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{6743c36c-cbfe-11db-9705-005056c00008} (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Installer\UpgradeCodes\7c673a5b871b8cd419f47dd0de5a6d18 (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7c673a5b871b8cd419f47dd0de5a6d18 (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5b4016981c40d5f4b9925ed64ad7b526 (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\70b07021d02a5e347a162b223ea41cd5 (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\a30d1592adaa3d743884b8318328ad99 (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\a491438a809f60f458df33e67c80a5d2 (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\bf91bd5c23255be4c8550acdf0f2ee89 (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\cb6591e4426ef2b49aee7437e1144918 (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\e326614894984a1468ca53b7dfcf99a5 (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\f0598db56de5201439f9c2683914b53f (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware349 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Starware349 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\AdwareAlert\ (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\AdwareAlert\FilterDrv\ (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Documents and Settings\All Users\Start Menu\Programs\AdwareAlert\ (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Documents and Settings\All Users\Start Menu\Programs\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\FilterDrv (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\Starware349 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware349\bin (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware349\icons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Settings (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\EbayKeyword (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\EbaySearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Games (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\HoroscopesMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Movies (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Reference (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Weather (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\HoroscopesMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\HoroscopesMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\HoroscopesMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Games (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\HoroscopesMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Movies (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Reference (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Weather (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\HoroscopesMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\HoroscopesMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\HoroscopesMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\Installer\{B881166F-B3C9-4F1D-B282-4273C52D6516}\Icon.exe (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\AdwareAlert\AdwareAlert on the Web.lnk (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\AdwareAlert\AdwareAlert.lnk (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\AdwareAlert.exe (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\AdwareAlert.url (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\DataBase.ref (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\Difxapi.dll (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\Launcher.exe (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\SpyCleaner.dll (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\TCL.dll (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\vistaCPtasks.xml (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\zlib.dll (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\FilterDrv\AdwareAlert.amd64.sys (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\FilterDrv\AdwareAlert.cat (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\FilterDrv\AdwareAlert.inf (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\AdwareAlert\FilterDrv\AdwareAlert.x86.sys (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Program Files\Starware349\brand.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware349\Starware349Config.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware349\Starware349Uninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware349\icons\star_16.ico (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\ebaykeyword.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\ebaykeyword.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\ebaysearch.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\ebaysearch.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\Highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\HighlightHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\Reference.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\ReferenceHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\referencehotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\referencexp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\Weather.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\weatherhotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\buttons\weatherxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\images\walertXP.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware349\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\rs.dat (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 14 - 03_02_58 PM_859.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 14 - 03_22_46 PM_531.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 14 - 04_23_45 PM_796.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 14 - 04_24_10 PM_468.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 14 - 04_54_00 PM_765.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 14 - 06_09_43 PM_109.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 14 - 06_24_14 PM_234.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 14 - 07_06_27 AM_281.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 14 - 09_06_50 PM_828.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 15 - 06_17_21 PM_171.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 16 - 03_12_04 PM_734.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 16 - 05_13_48 AM_937.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 16 - 07_35_24 PM_531.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 16 - 07_52_11 AM_578.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 16 - 09_36_03 PM_375.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 16 - 12_01_19 PM_156.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 17 - 02_55_42 PM_281.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 17 - 04_03_44 PM_000.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 17 - 05_09_12 AM_390.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 17 - 07_51_02 AM_703.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 17 - 09_22_30 AM_218.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 17 - 09_44_00 AM_312.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 18 - 01_55_38 PM_656.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 18 - 05_14_50 AM_968.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 18 - 05_57_18 PM_140.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 18 - 06_27_03 PM_578.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 18 - 07_51_00 AM_718.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 18 - 10_35_35 PM_828.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 18 - 12_25_55 PM_796.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 19 - 09_02_32 AM_984.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 19 - 09_43_00 AM_765.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 20 - 07_39_58 PM_546.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 21 - 03_55_51 PM_750.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 21 - 05_09_10 PM_515.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 21 - 08_08_29 AM_890.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 21 - 08_21_29 AM_781.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 21 - 09_13_59 PM_265.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 22 - 02_43_52 PM_937.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 22 - 07_01_39 PM_750.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 22 - 07_37_54 PM_078.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 22 - 07_50_04 AM_734.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 22 - 08_40_23 PM_093.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 22 - 09_01_47 PM_671.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 23 - 02_03_27 PM_140.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 23 - 02_26_04 PM_437.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 23 - 02_51_27 PM_953.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 23 - 06_34_48 PM_500.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 23 - 08_53_21 PM_593.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 23 - 10_53_39 AM_453.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 23 - 11_17_04 AM_109.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 23 - 11_20_48 AM_875.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 23 - 11_47_47 AM_078.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 24 - 02_53_46 PM_250.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 24 - 03_06_56 PM_984.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 24 - 07_00_38 PM_734.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 24 - 07_39_13 AM_308.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 24 - 09_11_58 AM_890.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 25 - 01_59_34 PM_968.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 25 - 02_11_57 PM_921.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 25 - 04_27_23 AM_265.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 25 - 05_12_39 PM_093.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 25 - 05_49_15 AM_671.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 25 - 12_12_07 AM_093.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 26 - 08_36_48 AM_968.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 26 - 12_43_01 PM_281.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 27 - 02_11_59 PM_359.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 27 - 03_43_53 PM_890.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 28 - 07_17_09 PM_046.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 28 - 08_32_39 AM_234.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 28 - 12_28_45 PM_218.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 29 - 07_23_25 PM_609.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 29 - 07_31_48 PM_343.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 29 - 07_44_41 PM_609.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 29 - 08_52_33 PM_484.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 Apr 30 - 07_29_06 AM_437.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 May 01 - 08_36_49 AM_234.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 May 02 - 01_55_01 PM_531.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Log\2008 May 02 - 02_52_36 PM_984.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\AdwareAlert\Settings\ScanResults.pie (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\EbayKeyword\EbayKeywordOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\EbayKeyword\EbayKeywordOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\EbaySearch\EbaySearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\EbaySearch\EbaySearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\HoroscopesMarketingSitePager\HoroscopesMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\HoroscopesMarketingSitePager\HoroscopesMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\HoroscopesMarketingSitePager\images\active\HoroscopesMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Starware349\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\HoroscopesMarketingSitePager\HoroscopesMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\HoroscopesMarketingSitePager\HoroscopesMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\HoroscopesMarketingSitePager\images\active\HoroscopesMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Starware349\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
Eset scan log
# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3071 (20080502)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.064 (20070717)
# EOSSerial=0470602d0753c74393a05c548fc18073
# end=finished
# remove_checked=false
# unwanted_checked=true
# utc_time=2008-05-02 03:35:16
# local_time=2008-05-02 05:35:16 (+0200, South Africa Standard Time)
# country="South Africa"
# osver=5.1.2600 NT Service Pack 2
# scanned=224104
# found=7
# scan_time=3885
C:\Documents and Settings\user\Desktop\claytonsBackup\pics\john171w.zip Win32/HackTool.John.NAA trojan 9A4E33949AFCC054353D63023D34B235
C:\Documents and Settings\user\Desktop\claytonsBackup\pics\john171w.zip »ZIP »john1701/run/john-386.exe Win32/HackTool.John.NAA trojan 00000000000000000000000000000000
C:\Documents and Settings\user\My Documents\horoscopes.exe Win32/Adware.Comet application 1A0E162CE3165FDC48552BE792B17DC2
C:\Documents and Settings\user\My Documents\horoscopes.exe »NSIS »broker.exe Win32/Adware.Comet application 00000000000000000000000000000000
C:\Documents and Settings\user\My Documents\john171w.zip Win32/HackTool.John.NAA trojan 9A4E33949AFCC054353D63023D34B235
C:\Documents and Settings\user\My Documents\john171w.zip »ZIP »john1701/run/john-386.exe Win32/HackTool.John.NAA trojan 00000000000000000000000000000000
C:\Program Files\WeatherCast\Weather.exe probably a variant of Win32/Adware.Agent application 3EC4FFCD4E2B432D65B8299C758A1FF5
hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:41:29 PM, on 2008/05/02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Lexmark 7300 Series\ezprint.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\WEATHE~1\Weather.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\user\Desktop\New Folder\MxitV3\MXit.exe
C:\Documents and Settings\user\Desktop\HJT\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
https://online.telkomsa.net/oem/index.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by TelkomInternet
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [lxcimon.exe] "C:\Program Files\Lexmark 7300 Series\lxcimon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7300 Series\ezprint.exe"
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WeatherCast] C:\PROGRA~1\WEATHE~1\Weather.exe /q
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: Convert link target to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF -
res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://online.telkomsa.net/oem/index.html
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
http://www.eset.eu/buxus/docs/OnlineScanner.cabO16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
http://www.adobe.com/products/acrobat/nos/gp.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
--
End of file - 7795 bytes