Logfile of HijackThis v1.99.1
Scan saved at 20:07:19, on 2006-05-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Patrick\Bureau\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www1.ca.dell.com/content/default ... l=FR&s=gen
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl]
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMe ... loader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
kaspersky
Sunday, May 28, 2006 8:05:20 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 29/05/2006
Kaspersky Anti-Virus database records: 196901
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 39762
Number of viruses found 39
Number of infected objects 100
Number of suspicious objects 0
Duration of the scan process 00:26:23
Infected Object Name Virus Name Last Action
C:\Documents and Settings\Patrick\Local Settings\Temporary Internet Files\Content.IE5\UBIB292N\!update-3895[1].0000 Infected: Trojan-Downloader.Win32.PurityScan.co skipped
C:\Documents and Settings\Patrick\My Documents\Morpheus Shared\Downloads\remix.wma Infected: Trojan-Downloader.WMA.Wimad.c skipped
C:\Program Files\Norton AntiVirus\Quarantine\000B0BFD.tmp Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Program Files\Norton AntiVirus\Quarantine\02453BA6.exe/data0001 Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\Program Files\Norton AntiVirus\Quarantine\02453BA6.exe Inno: infected - 1 skipped
C:\Program Files\Norton AntiVirus\Quarantine\02453BA6.exe CryptFF: infected - 1 skipped
C:\Program Files\Norton AntiVirus\Quarantine\024965A3.exe Infected: Trojan-Clicker.Win32.VB.ly skipped
C:\Program Files\Norton AntiVirus\Quarantine\024C0F9F.exe Infected: Trojan-Downloader.Win32.Adload.br skipped
C:\Program Files\Norton AntiVirus\Quarantine\024F399C.exe Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\Program Files\Norton AntiVirus\Quarantine\02526398.exe Infected: Trojan-Downloader.Win32.Adload.ai skipped
C:\Program Files\Norton AntiVirus\Quarantine\02526398.tmp Infected: not-a-virus:AdWare.Win32.SurfSide.j skipped
C:\Program Files\Norton AntiVirus\Quarantine\02560D94.exe/data0001 Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\Program Files\Norton AntiVirus\Quarantine\02560D94.exe Inno: infected - 1 skipped
C:\Program Files\Norton AntiVirus\Quarantine\02560D94.exe CryptFF: infected - 1 skipped
C:\Program Files\Norton AntiVirus\Quarantine\02593791.exe Infected: Backdoor.Win32.VB.ary skipped
C:\Program Files\Norton AntiVirus\Quarantine\025C618D.exe Infected: Trojan-Downloader.Win32.TSUpdate.p skipped
C:\Program Files\Norton AntiVirus\Quarantine\025F0B8A.exe Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\Program Files\Norton AntiVirus\Quarantine\02633586.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Program Files\Norton AntiVirus\Quarantine\02665F82.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Program Files\Norton AntiVirus\Quarantine\0269097F.exe Infected: Trojan-Clicker.Win32.VB.no skipped
C:\Program Files\Norton AntiVirus\Quarantine\026C337B.exe Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\Program Files\Norton AntiVirus\Quarantine\02730774.cab/azesearch4.ocx Infected: not-a-virus:AdWare.Win32.AzSearch.b skipped
C:\Program Files\Norton AntiVirus\Quarantine\02730774.cab CAB: infected - 1 skipped
C:\Program Files\Norton AntiVirus\Quarantine\02730774.cab CryptFF: infected - 1 skipped
C:\Program Files\Norton AntiVirus\Quarantine\02730774.exe/WISE0009.BIN Infected: Trojan-Downloader.Win32.TSUpdate.n skipped
C:\Program Files\Norton AntiVirus\Quarantine\02730774.exe/WISE0010.BIN Infected: Trojan-Downloader.Win32.TSUpdate.p skipped
C:\Program Files\Norton AntiVirus\Quarantine\02730774.exe/WISE0011.BIN Infected: Trojan-Downloader.Win32.TSUpdate.l skipped
C:\Program Files\Norton AntiVirus\Quarantine\02730774.exe/WISE0012.BIN Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\Program Files\Norton AntiVirus\Quarantine\02730774.exe WiseSFX: infected - 4 skipped
C:\Program Files\Norton AntiVirus\Quarantine\02730774.exe CryptFF: infected - 4 skipped
C:\Program Files\Norton AntiVirus\Quarantine\0572387D.exe Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\Program Files\Norton AntiVirus\Quarantine\10454040.cla Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Program Files\Norton AntiVirus\Quarantine\104C1438.tmp Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Program Files\Norton AntiVirus\Quarantine\1D24709B.exe Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\Program Files\Norton AntiVirus\Quarantine\1FBF0F94.cla Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Program Files\Norton AntiVirus\Quarantine\291A22A2.exe Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\Program Files\Norton AntiVirus\Quarantine\2DBD47D4.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\Norton AntiVirus\Quarantine\2FE874A8.cla Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\2FE874A8.tmp Infected: Trojan.Java.ClassLoader.h skipped
C:\Program Files\Norton AntiVirus\Quarantine\34AB5EA0.exe Infected: Backdoor.Win32.VB.ary skipped
C:\Program Files\Norton AntiVirus\Quarantine\48727F2B.tmp Infected: Trojan.Java.ClassLoader.d skipped
C:\Program Files\Norton AntiVirus\Quarantine\4A816963.cla Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Program Files\Norton AntiVirus\Quarantine\4A816963.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Program Files\Norton AntiVirus\Quarantine\4A816963.zip ZIP: infected - 1 skipped
C:\Program Files\Norton AntiVirus\Quarantine\4A816963.zip CryptFF: infected - 1 skipped
C:\Program Files\Norton AntiVirus\Quarantine\4BCB569E.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Program Files\Norton AntiVirus\Quarantine\5411327E.exe Infected: Trojan-Downloader.Win32.Small.on skipped
C:\Program Files\Norton AntiVirus\Quarantine\575C129C.exe Infected: Trojan-Clicker.Win32.VB.no skipped
C:\Program Files\Norton AntiVirus\Quarantine\5D272926.exe Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\Program Files\Norton AntiVirus\Quarantine\5D440899.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\Program Files\Norton AntiVirus\Quarantine\635244A2.exe Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\Program Files\Norton AntiVirus\Quarantine\6E7C0A99.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\Norton AntiVirus\Quarantine\6EE200A1.exe Infected: Trojan-Downloader.Win32.Adload.br skipped
C:\Program Files\Norton AntiVirus\Quarantine\6FD86F82.exe Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\Program Files\Norton AntiVirus\Quarantine\70114289.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\Program Files\Norton AntiVirus\Quarantine\71A35DF4.exe Infected: not-a-virus:AdWare.Win32.CashDeluxe.g skipped
C:\Program Files\Norton AntiVirus\Quarantine\79C01003.exe Infected: Trojan-Downloader.Win32.Adload.ai skipped
C:\Program Files\Norton AntiVirus\Quarantine\7A733CA0.exe Infected: Trojan-Downloader.Win32.TSUpdate.l skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005849.exe/InpB/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005849.exe/InpB/SskCore.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005849.exe/InpB/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005849.exe/InpB/Ssk3RepairInstall.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ap skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005849.exe/InpB Infected: not-a-virus:AdWare.Win32.SurfSide.ap skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005849.exe CAB: infected - 5 skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005850.exe Infected: Trojan-Downloader.Win32.Adload.br skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005851.exe Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005852.exe Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005853.exe Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005854.exe Infected: Trojan-Downloader.Win32.Adload.ai skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005855.exe Infected: Backdoor.Win32.VB.ary skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005862.exe Infected: Trojan-Clicker.Win32.VB.no skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005878.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005880.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005881.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005882.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005889.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005897.exe Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005898.exe Infected: Trojan-Downloader.Win32.TSUpdate.n skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005899.exe Infected: not-virus:Hoax.Win32.Renos.cq skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005900.exe Infected: Trojan-Dropper.Win32.VB.mz skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005902.exe/data0006 Infected: Trojan-Dropper.Win32.VB.mz skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005902.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005903.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005903.exe/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005903.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005903.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005903.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005903.exe RarSFX: infected - 5 skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005909.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP34\A0005910.dll Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP36\A0006083.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP36\A0006084.dll Infected: not-a-virus:AdWare.Win32.SurfSide.at skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP36\A0006085.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ao skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP36\A0006087.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ap skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP36\A0006111.exe Infected: Trojan-Clicker.Win32.VB.ly skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP36\A0006112.exe Infected: Trojan-Downloader.Win32.PurityScan.cl skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP36\A0006113.exe Infected: not-virus:Hoax.Win32.Renos.cm skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP36\A0006114.dll Infected: not-virus:Hoax.Win32.Renos.ck skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP36\A0006115.exe Infected: not-virus:Hoax.Win32.Renos.cl skipped
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP36\A0006149.exe Infected: Trojan-Downloader.Win32.PurityScan.co skipped
Scan process completed.
wow this is not easy but I made it