Jump to content
Sign in to follow this  
jl1718

Please help AZE toolbar is driving me crazy

Recommended Posts

Logfile of HijackThis v1.99.1

Scan saved at 6:11:04 PM, on 1/18/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\msiexec.exe

C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Microsoft Hardware\Mouse\point32.exe

C:\WINDOWS\System32\RUNDLL32.EXE

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

c:\progra~1\intern~1\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Jerry\My Documents\hjk\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zcpmqpqnowdnaszhbxi.com/uCQ7dQ1...CAEM0dajag.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [POINTER] point32.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKCU\..\Run: [builddent] C:\DOCUME~1\Teresa\APPLIC~1\Glueplan\Heck list.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = ?

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab

O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://pcpitstop.com/pestscan/pestscan.cab

O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://pcpitstop.com/mhLbl.cab

O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Password Validation (ccPwdSvc) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Settings Manager (ccSetMgr) - C-Dilla Ltd - (no file)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Share this post


Link to post
Share on other sites

Please run HijackThis, and Scan

Check box on the following:

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zcpmqpqnowdnaszhbxi.com/uCQ7dQ1...CAEM0dajag.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

 

O4 - HKCU\..\Run: [builddent] C:\DOCUME~1\Teresa\APPLIC~1\Glueplan\Heck list.exe

 

Select: Fix Checked

 

Enable the viewing of Hidden Files and Folders as follows:

-At your Desktop, go to Start>My Computer

-Select the Tools menu and then Folder Options

-After the new window appears select the View tab

-Select: Display the contents of system folders

-Under the Hidden files and folders section select: Show hidden files and folders

-Remove the checkmark from Hide file extensions for known file types

-Remove the checkmark from Hide protected operating system files (Recommended)

-Press the Apply button

Click OK

 

Now, reboot to Safe Mode:

-Restart your computer

-When the machine first starts again, tap the F8 key repeatedly until you are presented with

a Windows XP Advanced Options menu

-Select the option for Safe Mode using the arrow keys

-Press Enter to boot into Safe Mode

 

Next, search for and, if found, delete the following folder (bold):

C:\Documents and Settings\Teresa\Application Data\Glueplan

 

Reboot to Normal mode.

 

Next, launch Notepad, (Start>Programs>Accessories>Notepad)

Copy/paste all the bold text below to it:

 

dir %Windir%\tasks /a h > files.txt

notepad files.txt

 

In Notepad, go to File (upper menu bar), and select: Save as

 

In the Save as prompt:

Save in: Desktop

File Name: findjobs.bat

Save as Type: All files

Click: Save

Exit out of Notepad.

 

Next, on the Desktop, double click on findjobs.bat

 

Please post the content of the text file in your reply.

 

Run a Panda online ActiveScan

http://www.pandasoftware.com/products/activescan.htm

 

On the top right go to: Free Use ActiveScan

Select: Free online virus scan

 

In the prompt that appears: Panda ActiveScan, select the green button: Check Now! At no cost.

 

Follow the prompts, provide the required info, select: Scan Now!

Allow the ActiveX download.

 

Select a device to scan: Local Disks

 

Next, select: See Report

Then select, Save Report and save to a location where you can find the report.

 

Finally, provide the following in your reply:

The results of the Panda ActiveScan

The contents of the text file produced by Findjobs.bat

A new HijackThis log

Share this post


Link to post
Share on other sites

Volume in drive C is WINXP

Volume Serial Number is 3F77-60B5

 

Directory of C:\WINDOWS\tasks

 

09/28/2003 10:44 PM <DIR> .

09/28/2003 10:44 PM <DIR> ..

08/18/2001 07:00 AM 65 desktop.ini

01/19/2006 03:45 PM 6 SA.DAT

01/19/2006 06:15 AM 640 WiRNS Scheduled Import.job

01/15/2006 06:15 AM 622 WiRNS Full Import Task.job

01/13/2006 08:00 PM 530 Norton AntiVirus - Scan my computer - Jerry.job

01/19/2006 03:00 PM 262 A0A2BAF691B931F2.job

6 File(s) 2,125 bytes

 

Directory of C:\Documents and Settings\Teresa\Desktop

 

Incident Status Location

Share this post


Link to post
Share on other sites

Logfile of HijackThis v1.99.1

Scan saved at 4:31:05 PM, on 1/19/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft Hardware\Mouse\point32.exe

C:\WINDOWS\System32\RUNDLL32.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\System32\cmd.exe

C:\WINDOWS\notepad.exe

C:\WINDOWS\notepad.exe

C:\Documents and Settings\Jerry\My Documents\hjk\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.pldhlyadqtlaclfzhiccngt.info/uC...CAEM0dajag.html

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [POINTER] point32.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\RunOnce: [Panda_cleaner_224707] C:\WINDOWS\System32\ActiveScan\pavdr.exe 224707

O4 - Global Startup: Adobe Gamma Loader.lnk = ?

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab

O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://pcpitstop.com/pestscan/pestscan.cab

O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://pcpitstop.com/mhLbl.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Password Validation (ccPwdSvc) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Settings Manager (ccSetMgr) - C-Dilla Ltd - (no file)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Share this post


Link to post
Share on other sites

Incident Status Location

 

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\uwdf.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\keystone.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\mdm.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\nvappbar.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\nvcolor.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\nvdspsch.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\nwiz.exe

Adware:adware/azesearch Not disinfected C:\WINDOWS\system32\azebar.xml

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\CTSVCCTL.EXE

Adware:Adware/RiverSoft Not disinfected C:\WINDOWS\system32\zilla.dll

Virus:Trj/Downloader.EDC Disinfected C:\WINDOWS\system32\m101-ss.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\java.exe

Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\system32\xmltok.dll

Spyware:Spyware/LZIO-Media Not disinfected C:\WINDOWS\system32\aud-acx11.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\javaw.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\javaws.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\mssysapps\webrebates_installas.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\mssysapps\dealhelper.exe

Spyware:spyware/whazit Not disinfected C:\WINDOWS\system32\fiz1

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\nvudisp.exe

Virus:Trj/Downloader.EDC Disinfected C:\WINDOWS\system32\m101-d.exe

Spyware:Spyware/Omi Not disinfected C:\WINDOWS\system32\MSHPEB.DLL

Spyware:Spyware/ClientMan Not disinfected C:\WINDOWS\system32\msdipo.dll

Spyware:Spyware/Omi Not disinfected C:\WINDOWS\system32\msfdje.gif

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\Macromed\Shockwave 10\Download.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\CTHELPER.EXE

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\KILLAPPS.EXE

Virus:W32/Parite.B Disinfected C:\WINDOWS\system32\REGPLIB.EXE

Adware:adware/virtualbouncer Not disinfected C:\WINDOWS\system32\INNERADINSTALL.LOG

Adware:Adware/nCase Not disinfected C:\WINDOWS\system32\SplWbr.dll

Adware:Adware/IPInsight Not disinfected C:\WINDOWS\inf\conscorr.inf

Adware:Adware/IPInsight Not disinfected C:\WINDOWS\inf\alchem.inf

Virus:W32/Parite.B Disinfected C:\WINDOWS\twain_32\CNQL20\CANOIT32.EXE

Virus:W32/Parite.B Disinfected C:\WINDOWS\iun6002ev.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\F ma.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\ST6UNST.EXE

Adware:adware/portalscan Not disinfected C:\WINDOWS\bundles\bs5-cvuacy.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\runsvc32.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\CDILLA64.EXE

Virus:W32/Parite.B Disinfected C:\WINDOWS\IsUninst.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.1\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.2\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.3\installer_VENDARE3.exe

Adware:adware/savenow Not disinfected C:\WINDOWS\Downloaded Program Files\WUInst.inf

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.4\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.5\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.6\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.7\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.8\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.9\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.10\installer_VENDARE3.exe

Adware:Adware/NetPals Not disinfected C:\WINDOWS\Downloaded Program Files\ATPartners.inf

Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\Downloaded Program Files\SAHUninstall_.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.11\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.12\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.13\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.14\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.15\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.16\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.17\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.18\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.19\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.20\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.21\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.22\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.23\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.24\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.25\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.26\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.27\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.28\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.29\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.30\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.31\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.32\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.33\installer_VENDARE3.exe

Share this post


Link to post
Share on other sites

C:\WINDOWS\Downloaded Program Files\CONFLICT.34\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.35\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.36\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.37\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.38\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.39\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.40\installer_VENDARE3.exe

Adware:Adware/Exact.SearchBar Not disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.41\installer_VENDARE3.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Downloaded Program Files\qshsetup.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Installer\{A3F60446-48FB-48A8-B5FC-BB3430AEF806}\Icon.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Installer\{A3F60446-48FB-48A8-B5FC-BB3430AEF806}\_8BC0A7C913FD_4112_87DA_AE60B3355013.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Installer\{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}\ARPPRODUCTICON.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Installer\{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}\NewShortcut3_4BDFD2CE632942E498019B3D1F10D79B.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Installer\{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}\NewShortcut2_4BDFD2CE632942E498019B3D1F10D79B.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Installer\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\ARPPRODUCTICON.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Installer\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\NewShortcut3_35AFD495EC2E4B2BB9DB30EEBC74049D.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Installer\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\NewShortcut6_35AFD495EC2E4B2BB9DB30EEBC74049D.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Installer\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\NewShortcut4_8C3BCD70236347B8A53EEE8A82FD5C78.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmlaunch.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\migrate.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpenc.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\SoftwareDistribution\Download\94076d2dfaa176bbb2083a92af29814c\spuninst.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\SoftwareDistribution\Download\94076d2dfaa176bbb2083a92af29814c\update\update.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Ctregrun.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\MIDIDEF.EXE

Virus:W32/Parite.B Disinfected C:\WINDOWS\Downloaded Installations\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\iTunesSetup.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\Downloaded Installations\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\QuickTimeInstaller.exe

Virus:W32/Parite.B Disinfected C:\WINDOWS\PSCONV.EXE

Virus:W32/Parite.B Disinfected C:\WINDOWS\READREG.EXE

Virus:W32/Parite.B Disinfected C:\WINDOWS\Updreg.EXE

Spyware:spyware/media-motor Not disinfected C:\WINDOWS\ubber60.ini

Virus:W32/Parite.B Disinfected C:\Documents and Settings\All Users\Application Data\MCA2BA.tmp\McAppIns.exe

Adware:Adware/Lop Not disinfected C:\Documents and Settings\All Users\Application Data\Mags slow license nurb\Dale Drive.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\kaa1.tmp

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\eula\AdskLicense.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\msi\instmsi.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\msi\instmsiw.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\adlm.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Data\Win95\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Data\WinNt\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\netsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\adskflex.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmgrd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmtools.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmutil.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2-001-win.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2_007-win-i.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\SAMreport.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\directx81\dxsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\IE6\ie6setup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\manuals\Reactor_Reference_and_Tutorials.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\Qtime\QuickTimeInstaller.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\swl\CdRemove.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\swl\CdSet32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd1\turbosquid\TurboSquid-1_63a-SF11.exe

Share this post


Link to post
Share on other sites

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd2\Adobe_Acrobat\ar405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX03.422\3dMax5\3dmxd2\Adobe_Acrobat\rs405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\eula\AdskLicense.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\msi\instmsi.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\msi\instmsiw.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\adlm.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Data\Win95\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Data\WinNt\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\netsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\adskflex.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmgrd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmtools.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmutil.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2-001-win.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2_007-win-i.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\SAMreport.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\directx81\dxsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\IE6\ie6setup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\manuals\Reactor_Reference_and_Tutorials.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\Qtime\QuickTimeInstaller.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\swl\CdRemove.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\swl\CdSet32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd1\turbosquid\TurboSquid-1_63a-SF11.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd2\Adobe_Acrobat\ar405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX13.0844\3dMax5\3dmxd2\Adobe_Acrobat\rs405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\eula\AdskLicense.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\msi\instmsi.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\msi\instmsiw.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\adlm.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Data\Win95\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Data\WinNt\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\netsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\adskflex.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmgrd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmtools.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmutil.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2-001-win.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2_007-win-i.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\SAMreport.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\directx81\dxsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\IE6\ie6setup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\manuals\Reactor_Reference_and_Tutorials.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\Qtime\QuickTimeInstaller.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\swl\CdRemove.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\swl\CdSet32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\turbosquid\TurboSquid-1_63a-SF11.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd2\Adobe_Acrobat\ar405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd2\Adobe_Acrobat\rs405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\eula\AdskLicense.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\msi\instmsi.exe

Share this post


Link to post
Share on other sites

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\msi\instmsiw.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\adlm.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Data\Win95\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Data\WinNt\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\netsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\adskflex.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmgrd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmtools.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmutil.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2-001-win.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2_007-win-i.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\SAMreport.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\directx81\dxsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\IE6\ie6setup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\manuals\Reactor_Reference_and_Tutorials.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\Qtime\QuickTimeInstaller.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\swl\CdRemove.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\swl\CdSet32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\turbosquid\TurboSquid-1_63a-SF11.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd2\Adobe_Acrobat\ar405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd2\Adobe_Acrobat\rs405eng.exe

Potentially unwanted tool:Application/Zango Not disinfected C:\Documents and Settings\Jerry\My Documents\My eBooks\backups\backup-20060108-160515-925.dll

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\My eBooks\OverDisk0.11b.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\My eBooks\File.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\My eBooks\ventrilo_2[1].1.0.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\RegSeeker\RegSeeker.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\hjk\HijackThis.exe

Adware:Adware/AzeSearch Not disinfected C:\Documents and Settings\Jerry\My Documents\hjk\backups\backup-20060118-150836-759.inf

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\eula\AdskLicense.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\msi\instmsi.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\msi\instmsiw.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\adlm.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Data\Win95\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Data\WinNt\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\netsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\adskflex.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmgrd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmtools.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmutil.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2-001-win.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2_007-win-i.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\SAMreport.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\directx81\dxsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\IE6\ie6setup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\manuals\Reactor_Reference_and_Tutorials.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\Qtime\QuickTimeInstaller.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\swl\CdRemove.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\swl\CdSet32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\turbosquid\TurboSquid-1_63a-SF11.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Share this post


Link to post
Share on other sites

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\directx81\dxsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\IE6\ie6setup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\manuals\Reactor_Reference_and_Tutorials.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\Qtime\QuickTimeInstaller.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\swl\CdRemove.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\swl\CdSet32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd1\turbosquid\TurboSquid-1_63a-SF11.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd2\Adobe_Acrobat\ar405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX19.9625\3dMax5\3dmxd2\Adobe_Acrobat\rs405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\eula\AdskLicense.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\msi\instmsi.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\msi\instmsiw.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\adlm.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Data\Win95\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Data\WinNt\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\netsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\adskflex.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmgrd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmtools.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmutil.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2-001-win.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2_007-win-i.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\SAMreport.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\ddesrv32.exe

Share this post


Link to post
Share on other sites

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\directx81\dxsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\IE6\ie6setup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\manuals\Reactor_Reference_and_Tutorials.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\Qtime\QuickTimeInstaller.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\swl\CdRemove.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\swl\CdSet32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd1\turbosquid\TurboSquid-1_63a-SF11.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd2\Adobe_Acrobat\ar405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Local Settings\Temp\Rar$EX27.5063\3dMax5\3dmxd2\Adobe_Acrobat\rs405eng.exe

Potentially unwanted tool:Application/Zango Not disinfected C:\Documents and Settings\Jerry\My Documents\My eBooks\backups\backup-20060108-160515-925.dll

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\My eBooks\OverDisk0.11b.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\My eBooks\File.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\My eBooks\ventrilo_2[1].1.0.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\RegSeeker\RegSeeker.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\hjk\HijackThis.exe

Adware:Adware/AzeSearch Not disinfected C:\Documents and Settings\Jerry\My Documents\hjk\backups\backup-20060118-150836-759.inf

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\eula\AdskLicense.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\msi\instmsi.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\msi\instmsiw.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\adlm.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Data\Win95\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Data\WinNt\ad_elmd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\netsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\adskflex.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmgrd.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmtools.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\lmutil.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2-001-win.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\jre1_2_2_007-win-i.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\AdLM\SAMreport-Lite\SAMreport.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\IPX\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\ddesrv32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winadmin.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\wincntrl.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winquery.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsmax\Netsetup\Support\TCP\winrpt32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\directx81\dxsetup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\IE6\ie6setup.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\manuals\Reactor_Reference_and_Tutorials.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\Qtime\QuickTimeInstaller.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\swl\CdRemove.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\swl\CdSet32.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd1\turbosquid\TurboSquid-1_63a-SF11.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\cs-keygen.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd2\3dsMax 5.0.0 keygen-VoX\hv-Max5-kg.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd2\Adobe_Acrobat\ar405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\My Documents\3DMAX\3dMax5\3dmxd2\Adobe_Acrobat\rs405eng.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Desktop\NR2003.exe

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Jerry\Desktop\wrar351.exe

Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Jerry\Cookies\jerry@888[2].txt

Spyware:Cookie/go Not disinfected C:\Documents and Settings\Jerry\Cookies\jerry@go[1].txt

Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Jerry\Cookies\jerry@ad.yieldmanager[2].txt

Virus:W32/Parite.B Disinfected C:\Documents and Settings\Teresa\Local Settings\Temp\quj2.tmp

Adware:adware/ieplugin Not disinfected C:\Documents and Settings\Teresa\Desktop\Desktop Toolbar

Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@tribalfusion[1].txt

Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@z1.adserver[1].txt

Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@doubleclick[1].txt

Share this post


Link to post
Share on other sites

Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@advertising[1].txt

Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@atdmt[2].txt

Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@as1.falkag[2].txt

Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@hitbox[1].txt

Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@belnk[1].txt

Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@revenue[2].txt

Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@linksynergy[1].txt

Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@searchportal.information[2].txt

Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@dist.belnk[2].txt

Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@mediaplex[1].txt

Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@apmebf[2].txt

Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@qksrv[2].txt

Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@zedo[1].txt

Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@bfast[2].txt

Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@data.coremetrics[1].txt

Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@fastclick[2].txt

Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@media.fastclick[1].txt

Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@2o7[1].txt

Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@ad.yieldmanager[1].txt

Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Teresa\Cookies\teresa@perf.overture[1].txt

Adware:adware/tvmedia Not disinfected C:\Documents and Settings\Teresa\Application Data\tvmcwrd.dll

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\knlwrap.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriver.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriver2.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Adobe\ESD\AdobeDownloadManager.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Adobe\ESD\uninst.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Adobe\Workflow\AdobeWorkgroupHelper.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Real\Update_OB\realsched.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Real\GToolbar\GDSSetup.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_05.b05\patchjre.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_05.b05\zipper.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_05.b05\launcher.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Logitech\LGS460Inst\Profiler\9x\LWTest.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Logitech\LGS460Inst\Profiler\LWEMon.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Common Files\Logitech\LGS460Inst\Setup2.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Messenger\msmsgs.exe

Virus:W32/Parite.B Disinfected C:\Program Files\WinRAR\Rar.exe

Virus:W32/Parite.B Disinfected C:\Program Files\WinRAR\Uninstall.exe

Virus:W32/Parite.B Disinfected C:\Program Files\WinRAR\UnRAR.exe

Virus:W32/Parite.B Disinfected C:\Program Files\WinRAR\RarExtLoader.exe

Adware:Adware/Exact.Funcade Not disinfected C:\Program Files\Funcade\funcade.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Windows Media Player\wmlaunch.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Windows Media Player\migrate.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Windows Media Player\wmpenc.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Windows Media Player\wmsetsdk.exe

Virus:W32/Parite.B Disinfected C:\Program Files\WON\wonplay.exe

Virus:W32/Parite.B Disinfected C:\Program Files\WON\WONplay\pachisi\pachisi.exe

Virus:W32/Parite.B Disinfected C:\Program Files\WON\WONplay\wonun.exe

Virus:W32/Parite.B Disinfected C:\Program Files\AIM\aim.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Notepad++\notepad++.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Notepad++\nppIExplorerShell.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Notepad++\uninstall.exe

Virus:W32/Parite.B Disinfected C:\Program Files\PCPitstop\AV\Uninst.exe

Virus:W32/Parite.B Disinfected C:\Program Files\photoshop\Photoshop\_ISDel.exe

Virus:W32/Parite.B Disinfected C:\Program Files\photoshop\Photoshop\enu\en_US\_ISDel.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Logitech\Profiler\LWEMon.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Yahoo!\Messenger\yupdater.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig705\ENU\instmsiw.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Acrobat 7.0\Reader\Updater\acroaum.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\PsaProxy.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\AdobeUpdateManager.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\Photoshop Album Starter Edition.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\ComponentLauncher.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Shared_Assets\locales\en_us\ADB2.EXE

Virus:W32/Parite.B Disinfected C:\Program Files\Adobe\Photoshop Elements 2\PhotoshopElements.exe

Virus:W32/Parite.B Disinfected C:\Program Files\OverDisk\OverDisk.exe

Share this post


Link to post
Share on other sites

Virus:W32/Parite.B Disinfected C:\Program Files\OverDisk\uninstall.exe

Virus:W32/Parite.B Disinfected C:\Program Files\CleanUp!\Cleanup.exe

Virus:W32/Parite.B Disinfected C:\Program Files\CleanUp!\uninstall.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\MuVo Drivers\uninstaller.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\Shared Files\Media Sniffer\StartMS.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\Shared Files\CDASvc.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\Shared Files\Music Analyzer\CTMetAcq.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\Shared Files\CTRegSvr.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\MediaSource\CTCMS.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\MediaSource\Wizard\AudioCvt\AudioCvt.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\MediaSource\Wizard\Import\CTImport.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\MediaSource\Wizard\ImportPlaylist\CTEPLImp.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\SBLive\AudioHQ\Ahqrun.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\SBLive\AudioHQ\AHQTbU.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\SBLive\AudioHQ\AudioHQU.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\SBLive\SurMix2\SurMix2.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\SBLive\Program\RDefault.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\SBLive\Program\CTZAPXX.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\SBLive\Program\ADGJDet.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Creative\SBLive\Diagnostics\CTCplFW.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rFactor\GameData\Locations\MidOhio_GP_for_rFactor.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rFactor\GameData\Locations\Uninstal.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rFactor\Support\HostingTest.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rFactor\Support\StatSend.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rFactor\Uninstall.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rFactor\F3v1.0.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rFactor\unins000.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rFactor\rF Config.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rFactor\UninstallPCC2005.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rFactor\RF_AeroWar88_Setup_01-13-06.exe

Virus:W32/Parite.B Disinfected C:\Program Files\XoftSpy\XoftSpy.exe

Virus:W32/Parite.B Disinfected C:\Program Files\XoftSpy\uninstall.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Executive Software\Diskeeper Lite Setup\instmsia.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Executive Software\Diskeeper Lite Setup\instmsiw.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Executive Software\DiskeeperLite\Connect.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Executive Software\DiskeeperLite\Icon.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Executive Software\DiskeeperLite\ShowHtml.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Executive Software\DiskeeperLite\DKService.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Executive Software\DiskeeperLite\DkIcon.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Lavasoft\Ad-Aware SE Personal\UNWISE.EXE

Virus:W32/Parite.B Disinfected C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Lavasoft\Ad-Aware SE Personal\unregaaw.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Microsoft Script Debugger\msscrdbg.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Activision\Call of Duty 2 Demo\CoD2SP_s.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Activision\Call of Duty 2\CoD2SP_s.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Real\RealPlayer\realplay.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Real\RealPlayer\realjbox.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Real\RealPlayer\rphelperapp.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Real\RealPlayer\fixrjb.exe

Virus:W32/Parite.B Disinfected C:\Program Files\QuickGamma\unins000.exe

Virus:W32/Parite.B Disinfected C:\Program Files\QuickGamma\QuickGamma.exe

Virus:W32/Parite.B Disinfected C:\Program Files\QuickGamma\QuickGammaLoader.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Teamspeak2_RC2\unins000.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Teamspeak2_RC2\server_windows.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Teamspeak2_RC2\unins001.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Teamspeak2_RC2\client_sdk\tsControl.exe

Virus:W32/Parite.B Disinfected C:\Program Files\iTunes\iTunes.exe

Virus:W32/Parite.B Disinfected C:\Program Files\iTunes\iTunesHelper.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\java.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\javacpl.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\javaw.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\javaws.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\jucheck.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\keytool.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\kinit.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\klist.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\ktab.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\orbd.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\pack200.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\policytool.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\rmid.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\rmiregistry.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\servertool.exe

Share this post


Link to post
Share on other sites

Virus:W32/Parite.B Disinfected C:\Program Files\Java\jre1.5.0_05\bin\tnameserv.exe

Virus:W32/Parite.B Disinfected C:\Program Files\iPod\bin\iPodService.exe

Virus:W32/Parite.B Disinfected C:\Program Files\QuickTime\QTSystem\QuickTimeUpdateHelper.exe

Virus:W32/Parite.B Disinfected C:\Program Files\QuickTime\QTSystem\QTPluginInstaller.exe

Virus:W32/Parite.B Disinfected C:\Program Files\QuickTime\QTInfo.exe

Virus:W32/Parite.B Disinfected C:\Program Files\QuickTime\QuickTimePlayer.exe

Virus:W32/Parite.B Disinfected C:\Program Files\QuickTime\PictureViewer.exe

Virus:W32/Parite.B Disinfected C:\Program Files\QuickTime\qttask.exe

Virus:W32/Parite.B Disinfected C:\Program Files\rsClient\ventrilo_2[1].1.0.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Spybot - Search & Destroy\blindman.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Spybot - Search & Destroy\Update.exe

Virus:W32/Parite.B Disinfected C:\Program Files\Spybot - Search & Destroy\unins000.exe

Virus:W32/Parite.B Disinfected C:\Program Files\CCleaner\uninst.exe

Virus:W32/Parite.B Disinfected C:\Program Files\MsnMusic\4226251\MsnMusic.exe

Virus:W32/Parite.B Disinfected C:\Program Files\ewido anti-malware\Uninstall.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\backburner2\serversvc.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\backburner2\server.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\backburner2\monitor.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\backburner2\managersvc.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\backburner2\manager.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\backburner2\backburnercfg.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\swl\CdSet32.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\swl\CdRemove.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\maxzip.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\maxunzip.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\adlmswitch.exe

Virus:W32/Parite.B Disinfected C:\3dsmax5\PMAN32.EXE

Virus:W32/Parite.B Disinfected C:\3dsmax5\MaxFind.exe

Virus:W32/Parite.B Disinfected C:\GTLDemo\Support\unins000.exe

Virus:W32/Parite.B Disinfected C:\GTLDemo\GTLConfig.exe

Virus:W32/Parite.B Disinfected C:\GTLDemo\sfp.exe

Virus:W32/Parite.B Disinfected C:\C_DILLA\setup\cdremove.exe

Adware:Adware/MyDailyHoroscope Not disinfected C:\hjk\backups\backup-20041028-161000-479.inf

Adware:Adware/Exact.BargainBuddy Not disinfected C:\hjk\backups\backup-20050216-192835-534

Virus:W32/Parite.B Disinfected C:\hjk\HijackThis.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\Papy3\oggenc.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\Papy3\SierraUp.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\Papy3\series\1024_owr_v1.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\Papy3\tracks\claw\MakeDat.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\Papy3\server.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\Papy3\config.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\Papy3\validate.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\Papy3\ventrilo_2[1].1.0.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\nascar racing 2003 season\config.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\nascar racing 2003 season\oggenc.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\nascar racing 2003 season\server.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\nascar racing 2003 season\SierraUp.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\nascar racing 2003 season\validate.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\2nascar racing 2003 season\series\1024_owr_v1.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\2nascar racing 2003 season\tracks\claw\MakeDat.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\2nascar racing 2003 season\nr2003_update_en_1000_1201.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\2nascar racing 2003 season\oggenc.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\2nascar racing 2003 season\SierraUp.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\2nascar racing 2003 season\NR2003.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\2nascar racing 2003 season\server.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\2nascar racing 2003 season\config.exe

Virus:W32/Parite.B Disinfected C:\Papyrus\2nascar racing 2003 season\validate.exe

Virus:W32/Parite.B Disinfected C:\Recycled\Dc1\backburner2\serversvc.exe

Virus:W32/Parite.B Disinfected C:\Recycled\Dc1\backburner2\server.exe

Virus:W32/Parite.B Disinfected C:\Recycled\Dc1\backburner2\monitor.exe

Virus:W32/Parite.B Disinfected C:\Recycled\Dc1\backburner2\managersvc.exe

Virus:W32/Parite.B Disinfected C:\Recycled\Dc1\backburner2\manager.exe

Virus:W32/Parite.B Disinfected C:\Recycled\Dc1\backburner2\backburnercfg.exe

Virus:W32/Parite.B Disinfected C:\Recycled\Dc1\swl\CdSet32.exe

Virus:W32/Parite.B Disinfected C:\Recycled\Dc1\swl\CdRemove.exe

Virus:W32/Parite.B Disinfected C:\Recycled\Dc1\maxzip.exe

Virus:W32/Parite.B Disinfected C:\Recycled\Dc1\maxunzip.exe

 

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\6.66\IDE\WinXP\sataraid\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\6.66\IDE\WinXP\sata_ide\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\6.66\SMBus\nvusmb.exe

Share this post


Link to post
Share on other sites

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\AudioDrv\nvuaudio.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\AudioDrv\nvumpu.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\Ethernet\NAM\NAMSetup.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\Ethernet\nvunrm.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\Win2K\pataraid\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\Win2K\raidtool\NvRaidMan.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\Win2K\raidtool\nvraidservice.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\Win2K\raidtool\NvSataConnection.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\Win2K\sataraid\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\Win2K\sata_ide\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\WinXP\pataraid\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\WinXP\raidtool\NvRaidMan.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\WinXP\raidtool\nvraidservice.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\WinXP\raidtool\NvSataConnection.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\WinXP\sataraid\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\IDE\WinXP\sata_ide\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.13\SMBus\nvusmb.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\AudioDrv\nvuaudio.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\AudioDrv\nvumpu.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\Ethernet\nvunrm.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\Ethernet\NAM\NAMSetup.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\SMBus\nvusmb.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\IDE\Win2K\legacy\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\IDE\Win2K\sata_ide\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\IDE\Win2K\raidtool\NvRaidMan.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\IDE\Win2K\raidtool\nvraidservice.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\IDE\Win2K\raidtool\NvSataConnection.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\IDE\WinXP\legacy\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\IDE\WinXP\sata_ide\nvuide.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\IDE\WinXP\raidtool\NvRaidMan.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\IDE\WinXP\raidtool\nvraidservice.exe

Virus:W32/Parite.B Disinfected C:\NVIDIA\nForceWin2KXP\7.15\IDE\WinXP\raidtool\NvSataConnection.exe

Virus:W32/Parite.B Disinfected C:\Downloads\WinZumaSetup.exe

Virus:W32/Parite.B Disinfected C:\CanoScan\CNQL20\CNQSG70\CANOIT32.EXE

Virus:W32/Parite.B Disinfected C:\CanoScan\CNQL30\CNQSG70\CANOIT32.EXE

 

 

 

Sorry for all the replies I hope I did that right.

Jerry

Share this post


Link to post
Share on other sites

Please launch Notepad once again, (Start>Programs>Accessories>Notepad)

Copy/paste all the bold text below to it:

 

%systemdrive%

cd C:\WINDOWS\Tasks

attrib -r -s -h A0A2BAF691B931F2.job

del A0A2BAF691B931F2.job

 

In the Save as prompt:

Save in: Desktop

File Name: remjobs.bat

Save as Type: All files

Click: Save

Exit out of Notepad.

 

On the Desktop, double click remjobs.bat

A DOS window opens and closes again. This is normal.

 

Run HijackThis, Scan

Check box for:

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.pldhlyadqtlaclfzhiccngt.info/uC...CAEM0dajag.html

 

Select: Fix Checked

 

Now, go back to the Desktop again, and double click on findjobs.bat, which is the previous batch file you first used to identify the contents of C:\WINDOWS\tasks. Please post the content of the text file of findjobs.bat in your reply to see if it is clean.

 

Also, go to Start > Run

Copy and paste the following in the Open box:

regedit /e C:\Services.txt "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services"

Click OK

Then, find C:\Services.txt and provide its information in your reply.

 

Next, download CleanUp40.exe to the Desktop: (about 3/4 down the page: Primary download site (setup program): CleanUp40.exe)

http://www.stevengould.org/software/cleanup/download.html

 

Double-click the Cleanup! icon to run the program

Click: Options (right side)

In the Quick SetUp area, move the arrow to: Custom CleanUp!

Only check the following:

Empty Recycle Bin

Delete Prefetch Files

Scan Local Drives for Temporary files

Cleanup! All Users

Click: OK

Click the CleanUp button and let the program run.

Close the program when done.

 

Restart the computer.

 

Download SpySweeper 4.5 Free Trial (bottom of page):

http://www.webroot.com/uk/products/spysweeper_latestv/

 

Follow the prompts and do a Typical installation

Click: Install, make sure Run SpySweeper Now is checked, and click Finish.

 

Update the program definitions

 

Then click on Options > Sweep Options

Check: Sweep all Folders on Selected drives

Check: Local Disc C

Under: What to Sweep, check every box.

 

Now, select: Sweep

It will take a while to scan the computer.

 

When the scan is done, remove whatever it finds.

Then, press the Results button

Select the Session Log tab

Select: Save to File so you can provide the results in your response.

Exit SpySweeper

 

Looks as if you already have Ewido. It recently changed to Ewido Anti-Malware.

If you need to install itpPress: Download Now

http://www.ewido.net/en/download/

 

In the folder where EWIDO is located, double click the EWIDO Setup file

Follow the prompts and reboot when done.

When the prompt with Additional Options appears, uncheck:

Install background guard

Install scan via context menu

 

Now, double click the ‘e’ on the Desktop, or, go to Start>All Programs>EWIDO

When the program starts, do an online update for the latest signature files

 

Run EWIDO.

Next, click on: Complete System Scan

 

The scan may find malware entries and request action to clean up. Agree.

However, if EWIDO finds something that you know is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), do not check: Perform action with all infections. If you are unsure of an entry, select None as the action for the time being.

 

Once the scan has completed, click: Save Report

Save the report to the EWIDO folder

 

When EWIDO is done, reboot.

 

Run HijackThis once again, and Scan.

 

Got a load for you! Need the following info:

A new HijackThis log

Another copy of findjobs.bat,

The info for C:\Services.txt (May be lengthy.)

The SpySweeper log

The Ewido report

 

 

Is the AZE toolbar still showing up?

Share this post


Link to post
Share on other sites

Logfile of HijackThis v1.99.1

Scan saved at 2:56:02 PM, on 1/20/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft Hardware\Mouse\point32.exe

C:\WINDOWS\System32\RUNDLL32.EXE

C:\WINDOWS\system32\winlogon.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\Jerry\My Documents\hjk\HijackThis.exe

 

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [POINTER] point32.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - Global Startup: Adobe Gamma Loader.lnk = ?

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab

O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://pcpitstop.com/pestscan/pestscan.cab

O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://pcpitstop.com/mhLbl.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Password Validation (ccPwdSvc) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Settings Manager (ccSetMgr) - C-Dilla Ltd - (no file)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

 

 

Volume in drive C is WINXP

Volume Serial Number is 3F77-60B5

 

Directory of C:\WINDOWS\tasks

 

09/28/2003 10:44 PM <DIR> .

09/28/2003 10:44 PM <DIR> ..

08/18/2001 07:00 AM 65 desktop.ini

01/19/2006 03:45 PM 6 SA.DAT

01/20/2006 06:15 AM 640 WiRNS Scheduled Import.job

01/15/2006 06:15 AM 622 WiRNS Full Import Task.job

01/13/2006 08:00 PM 530 Norton AntiVirus - Scan my computer - Jerry.job

5 File(s) 1,863 bytes

 

Directory of C:\Documents and Settings\Teresa\Desktop

 

more to follow, yes the toolbar is gone. Thanks

 

Jerry

Share this post


Link to post
Share on other sites

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

 

....Edited for brevity...

 

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ccEvtMgr]

"Type"=dword:00000010

"Start"=dword:00000002

"ErrorControl"=dword:00000000

"DisplayName"="Symantec Event Manager"

"Group"="Symantec Services"

"DependOnService"=hex(7):52,00,50,00,43,00,53,00,53,00,00,00,63,00,63,00,53,00,\

65,00,74,00,4d,00,67,00,72,00,00,00,00,00

"DependOnGroup"=hex(7):00,00

"ObjectName"="LocalSystem"

"Description"="Symantec Event Manager"

 

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ccPwdSvc]

"Type"=dword:00000010

"Start"=dword:00000003

"ErrorControl"=dword:00000000

"DisplayName"="Symantec Password Validation"

"ObjectName"="LocalSystem"

"Description"="Symantec Password Validation Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ccSetMgr]

"Type"=dword:00000010

"Start"=dword:00000002

"ErrorControl"=dword:00000000

"DisplayName"="Symantec Settings Manager"

"Group"="Symantec Services"

"DependOnService"=hex(7):52,00,50,00,43,00,53,00,53,00,00,00,00,00

"DependOnGroup"=hex(7):00,00

"ObjectName"="LocalSystem"

"Description"="Symantec Settings Manager"

Edited by FZWG

Share this post


Link to post
Share on other sites

********

3:56 PM: | Start of Session, Friday, January 20, 2006 |

3:56 PM: Spy Sweeper started

3:56 PM: Sweep initiated using definitions version 604

3:56 PM: Starting Memory Sweep

3:58 PM: Memory Sweep Complete, Elapsed Time: 00:01:40

3:58 PM: Starting Registry Sweep

3:58 PM: Found Adware: commonname

3:58 PM: HKCR\clsid\{63c0e8d2-9b7d-4246-ae38-6964c3301351}\ (26 subtraces) (ID = 106794)

3:58 PM: Found Trojan Horse: daemonize

3:58 PM: HKLM\software\microsoft\mrdodf\ (1 subtraces) (ID = 124547)

3:58 PM: Found Adware: hotbar

3:58 PM: HKLM\software\classes\spamblockerconfig.application\ (3 subtraces) (ID = 127536)

3:58 PM: HKCR\spamblockerconfig.application\ (3 subtraces) (ID = 127634)

3:58 PM: Found Trojan Horse: jeem

3:58 PM: HKLM\software\microsoft\windows\currentversion\welcome\ || cv093 (ID = 129327)

3:58 PM: HKLM\software\microsoft\windows\currentversion\welcome\ || idc3 (ID = 129328)

3:58 PM: Found Adware: odysseus marketing

3:58 PM: HKCR\appid\actsetup.dll\ (1 subtraces) (ID = 136317)

3:58 PM: HKLM\software\classes\appid\actsetup.dll\ (1 subtraces) (ID = 136323)

3:58 PM: Found Adware: orbit explorer

3:58 PM: HKCR\oesearch.oesearchhook\ (5 subtraces) (ID = 136468)

3:58 PM: HKCR\update.redirector\ (5 subtraces) (ID = 136472)

3:58 PM: HKCR\interface\{030a8576-686b-479a-af79-94b9fea79bc5}\ (8 subtraces) (ID = 136477)

3:58 PM: HKCR\interface\{1d22a25e-b181-4aee-88ff-2209f7c24fcb}\ (8 subtraces) (ID = 136478)

3:58 PM: HKLM\software\classes\oesearch.oesearchhook\ (5 subtraces) (ID = 136487)

3:58 PM: HKLM\software\classes\update.redirector\ (5 subtraces) (ID = 136490)

3:58 PM: HKLM\software\classes\interface\{030a8576-686b-479a-af79-94b9fea79bc5}\ (8 subtraces) (ID = 136495)

3:58 PM: HKLM\software\classes\interface\{1d22a25e-b181-4aee-88ff-2209f7c24fcb}\ (8 subtraces) (ID = 136496)

3:58 PM: Found Adware: websearch toolbar

3:58 PM: HKLM\system\currentcontrolset\enum\root\legacy_wintoolssvc\ (7 subtraces) (ID = 146518)

3:58 PM: Found Adware: whistle

3:58 PM: HKLM\software\whistlesoftware\ (8 subtraces) (ID = 146655)

3:58 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/hbinstie.dll\ (2 subtraces) (ID = 484423)

3:58 PM: Found Adware: interads

3:58 PM: HKLM\software\interads\ (33598 subtraces) (ID = 645794)

3:58 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\hbinstie.dll (ID = 655022)

3:58 PM: Found Adware: clientman

3:58 PM: HKCR\appid\urlcli.dll\ (1 subtraces) (ID = 701476)

3:58 PM: HKLM\software\classes\appid\urlcli.dll\ (1 subtraces) (ID = 701492)

3:58 PM: Found Adware: winad

3:58 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/mediagatewayx.dll\ (2 subtraces) (ID = 763026)

3:58 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\mediagatewayx.dll (ID = 763028)

3:58 PM: Found Adware: mediamotor - popuppers

3:58 PM: HKCR\iemonitor.cbrowsers\ (3 subtraces) (ID = 960700)

3:58 PM: HKCR\iemonitor.ieevents\ (3 subtraces) (ID = 960704)

3:58 PM: HKCR\clsid\{62fba4e7-bd9e-4d8d-8fbb-3c32999cb7fc}\ (23 subtraces) (ID = 960709)

3:58 PM: HKCR\clsid\{a03323d3-f649-4f16-a6e4-4fc53f917a83}\ (10 subtraces) (ID = 960733)

3:58 PM: HKCR\typelib\{1942bebe-dce5-4148-868e-1250a2218b4c}\ (9 subtraces) (ID = 960748)

3:58 PM: HKLM\software\classes\iemonitor.cbrowsers\ (3 subtraces) (ID = 960762)

3:58 PM: HKLM\software\classes\iemonitor.ieevents\ (3 subtraces) (ID = 960766)

3:58 PM: HKLM\software\classes\clsid\{62fba4e7-bd9e-4d8d-8fbb-3c32999cb7fc}\ (23 subtraces) (ID = 960771)

3:58 PM: HKLM\software\classes\clsid\{a03323d3-f649-4f16-a6e4-4fc53f917a83}\ (10 subtraces) (ID = 960795)

3:58 PM: HKLM\software\classes\typelib\{1942bebe-dce5-4148-868e-1250a2218b4c}\ (9 subtraces) (ID = 960810)

3:58 PM: HKCR\spamblockerconfig.application.1\ (3 subtraces) (ID = 968312)

3:58 PM: HKLM\software\classes\spamblockerconfig.application.1\ (3 subtraces) (ID = 968867)

3:58 PM: HKLM\software\spamblockerutility\ (7 subtraces) (ID = 978182)

3:58 PM: HKU\S-1-5-21-1844237615-688789844-682003330-1005\software\microsoft\internet explorer\extensions\cmdmapping\ || {946b3e9e-e21a-49c8-9f63-900533fafe14} (ID = 127575)

3:58 PM: HKU\S-1-5-21-1844237615-688789844-682003330-1005\software\microsoft\internet explorer\extensions\cmdmapping\ || {e77eda01-3c56-4a96-8d08-02b42891c169} (ID = 127576)

3:58 PM: HKU\S-1-5-21-1844237615-688789844-682003330-1005\software\microsoft\installer\features\10b0642b36134f8f914ea8e11ee5b503\ (1 subtraces) (ID = 788006)

3:58 PM: HKU\S-1-5-21-1844237615-688789844-682003330-1005\software\microsoft\installer\products\d493500bd4a54ea6bc805fc9cda952c5\ (2 subtraces) (ID = 788008)

3:58 PM: HKU\S-1-5-21-1844237615-688789844-682003330-1005\software\spamblockerutility\ (180 subtraces) (ID = 968537)

3:58 PM: Found Adware: showbehind

3:58 PM: HKU\S-1-5-21-1844237615-688789844-682003330-1005\software\showbehind\ (1 subtraces) (ID = 980567)

3:58 PM: HKU\WRSS_Profile_S-1-5-21-1844237615-688789844-682003330-1004\software\microsoft\internet explorer\extensions\cmdmapping\ || {946b3e9e-e21a-49c8-9f63-900533fafe14} (ID = 127575)

3:58 PM: HKU\WRSS_Profile_S-1-5-21-1844237615-688789844-682003330-1004\software\microsoft\internet explorer\extensions\cmdmapping\ || {e77eda01-3c56-4a96-8d08-02b42891c169} (ID = 127576)

3:58 PM: HKU\WRSS_Profile_S-1-5-21-1844237615-688789844-682003330-1004\software\showbehind\ (1 subtraces) (ID = 980567)

3:58 PM: Registry Sweep Complete, Elapsed Time:00:00:15

3:58 PM: Starting Cookie Sweep

3:58 PM: Found Spy Cookie: search200 cookie

3:58 PM: teresa@search200[1].txt (ID = 3309)

3:58 PM: Found Spy Cookie: tribalfusion cookie

3:58 PM: teresa@tribalfusion[1].txt (ID = 3589)

3:58 PM: Found Spy Cookie: 2o7.net cookie

3:58 PM: teresa@partygaming.122.2o7[1].txt (ID = 1958)

3:58 PM: Found Spy Cookie: casalemedia cookie

3:58 PM: teresa@casalemedia[2].txt (ID = 2354)

3:58 PM: Found Spy Cookie: adserver cookie

3:58 PM: teresa@z1.adserver[1].txt (ID = 2142)

3:58 PM: Found Spy Cookie: atwola cookie

3:58 PM: teresa@atwola[1].txt (ID = 2255)

3:58 PM: Found Spy Cookie: about cookie

3:58 PM: teresa@about[2].txt (ID = 2037)

3:58 PM: Found Spy Cookie: partypoker cookie

3:58 PM: teresa@partypoker[1].txt (ID = 3111)

3:58 PM: Found Spy Cookie: atlas dmt cookie

3:58 PM: teresa@atdmt[2].txt (ID = 2253)

3:58 PM: Found Spy Cookie: falkag cookie

3:58 PM: teresa@as1.falkag[2].txt (ID = 2650)

3:58 PM: Found Spy Cookie: belnk cookie

3:58 PM: teresa@belnk[1].txt (ID = 2292)

3:58 PM: Found Spy Cookie: 66.220.17 cookie

3:58 PM: teresa@66.220.17[1].txt (ID = 1991)

3:58 PM: Found Spy Cookie: revenue.net cookie

3:58 PM: teresa@revenue[2].txt (ID = 3257)

3:58 PM: Found Spy Cookie: linksynergy cookie

3:58 PM: teresa@linksynergy[1].txt (ID = 2926)

3:58 PM: teresa@dist.belnk[2].txt (ID = 2293)

3:58 PM: Found Spy Cookie: apmebf cookie

3:58 PM: teresa@apmebf[2].txt (ID = 2229)

3:58 PM: Found Spy Cookie: qksrv cookie

3:58 PM: teresa@qksrv[2].txt (ID = 3213)

3:58 PM: Found Spy Cookie: dealtime cookie

3:58 PM: teresa@stat.dealtime[2].txt (ID = 2506)

3:58 PM: Found Spy Cookie: coremetrics cookie

3:58 PM: teresa@data.coremetrics[1].txt (ID = 2472)

3:58 PM: Found Spy Cookie: fastclick cookie

3:58 PM: teresa@fastclick[2].txt (ID = 2651)

3:58 PM: teresa@media.fastclick[1].txt (ID = 2652)

3:58 PM: Found Spy Cookie: specificclick.com cookie

3:58 PM: teresa@adopt.specificclick[2].txt (ID = 3400)

3:58 PM: teresa@2o7[1].txt (ID = 1957)

3:58 PM: teresa@add.about[2].txt (ID = 2038)

3:58 PM: Found Spy Cookie: yieldmanager cookie

3:58 PM: teresa@ad.yieldmanager[1].txt (ID = 3751)

3:58 PM: Found Spy Cookie: overture cookie

3:58 PM: teresa@perf.overture[1].txt (ID = 3106)

3:58 PM: teresa@data1.perf.overture[1].txt (ID = 3106)

3:58 PM: Found Spy Cookie: advertising cookie

3:58 PM: teresa@advertising[1].txt (ID = 2175)

3:58 PM: Found Spy Cookie: trafficmp cookie

3:58 PM: teresa@trafficmp[2].txt (ID = 3581)

3:58 PM: Found Spy Cookie: ask cookie

3:58 PM: teresa@ask[1].txt (ID = 2245)

3:58 PM: Found Spy Cookie: zedo cookie

3:58 PM: teresa@zedo[2].txt (ID = 3762)

3:58 PM: Found Spy Cookie: ru4 cookie

3:58 PM: teresa@edge.ru4[2].txt (ID = 3269)

3:58 PM: Found Spy Cookie: go.com cookie

3:58 PM: jerry@rsi.espn.go[1].txt (ID = 2729)

3:58 PM: jerry@sports.espn.go[1].txt (ID = 2729)

3:58 PM: jerry@espn.go[1].txt (ID = 2729)

3:58 PM: Found Spy Cookie: metareward.com cookie

3:58 PM: jerry@metareward[1].txt (ID = 2990)

3:58 PM: jerry@partypoker[1].txt (ID = 3111)

3:58 PM: Found Spy Cookie: 888 cookie

3:58 PM: jerry@888[2].txt (ID = 2019)

3:58 PM: Found Spy Cookie: adknowledge cookie

3:58 PM: jerry@adknowledge[2].txt (ID = 2072)

3:58 PM: jerry@go[1].txt (ID = 2728)

3:58 PM: Found Spy Cookie: adlegend cookie

3:58 PM: jerry@adlegend[1].txt (ID = 2074)

3:58 PM: jerry@sports-att.espn.go[1].txt (ID = 2729)

3:58 PM: jerry@insider.espn.go[1].txt (ID = 2729)

3:58 PM: Found Spy Cookie: nextag cookie

3:58 PM: jerry@nextag[2].txt (ID = 5014)

3:58 PM: Found Spy Cookie: adminder cookie

3:58 PM: jerry@www.adminder[2].txt (ID = 2079)

3:58 PM: jerry@ad.yieldmanager[2].txt (ID = 3751)

3:58 PM: Found Spy Cookie: statcounter cookie

3:58 PM: jerry@statcounter[2].txt (ID = 3447)

3:58 PM: Cookie Sweep Complete, Elapsed Time: 00:00:01

3:58 PM: Starting File Sweep

3:58 PM: Warning: Failed to open file "c:\pagefile.sys". Access is denied

3:58 PM: iemonitor.ocx (ID = 186211)

4:00 PM: Found Adware: addestroyer

4:00 PM: inneradinstall.log (ID = 49035)

4:00 PM: Found Adware: virtualbouncer

4:00 PM: innervbinstall.log (ID = 82805)

4:00 PM: Found Adware: adlogix

4:00 PM: hqhlub.xml (ID = 49272)

4:00 PM: Warning: Failed to open file "c:\windows\system32\config\system.log". The process cannot access the file because it is being used by another process

4:00 PM: Warning: Failed to open file "c:\windows\system32\config\software.log". The process cannot access the file because it is being used by another process

4:00 PM: Warning: Failed to open file "c:\windows\system32\config\default.log". The process cannot access the file because it is being used by another process

4:00 PM: Warning: Failed to open file "c:\windows\system32\config\security". The process cannot access the file because it is being used by another process

4:00 PM: Warning: Failed to open file "c:\windows\system32\config\sam". The process cannot access the file because it is being used by another process

4:00 PM: Warning: Failed to open file "c:\windows\system32\config\sam.log". The process cannot access the file because it is being used by another process

4:00 PM: Warning: Failed to open file "c:\windows\system32\config\security.log". The process cannot access the file because it is being used by another process

4:00 PM: Warning: Failed to open file "c:\windows\system32\config\system". The process cannot access the file because it is being used by another process

4:00 PM: Warning: Failed to open file "c:\windows\system32\config\software". The process cannot access the file because it is being used by another process

4:00 PM: Warning: Failed to open file "c:\windows\system32\config\default". The process cannot access the file because it is being used by another process

4:02 PM: Found Trojan Horse: lzio

4:02 PM: dummyd.exe (ID = 69011)

4:02 PM: Found Adware: 180search assistant/zango

4:02 PM: c:\windows\system32\fleok (2 subtraces) (ID = -2147480556)

4:02 PM: fcjdcjcd.dll (ID = 69131)

4:02 PM: Found Adware: ipinsight

4:02 PM: conscorr.inf (ID = 64277)

4:02 PM: Found Adware: directrevenue-abetterinternet

4:02 PM: alchem.inf (ID = 83109)

4:03 PM: Found Trojan Horse: 2nd-thought

4:03 PM: c:\windows\bundles (1 subtraces) (ID = -2147481535)

4:03 PM: Found Adware: whenu

4:03 PM: wuinst.inf (ID = 74480)

4:03 PM: thin.inf (ID = 83583)

4:03 PM: Found Adware: mindset interactive - favoriteman

4:03 PM: atpartners.inf (ID = 69817)

4:08 PM: Found Adware: delfin

4:08 PM: c:\documents and settings\all users\application data\vidctrl (1 subtraces) (ID = -2147477475)

4:08 PM: Warning: Failed to open file "c:\documents and settings\networkservice\ntuser.dat". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\networkservice\ntuser.dat.log". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\ntuser.dat". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\ntuser.dat.log". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs69a8075d-f2ee-4b31-9ff2-271fd0bbf413.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs41535893-8085-44d4-b0ed-b4f5bb9394c0.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs047a4f2a-8141-4435-868b-68b88acd2e3f.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs4f08bd95-4ac7-4d5a-8d59-75fc3d478448.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3f347022-aea1-4cf4-98d5-f1d3465c1dd1.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs406dedda-3abe-427c-94b3-e265da5a8f66.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs5561e6fc-1465-4197-8e1e-c832632fa65e.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs2115f4f7-6ab4-4bb1-abb3-9eaa3cf16cea.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs1e644176-bbce-4eb7-be95-f114b57d9ccd.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsae64c514-1cf9-4e06-9ae7-d255822934dc.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs73006c52-7d87-4dbc-a9c1-5e57dab55738.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsebd1fb11-319f-4113-8ed8-3fbefa387ac5.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs60aae76a-aa78-4a05-a0a7-2df723d8a74c.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs35399ed5-892d-48ea-bfa5-ee10915dd391.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs99316269-e3d6-445e-aff6-4c1a4bf81241.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs874fa619-4af1-40b3-93f5-4c6da82d9ee5.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs0b36644f-3863-4c9b-8b1b-4719ff33d406.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs4955d368-6397-4033-837b-d6fae47677a0.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsab8198ce-75c7-4cb7-9754-8cb110af90e0.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsa067796d-6273-4928-9db4-6bbb4bfbe095.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs988c8992-af8f-4309-ac3c-3314a7d02330.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs8d342d73-f19d-4513-903f-bf41b8815554.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsbbd806c0-8df2-4af7-a374-5c524530b412.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsfe79c861-d0db-41ae-8d3d-3656ddc73be8.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs02771a6b-cf7c-4125-b1a8-bb51f8273af7.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs69d21861-6569-47a9-9e24-ac23ce3476b7.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3f4fdda6-d72d-4918-b8e4-eb08db75a4aa.tmp". The process cannot access the file because it is being used by another process

Share this post


Link to post
Share on other sites

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs612536f3-c00a-4292-8ca8-677c4fb12512.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs2727dbab-fba4-4a13-aa17-6e8ccc2effbf.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscse24750e3-b8c1-4d43-889d-4be054372d8b.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs100d853c-fc21-4d48-9c38-3f5b8df25c9a.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs47db4a73-f4f1-4617-b887-2dcc65b5f407.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf0a295ee-6b5d-4a8a-a5db-74c79c09344c.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf52232a2-9c54-4b93-951d-93b866cfc22f.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs32584703-1b30-40ca-9535-e0aaff4624f6.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscseea2b035-f3d3-43a9-a804-ecbfbcf9fc6e.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsa15d5406-ae2d-460a-8327-5821c0108308.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsdc7cc283-f3c8-427c-8966-8dd932df4555.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsb03d2d1b-cb0d-4e7b-8495-486f47cb026e.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs9324c62f-3c73-4394-a0e2-4de134d864c1.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3a7b7c5e-1bfe-4bb1-858a-1cb5483d803b.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsa9038f0e-7082-4b53-82db-1eae1f6ef4f6.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs1b63fefa-0311-43f9-abe8-b2f926aee88a.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsb3b7acf4-8615-4429-bbb9-6b72c1fa0ff0.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscscff77aa2-4bc2-434a-9fe2-fd0073a3f39d.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs0dc1f771-60fd-4529-907a-b6b6531a7ff1.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsd7ca6f74-2903-4c69-a8e8-e5bf19e62961.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs76cf4d8d-d675-45fd-b087-9d4e2a6ec096.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs9ad29c2e-6b40-43ce-9f45-4bfbec207ccb.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsed893b14-0fd5-4450-ac90-b6a3ca18c758.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsa07079f8-9932-4fd0-9b2a-7e78b9954531.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs5801f2d9-b692-4dc2-b017-7b7229e1ec36.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs6a701532-2dc5-4374-b745-a115f3d19fab.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf94cd3ac-bf89-4b54-ba4d-3becd5aed3f5.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsb2b3b9d4-1344-451e-b8e9-4d1d5f2ace7d.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf80f1f55-fa19-4af9-ab0c-b2eda993d2be.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsd054f332-74c3-4c8d-af6f-5dee9d6605ce.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs4aeebb3a-28d5-4b7f-b60b-4c821d120aa5.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs0deb3466-a673-428f-aeec-4bf773697967.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsa15cb8bf-8e83-4f3a-ad13-15410a7b3004.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsc88a94e8-63ab-4509-9cc0-a7736e5014b4.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsff117195-b6d9-404d-8504-12ba95a1a3b6.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsb39f38fe-d36f-45bd-b793-2650621fc114.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs72a8fd1f-b286-488d-a104-f9a063ceebd8.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsbebf808e-6550-4e3b-893a-6c2a3c0d744b.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs1a422bf4-20c6-4985-980a-02d438808c72.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsad10cbb7-e028-41b0-aa6f-f8ef18e0fae6.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs70e25266-3b10-4b42-976e-84cf1f782a38.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs690ffbc8-48fb-4f86-9b8b-57ae2b5383f1.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs75ebcd6b-5802-48ef-8eeb-07984c313614.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs4cc0e136-bb00-4285-8406-58cee371a20f.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscse6e08ddb-28d3-4076-98c5-bc74dc6dcc71.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs2f1469ea-7009-441c-876e-0f3c678aed0f.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsacacf8ea-4303-4439-85fb-398473a2e963.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsca7c73f7-5230-430d-815f-18651eeb715f.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs45f609ba-14b3-460c-889c-6f3c057dcfb2.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs32886cd7-82b1-4746-94a2-3835008de2a4.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs680de381-4902-4e5e-a01c-60a0ca576fe3.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscse29e8527-633a-4517-854d-08697b9a246f.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs56b47cb8-bb6d-47e7-ba30-d71a8cf7cb89.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3f4a6864-dde5-4ac2-bd66-00d8d3ef26bf.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscscc8e957d-5b9a-449d-a054-61aaceb82720.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs095460d9-8bdf-4667-a632-01e063b637ca.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs6f4747a1-d00e-46be-b896-0d979ef5a876.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf05ec04f-5936-4176-8de0-d74823951160.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsa176036a-ecad-4e22-b9aa-74261c3157aa.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsb9608124-2b68-4afc-be4b-9b4ed09120d7.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs9a9c0407-265c-4d0b-b913-37dccfe53d6c.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs012fbace-89f1-4065-8989-2bc6390fa325.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs342e56f1-e022-4293-b3c1-1cf40b719302.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs187ff2f0-f5b2-41b0-8771-5852b5aba950.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs86d0ead3-93c3-4c5c-9320-09afc26fcb6e.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsfaa908b9-4e98-448a-918e-76350f32187b.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs1c6fc3ab-e2cc-423a-b5a1-653b0fc10188.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf1d2090d-0f8d-4d02-8bff-ec306be5e1ab.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscse72476c3-7f27-4a54-9161-2920e27ca95a.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs0d87a321-6843-48c3-ab00-531aba65a3ee.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs1b014c82-4b3e-4200-8a18-b2a78ff97530.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs5cec565e-a349-441b-81d7-309b25acae40.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsccd7a8d9-d9d2-459c-a228-15b944f30350.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscscaa9216b-1f24-45cf-9a44-775badf851ad.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf8bb7098-dfc2-40c7-a386-48c8167cbbaf.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs5f5d75bc-6e10-467c-8400-dc45f4c14c03.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsda0ce394-8f3c-4906-846c-273f2e313211.tmp". The process cannot access the file because it is being used by another process

4:08 PM: Found Adware: netpal

4:08 PM: gamehouse games.url (ID = 70891)

4:08 PM: big fish games.url (ID = 70885)

4:08 PM: flyordie games.url (ID = 70890)

4:08 PM: backup-20060108-160515-925.dll (ID = 210205)

4:08 PM: Found Adware: mirar webband

4:08 PM: backup-20060109-183808-824.inf (ID = 208224)

4:08 PM: backup-20060109-183808-824.dll (ID = 208226)

4:08 PM: backup-20060109-183808-340.inf (ID = 62333)

4:08 PM: Found Adware: azsearch toolbar

4:08 PM: backup-20060118-150836-759.inf (ID = 50329)

4:08 PM: Warning: Failed to open file "c:\documents and settings\teresa\ntuser.dat". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\teresa\ntuser.dat.log". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\teresa\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process

4:08 PM: Warning: Failed to open file "c:\documents and settings\teresa\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process

4:08 PM: c:\documents and settings\teresa\start menu\programs\io (1 subtraces) (ID = -2147480633)

4:08 PM: Found Adware: exact fungamedownloads

4:08 PM: c:\documents and settings\teresa\start menu\programs\funcade (2 subtraces) (ID = -2147468032)

4:09 PM: Found Adware: golden palace casino

4:09 PM: best casino. $200 signup bonus!.url (ID = 61881)

4:09 PM: Found Adware: ieplugin

4:09 PM: desktop toolbar (ID = 63344)

4:09 PM: c:\documents and settings\teresa\application data\spamblockerutility (710 subtraces) (ID = -2147465763)

4:09 PM: default_mails.mnu (ID = 121821)

4:09 PM: ads.cdf (ID = 121815)

4:09 PM: d_icons_buttons_1000.res (ID = 121822)

4:09 PM: d_icons_buttons_2000.res (ID = 121823)

4:09 PM: d_icons_buttons_3000.res (ID = 121824)

4:09 PM: d_icons_buttons_bar.res (ID = 62283)

4:09 PM: d_icons_buttons_bbar1.res (ID = 121825)

4:09 PM: d_icons_buttons_logos.res (ID = 62283)

4:09 PM: d_icons_buttons_other.res (ID = 62283)

4:09 PM: d_icons_weather.res (ID = 121840)

4:09 PM: email-def-511724-9595.mnu (ID = 121842)

4:09 PM: hotbar-premium-hotbar-premium.mnu (ID = 121844)

4:09 PM: hotbar-premium.cdf (ID = 121845)

4:09 PM: linkpathlegal.txt (ID = 121849)

4:09 PM: progress.res (ID = 62367)

4:09 PM: tsd_bg.res (ID = 62382)

4:09 PM: linkpathlegal.xip (ID = 121866)

4:09 PM: d_icons_buttons_1000.xip (ID = 114339)

4:09 PM: d_icons_buttons_2000.xip (ID = 114390)

4:09 PM: d_icons_buttons_3000.xip (ID = 114353)

4:09 PM: d_icons_buttons_logos.xip (ID = 62284)

4:09 PM: d_icons_buttons_other.xip (ID = 62284)

4:09 PM: d_icons_weather.xip (ID = 121860)

4:09 PM: tsd_bg.xip (ID = 62383)

4:09 PM: progress.xip (ID = 62368)

4:09 PM: d_icons_buttons_bar.xip (ID = 62284)

4:09 PM: d_icons_buttons_bbar1.xip (ID = 114354)

4:09 PM: business_promo.xip (ID = 121856)

4:09 PM: ads.xip (ID = 121855)

4:09 PM: hotbar-premium.xip (ID = 114359)

4:09 PM: default_mails.mnu (ID = 121821)

4:09 PM: ads.cdf (ID = 121815)

4:09 PM: d_icons_buttons_1000.res (ID = 121822)

4:09 PM: d_icons_buttons_2000.res (ID = 121823)

4:09 PM: d_icons_buttons_3000.res (ID = 121824)

4:09 PM: d_icons_buttons_bar.res (ID = 62283)

4:09 PM: d_icons_buttons_bbar1.res (ID = 121825)

4:09 PM: d_icons_buttons_logos.res (ID = 62283)

4:09 PM: d_icons_buttons_other.res (ID = 62283)

4:09 PM: d_icons_weather.res (ID = 121840)

4:09 PM: email-def-511724-9595.mnu (ID = 121842)

4:09 PM: hotbar-premium-hotbar-premium.mnu (ID = 121844)

4:09 PM: hotbar-premium.cdf (ID = 121845)

4:09 PM: linkpathlegal.txt (ID = 121849)

4:09 PM: progress.res (ID = 62367)

4:09 PM: tsd_bg.res (ID = 62382)

4:09 PM: progress.xip (ID = 62368)

4:09 PM: business_promo.xip (ID = 121856)

4:09 PM: email-def-511724-9595.mnu (ID = 121842)

4:09 PM: email-def-email-backgrounds.mnu (ID = 121844)

4:09 PM: email-premium-email-premium.mnu (ID = 121844)

4:09 PM: progress.res (ID = 62367)

4:09 PM: c:\program files\funcade (2 subtraces) (ID = -2147481393)

4:13 PM: Found Adware: my daily horoscope

4:13 PM: backup-20041028-161000-479.inf (ID = 70238)

4:13 PM: backup-20041028-161000-686.inf (ID = 71455)

4:13 PM: backup-20041217-230533-736.inf (ID = 70259)

4:30 PM: File Sweep Complete, Elapsed Time: 00:31:49

4:30 PM: Full Sweep has completed. Elapsed time 00:33:49

4:30 PM: Traces Found: 34896

4:35 PM: Removal process initiated

4:35 PM: Quarantining All Traces: 180search assistant/zango

4:35 PM: Quarantining All Traces: 2nd-thought

4:35 PM: Quarantining All Traces: adlogix

4:35 PM: Quarantining All Traces: daemonize

4:35 PM: Quarantining All Traces: directrevenue-abetterinternet

4:35 PM: Quarantining All Traces: lzio

4:35 PM: Quarantining All Traces: websearch toolbar

4:35 PM: Quarantining All Traces: azsearch toolbar

4:35 PM: Quarantining All Traces: commonname

4:35 PM: Quarantining All Traces: delfin

4:35 PM: Quarantining All Traces: hotbar

4:35 PM: Quarantining All Traces: jeem

4:35 PM: Quarantining All Traces: mindset interactive - favoriteman

4:35 PM: Quarantining All Traces: orbit explorer

4:35 PM: Quarantining All Traces: winad

4:35 PM: Quarantining All Traces: addestroyer

4:35 PM: Quarantining All Traces: clientman

4:35 PM: Quarantining All Traces: exact fungamedownloads

4:35 PM: Quarantining All Traces: golden palace casino

4:35 PM: Quarantining All Traces: ieplugin

4:35 PM: Quarantining All Traces: interads

4:35 PM: Quarantining All Traces: ipinsight

4:35 PM: Quarantining All Traces: mediamotor - popuppers

4:35 PM: Quarantining All Traces: mirar webband

4:35 PM: Quarantining All Traces: my daily horoscope

4:35 PM: Quarantining All Traces: netpal

4:35 PM: Quarantining All Traces: odysseus marketing

4:35 PM: Quarantining All Traces: showbehind

4:35 PM: Quarantining All Traces: virtualbouncer

4:35 PM: Quarantining All Traces: whistle

4:35 PM: Quarantining All Traces: 2o7.net cookie

4:35 PM: Quarantining All Traces: 66.220.17 cookie

4:35 PM: Quarantining All Traces: 888 cookie

4:35 PM: Quarantining All Traces: about cookie

4:35 PM: Quarantining All Traces: adknowledge cookie

4:35 PM: Quarantining All Traces: adlegend cookie

4:35 PM: Quarantining All Traces: adminder cookie

4:35 PM: Quarantining All Traces: adserver cookie

4:35 PM: Quarantining All Traces: advertising cookie

4:35 PM: Quarantining All Traces: apmebf cookie

4:35 PM: Quarantining All Traces: ask cookie

4:35 PM: Quarantining All Traces: atlas dmt cookie

4:35 PM: Quarantining All Traces: atwola cookie

4:35 PM: Quarantining All Traces: belnk cookie

4:35 PM: Quarantining All Traces: casalemedia cookie

4:35 PM: Quarantining All Traces: coremetrics cookie

4:35 PM: Quarantining All Traces: dealtime cookie

4:35 PM: Quarantining All Traces: falkag cookie

4:35 PM: Quarantining All Traces: fastclick cookie

4:35 PM: Quarantining All Traces: go.com cookie

4:35 PM: Quarantining All Traces: linksynergy cookie

4:35 PM: Quarantining All Traces: metareward.com cookie

4:35 PM: Quarantining All Traces: nextag cookie

4:35 PM: Quarantining All Traces: overture cookie

4:35 PM: Quarantining All Traces: partypoker cookie

4:35 PM: Quarantining All Traces: qksrv cookie

4:35 PM: Quarantining All Traces: revenue.net cookie

4:35 PM: Quarantining All Traces: ru4 cookie

4:35 PM: Quarantining All Traces: search200 cookie

4:35 PM: Quarantining All Traces: specificclick.com cookie

4:35 PM: Quarantining All Traces: statcounter cookie

4:35 PM: Quarantining All Traces: trafficmp cookie

4:35 PM: Quarantining All Traces: tribalfusion cookie

4:35 PM: Quarantining All Traces: whenu

4:35 PM: Quarantining All Traces: yieldmanager cookie

4:35 PM: Quarantining All Traces: zedo cookie

4:35 PM: Removal process completed. Elapsed time 00:00:56

********

3:54 PM: | Start of Session, Friday, January 20, 2006 |

3:54 PM: Spy Sweeper started

3:54 PM: Messenger service has been disabled.

3:54 PM: Your spyware definitions have been updated.

3:56 PM: | End of Session, Friday, January 20, 2006 |

Share this post


Link to post
Share on other sites

---------------------------------------------------------

ewido anti-malware - Scan report

---------------------------------------------------------

 

+ Created on: 5:14:54 PM, 1/20/2006

+ Report-Checksum: 3FB14C92

 

+ Scan result:

 

C:\Documents and Settings\Jerry\Cookies\jerry@com[1].txt -> Spyware.Cookie.Com : Cleaned with backup

C:\Documents and Settings\Teresa\Cookies\teresa@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup

C:\Documents and Settings\Teresa\Cookies\teresa@hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup

C:\Documents and Settings\Teresa\Cookies\teresa@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup

C:\Documents and Settings\Teresa\Cookies\teresa@bfast[2].txt -> Spyware.Cookie.Bfast : Cleaned with backup

C:\System Volume Information\_restore{43360AAB-E603-4960-B15C-98E505E51049}\RP14\A0001747.dll -> Downloader.Agent.rm : Cleaned with backup

C:\System Volume Information\_restore{43360AAB-E603-4960-B15C-98E505E51049}\RP14\A0001748.dll -> Adware.E2Give : Cleaned with backup

C:\System Volume Information\_restore{43360AAB-E603-4960-B15C-98E505E51049}\RP14\A0001749.exe -> Adware.Lop : Cleaned with backup

C:\System Volume Information\_restore{43360AAB-E603-4960-B15C-98E505E51049}\RP14\A0001750.exe -> Adware.180Solutions : Cleaned with backup

C:\System Volume Information\_restore{43360AAB-E603-4960-B15C-98E505E51049}\RP14\A0001751.dll -> Logger.Agent.gk : Cleaned with backup

 

 

::Report End

Share this post


Link to post
Share on other sites

This is the hjt log done after the ewido scan. I think this is everythimg.

 

Logfile of HijackThis v1.99.1

Scan saved at 5:17:06 PM, on 1/20/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Microsoft Hardware\Mouse\point32.exe

C:\WINDOWS\System32\RUNDLL32.EXE

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\ewido anti-malware\securitysuite.exe

C:\WINDOWS\notepad.exe

C:\Documents and Settings\Jerry\My Documents\hjk\HijackThis.exe

 

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [POINTER] point32.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray

O4 - Global Startup: Adobe Gamma Loader.lnk = ?

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab

O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://pcpitstop.com/pestscan/pestscan.cab

O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://pcpitstop.com/mhLbl.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Password Validation (ccPwdSvc) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Settings Manager (ccSetMgr) - C-Dilla Ltd - (no file)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

Share this post


Link to post
Share on other sites

If the AZE ToolBar is gone, we are in business.

 

My apology for the Services report. It turned out to be much larger than expected!!

There are some odd O-23 entries on the log that need removed, and was looking for their origin, but what shows up on the report is fine. That is good.

 

 

Run HijackThis, Scan

Check box for:

 

O23 - Service: Symantec Event Manager (ccEvtMgr) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Password Validation (ccPwdSvc) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Settings Manager (ccSetMgr) - C-Dilla Ltd - (no file)

 

Select: Fix Checked

 

Run HijackThis, Scan, and post a new log for a final review.

Share this post


Link to post
Share on other sites

Those three dosent seem to go away. Here ya go,

 

Logfile of HijackThis v1.99.1

Scan saved at 12:11:38 AM, on 1/21/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Microsoft Hardware\Mouse\point32.exe

C:\WINDOWS\System32\RUNDLL32.EXE

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\WINDOWS\System32\rundll32.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Jerry\My Documents\hjk\HijackThis.exe

 

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [POINTER] point32.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray

O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = ?

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab

O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://pcpitstop.com/pestscan/pestscan.cab

O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://pcpitstop.com/mhLbl.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Password Validation (ccPwdSvc) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Settings Manager (ccSetMgr) - C-Dilla Ltd - (no file)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

Share this post


Link to post
Share on other sites

Try removing the entries in Safe Mode.

 

Then post a new HijackThis log.

 

If that does not work, we'll try a Registry Manager.

Share this post


Link to post
Share on other sites

No go in safe mode. Also the tool bar is still showing up in the add remove programs area. I cant get off in safe mode as well.

 

Logfile of HijackThis v1.99.1

Scan saved at 11:12:55 PM, on 1/21/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

C:\WINDOWS\Explorer.EXE

C:\Documents and Settings\Jerry\My Documents\hjk\HijackThis.exe

 

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [POINTER] point32.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray

O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = ?

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab

O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://pcpitstop.com/pestscan/pestscan.cab

O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://pcpitstop.com/mhLbl.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O23 - Service: Symantec Event Manager (ccEvtMgr) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Password Validation (ccPwdSvc) - C-Dilla Ltd - (no file)

O23 - Service: Symantec Settings Manager (ccSetMgr) - C-Dilla Ltd - (no file)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

Share this post


Link to post
Share on other sites
Sign in to follow this  

Click here to Read Amazon Reviews!



×