[quote=tetonbob]
------------------------------------------
Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if found:
MyWay
MyWebSearch
SurfSideKick 3
------------------------------------------
I have a program called my way search assistant....but there is no remove button associated with it in the add\remove panel.
---------------------------------------------
l2mfix:
L2mfix 010406
Creating Account.
The command completed successfully.
Adding Administrative privleges.
The command completed successfully.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful
Running From:
C:\WINDOWS\system32
Killing Processes!
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003
Craig.Peacock@beyondlogic.org
Killing PID 580 'smss.exe'
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003
Craig.Peacock@beyondlogic.org
Killing PID 668 'winlogon.exe'
Killing PID 668 'winlogon.exe'
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003
Craig.Peacock@beyondlogic.org
Killing PID 1680 'explorer.exe'
Killing PID 1680 'explorer.exe'
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003
Craig.Peacock@beyondlogic.org
Error, Cannot find a process with an image name of rundll32.exe
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrators ... successful
Scanning First Pass. Please Wait!
First Pass Completed
Second Pass Scanning
Second pass Completed!
Restoring Windows Update Certificates.:
The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
The following are the files found:
****************************************************************************
Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{CB046819-63D7-48E0-83D1-0AC750C42B39}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CB046819-63D7-48E0-83D1-0AC750C42B39}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CB046819-63D7-48E0-83D1-0AC750C42B39}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CB046819-63D7-48E0-83D1-0AC750C42B39}\InprocServer32]
@="C:\\WINDOWS\\system32\\ixfxpph.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F2329DD9-764A-43AB-893B-2685CD1DA3D6}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F2329DD9-764A-43AB-893B-2685CD1DA3D6}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F2329DD9-764A-43AB-893B-2685CD1DA3D6}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F2329DD9-764A-43AB-893B-2685CD1DA3D6}\InprocServer32]
@="C:\\WINDOWS\\system32\\dzspex.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{46B5B32A-C723-4E2C-85B2-D4540331DF4E}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{46B5B32A-C723-4E2C-85B2-D4540331DF4E}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{46B5B32A-C723-4E2C-85B2-D4540331DF4E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{46B5B32A-C723-4E2C-85B2-D4540331DF4E}\InprocServer32]
@="C:\\WINDOWS\\system32\\ietelmoh.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{53AB09BC-8615-4BFC-81C6-4AAADFD75DE2}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{53AB09BC-8615-4BFC-81C6-4AAADFD75DE2}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{53AB09BC-8615-4BFC-81C6-4AAADFD75DE2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{53AB09BC-8615-4BFC-81C6-4AAADFD75DE2}\InprocServer32]
@="C:\\WINDOWS\\system32\\gbtuname.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{BE8FE741-CD9C-4075-88C5-A565DA214AB4}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE8FE741-CD9C-4075-88C5-A565DA214AB4}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE8FE741-CD9C-4075-88C5-A565DA214AB4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE8FE741-CD9C-4075-88C5-A565DA214AB4}\InprocServer32]
@="C:\\WINDOWS\\system32\\lx32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{445DD4DB-3B75-48A5-B87C-2795717A0C1E}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{445DD4DB-3B75-48A5-B87C-2795717A0C1E}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{445DD4DB-3B75-48A5-B87C-2795717A0C1E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{445DD4DB-3B75-48A5-B87C-2795717A0C1E}\InprocServer32]
@="C:\\WINDOWS\\system32\\sulgntfy.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F8CE4E7F-F6DA-4D35-8B3E-A8723059CC72}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F8CE4E7F-F6DA-4D35-8B3E-A8723059CC72}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F8CE4E7F-F6DA-4D35-8B3E-A8723059CC72}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F8CE4E7F-F6DA-4D35-8B3E-A8723059CC72}\InprocServer32]
@="C:\\WINDOWS\\system32\\ccetcfg.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{2EFCA923-2BAF-44BC-B5CC-5505655C4198}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{2EFCA923-2BAF-44BC-B5CC-5505655C4198}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{2EFCA923-2BAF-44BC-B5CC-5505655C4198}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{2EFCA923-2BAF-44BC-B5CC-5505655C4198}\InprocServer32]
@="C:\\WINDOWS\\system32\\MJCTFP.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{639DAB03-A362-4067-8454-89BEEC2E4F02}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{639DAB03-A362-4067-8454-89BEEC2E4F02}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{639DAB03-A362-4067-8454-89BEEC2E4F02}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{639DAB03-A362-4067-8454-89BEEC2E4F02}\InprocServer32]
@="C:\\WINDOWS\\system32\\pxotowiz.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{CC3EBB9F-3EA2-4695-9DD3-217BF6AB82BE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CC3EBB9F-3EA2-4695-9DD3-217BF6AB82BE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CC3EBB9F-3EA2-4695-9DD3-217BF6AB82BE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CC3EBB9F-3EA2-4695-9DD3-217BF6AB82BE}\InprocServer32]
@="C:\\WINDOWS\\system32\\wradefui.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{EC096B74-E13B-4AAC-A201-EAC5507E0BFF}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{EC096B74-E13B-4AAC-A201-EAC5507E0BFF}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{EC096B74-E13B-4AAC-A201-EAC5507E0BFF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{EC096B74-E13B-4AAC-A201-EAC5507E0BFF}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{2B1D8F52-680F-45C0-B318-735161BE2908}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{2B1D8F52-680F-45C0-B318-735161BE2908}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{2B1D8F52-680F-45C0-B318-735161BE2908}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{2B1D8F52-680F-45C0-B318-735161BE2908}\InprocServer32]
@="C:\\WINDOWS\\system32\\skndmail.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{A4E6DECD-E603-4854-8589-511FA0FEEA40}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A4E6DECD-E603-4854-8589-511FA0FEEA40}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A4E6DECD-E603-4854-8589-511FA0FEEA40}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A4E6DECD-E603-4854-8589-511FA0FEEA40}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{57A4CB48-6356-44B8-9DDB-13582E73FF42}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{57A4CB48-6356-44B8-9DDB-13582E73FF42}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{57A4CB48-6356-44B8-9DDB-13582E73FF42}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{57A4CB48-6356-44B8-9DDB-13582E73FF42}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F97AC02C-2F57-4ADD-929E-8EB10B225C7B}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F97AC02C-2F57-4ADD-929E-8EB10B225C7B}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F97AC02C-2F57-4ADD-929E-8EB10B225C7B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F97AC02C-2F57-4ADD-929E-8EB10B225C7B}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{9C5A8B7B-991F-42C0-9317-E63C754DF91A}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{9C5A8B7B-991F-42C0-9317-E63C754DF91A}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{9C5A8B7B-991F-42C0-9317-E63C754DF91A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{9C5A8B7B-991F-42C0-9317-E63C754DF91A}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
REGEDIT4
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{CB046819-63D7-48E0-83D1-0AC750C42B39}"=-
"{91694F22-E211-436C-BAAC-10A4524134AB}"=-
"{370ED96E-2776-4E33-ABCF-9C07B0F6E0C0}"=-
"{F2329DD9-764A-43AB-893B-2685CD1DA3D6}"=-
"{46B5B32A-C723-4E2C-85B2-D4540331DF4E}"=-
"{53AB09BC-8615-4BFC-81C6-4AAADFD75DE2}"=-
"{BE8FE741-CD9C-4075-88C5-A565DA214AB4}"=-
"{445DD4DB-3B75-48A5-B87C-2795717A0C1E}"=-
"{F8CE4E7F-F6DA-4D35-8B3E-A8723059CC72}"=-
"{2EFCA923-2BAF-44BC-B5CC-5505655C4198}"=-
"{639DAB03-A362-4067-8454-89BEEC2E4F02}"=-
"{CC3EBB9F-3EA2-4695-9DD3-217BF6AB82BE}"=-
"{EC096B74-E13B-4AAC-A201-EAC5507E0BFF}"=-
"{2B1D8F52-680F-45C0-B318-735161BE2908}"=-
"{A4E6DECD-E603-4854-8589-511FA0FEEA40}"=-
"{57A4CB48-6356-44B8-9DDB-13582E73FF42}"=-
"{F97AC02C-2F57-4ADD-929E-8EB10B225C7B}"=-
"{9C5A8B7B-991F-42C0-9317-E63C754DF91A}"=-
[-HKEY_CLASSES_ROOT\CLSID\{CB046819-63D7-48E0-83D1-0AC750C42B39}]
[-HKEY_CLASSES_ROOT\CLSID\{91694F22-E211-436C-BAAC-10A4524134AB}]
[-HKEY_CLASSES_ROOT\CLSID\{370ED96E-2776-4E33-ABCF-9C07B0F6E0C0}]
[-HKEY_CLASSES_ROOT\CLSID\{F2329DD9-764A-43AB-893B-2685CD1DA3D6}]
[-HKEY_CLASSES_ROOT\CLSID\{46B5B32A-C723-4E2C-85B2-D4540331DF4E}]
[-HKEY_CLASSES_ROOT\CLSID\{53AB09BC-8615-4BFC-81C6-4AAADFD75DE2}]
[-HKEY_CLASSES_ROOT\CLSID\{BE8FE741-CD9C-4075-88C5-A565DA214AB4}]
[-HKEY_CLASSES_ROOT\CLSID\{445DD4DB-3B75-48A5-B87C-2795717A0C1E}]
[-HKEY_CLASSES_ROOT\CLSID\{F8CE4E7F-F6DA-4D35-8B3E-A8723059CC72}]
[-HKEY_CLASSES_ROOT\CLSID\{2EFCA923-2BAF-44BC-B5CC-5505655C4198}]
[-HKEY_CLASSES_ROOT\CLSID\{639DAB03-A362-4067-8454-89BEEC2E4F02}]
[-HKEY_CLASSES_ROOT\CLSID\{CC3EBB9F-3EA2-4695-9DD3-217BF6AB82BE}]
[-HKEY_CLASSES_ROOT\CLSID\{EC096B74-E13B-4AAC-A201-EAC5507E0BFF}]
[-HKEY_CLASSES_ROOT\CLSID\{2B1D8F52-680F-45C0-B318-735161BE2908}]
[-HKEY_CLASSES_ROOT\CLSID\{A4E6DECD-E603-4854-8589-511FA0FEEA40}]
[-HKEY_CLASSES_ROOT\CLSID\{57A4CB48-6356-44B8-9DDB-13582E73FF42}]
[-HKEY_CLASSES_ROOT\CLSID\{F97AC02C-2F57-4ADD-929E-8EB10B225C7B}]
[-HKEY_CLASSES_ROOT\CLSID\{9C5A8B7B-991F-42C0-9317-E63C754DF91A}]
REGEDIT4
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************
****************************************************************************
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
zip warning: name not matched: dlls\*.*
zip error: Nothing to do! (backup.zip)
adding: backregs/2B1D8F52-680F-45C0-B318-735161BE2908.reg (188 bytes security) (deflated 70%)
adding: backregs/2EFCA923-2BAF-44BC-B5CC-5505655C4198.reg (188 bytes security) (deflated 70%)
adding: backregs/445DD4DB-3B75-48A5-B87C-2795717A0C1E.reg (188 bytes security) (deflated 70%)
adding: backregs/46B5B32A-C723-4E2C-85B2-D4540331DF4E.reg (188 bytes security) (deflated 70%)
adding: backregs/53AB09BC-8615-4BFC-81C6-4AAADFD75DE2.reg (188 bytes security) (deflated 70%)
adding: backregs/57A4CB48-6356-44B8-9DDB-13582E73FF42.reg (188 bytes security) (deflated 70%)
adding: backregs/639DAB03-A362-4067-8454-89BEEC2E4F02.reg (188 bytes security) (deflated 70%)
adding: backregs/9C5A8B7B-991F-42C0-9317-E63C754DF91A.reg (188 bytes security) (deflated 70%)
adding: backregs/A4E6DECD-E603-4854-8589-511FA0FEEA40.reg (188 bytes security) (deflated 70%)
adding: backregs/BE8FE741-CD9C-4075-88C5-A565DA214AB4.reg (188 bytes security) (deflated 70%)
adding: backregs/CB046819-63D7-48E0-83D1-0AC750C42B39.reg (188 bytes security) (deflated 70%)
adding: backregs/CC3EBB9F-3EA2-4695-9DD3-217BF6AB82BE.reg (188 bytes security) (deflated 70%)
adding: backregs/EC096B74-E13B-4AAC-A201-EAC5507E0BFF.reg (188 bytes security) (deflated 70%)
adding: backregs/F2329DD9-764A-43AB-893B-2685CD1DA3D6.reg (188 bytes security) (deflated 70%)
adding: backregs/F8CE4E7F-F6DA-4D35-8B3E-A8723059CC72.reg (188 bytes security) (deflated 70%)
adding: backregs/F97AC02C-2F57-4ADD-929E-8EB10B225C7B.reg (188 bytes security) (deflated 70%)
adding: backregs/notibac.reg (164 bytes security) (deflated 54%)
adding: backregs/shell.reg (164 bytes security) (deflated 73%)
----------------------------------------------
smitfiles:
smitRem © log file
version 2.8
by noahdfear
Microsoft Windows XP [Version 5.1.2600]
The current date is: Sat 02/25/2006
The current time is: 21:22:28.75
Running from
C:\Documents and Settings\Lori Deaton\Desktop\smitRem
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pre-run SharedTask Export
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{4F141CBA-1457-6CCA-03A7-7AA21B61EA0F}"="OutPost FireWall"
"{2C1CD3D7-86AC-4068-93BC-A02304BB8C34}"="DCOM Server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Existing Pre-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003
Craig.Peacock@beyondlogic.org
Killing PID 720 'explorer.exe'
Killing PID 720 'explorer.exe'
Starting registry repairs
Registry repairs complete
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SharedTask Export after registry fix
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{4F141CBA-1457-6CCA-03A7-7AA21B61EA0F}"="OutPost FireWall"
"{2C1CD3D7-86AC-4068-93BC-A02304BB8C34}"="DCOM Server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deleting files
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Remaining Post-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~ Wininet.dll ~~~
CLEAN! :)
------------------------------------------------
kaspersky scan:
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, February 25, 2006 22:33:42
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 26/02/2006
Kaspersky Anti-Virus database records: 178689
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
Scan Statistics:
Total number of scanned objects: 62044
Number of viruses found: 41
Number of infected objects: 378
Number of suspicious objects: 0
Duration of the scan process: 2815 sec
Infected Object Name - Virus Name
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP270\A0053464.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP274\A0061466.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP274\A0062464.dll Infected: not-a-virus:AdWare.Win32.Ihbo.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP274\A0062465.dll Infected: not-a-virus:AdWare.Win32.Sud.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP274\A0062472.dll Infected: not-a-virus:AdWare.Win32.Sud.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP282\A0064678.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP282\A0064681.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP282\A0064682.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP283\A0067678.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP284\A0069690.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP284\A0070684.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP286\A0073695.exe Infected: not-a-virus:AdWare.Win32.AdURL.c
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP288\A0074700.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP288\A0074705.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP295\A0076746.dll Infected: not-a-virus:AdWare.Win32.Sud.d
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0077730.dll Infected: not-a-virus:AdWare.Win32.NewDotNet
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0077741.exe/InpB/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0077741.exe/InpB/SskCore.dll Infected: not-a-virus:AdWare.Win32.SurfSide.aa
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0077741.exe/InpB/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0077741.exe/InpB/Ssk3RepairInstall.exe Infected: not-a-virus:AdWare.Win32.SurfSide.aa
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0077741.exe/InpB Infected: not-a-virus:AdWare.Win32.SurfSide.aa
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0077741.exe Infected: not-a-virus:AdWare.Win32.SurfSide.aa
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0078730.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0078731.dll Infected: not-a-virus:AdWare.Win32.SurfSide.aa
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0078732.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0078733.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP298\A0079744.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP300\A0079765.dll Infected: not-a-virus:AdWare.Win32.PurityScan.ak
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP300\A0080730.dll Infected: not-a-virus:AdWare.Win32.NewDotNet.h
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP300\A0080745.exe Infected: not-a-virus:AdWare.Win32.AdURL.c
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP300\A0081736.exe Infected: not-a-virus:AdWare.Win32.AdURL.c
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP306\A0084790.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP306\A0084809.exe Infected: Trojan-Dropper.Win32.PurityScan.ad
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP306\A0084810.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.u
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP312\A0090883.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP312\A0090888.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP312\A0095943.exe Infected: Trojan-Dropper.Win32.PurityScan.ad
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP312\A0095947.dll Infected: not-a-virus:AdWare.Win32.PurityScan.ak
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP312\A0095948.exe Infected: not-a-virus:AdWare.Win32.PurityScan.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP312\A0097970.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP312\A0098967.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP312\A0098971.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP312\A0098989.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP312\A0098990.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP313\A0100989.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP313\A0101012.dll Infected: not-a-virus:AdWare.Win32.PurityScan.ak
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP313\A0101017.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP313\A0102017.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP313\A0102037.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP314\A0103037.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109113.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109140.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109141.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109142.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109143.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109208.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109209.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109210.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109213.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109214.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109218.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109220.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109221.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109222.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109225.exe Infected: not-a-virus:AdWare.Win32.PurityScan.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109226.dll Infected: not-a-virus:AdWare.Win32.PurityScan.ak
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109228.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.l
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109229.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109231.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109234.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109235.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109236.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109237.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109238.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109239.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109294.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109295.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109296.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109297.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109298.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109299.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109300.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109301.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109325.exe Infected: not-a-virus:AdWare.Win32.Maxifiles.y
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109326.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.w
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109329.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109358.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109359.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109360.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109361.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109362.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109363.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109364.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109365.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109366.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109367.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109368.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109370.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109371.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109372.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109373.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109375.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109379.exe Infected: not-a-virus:AdWare.Win32.SafeSurfing.y
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109381.dll Infected: not-a-virus:AdWare.Win32.SafeSurfing.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109394.dll Infected: not-a-virus:AdWare.Win32.EZula.cc
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109411.dll Infected: not-a-virus:AdWare.Win32.EZula.cc
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109412.exe Infected: not-a-virus:AdWare.Win32.EZula.bn
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109414.exe/data0006 Infected: Trojan-Dropper.Win32.VB.kk
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109414.exe Infected: Trojan-Dropper.Win32.VB.kk
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109422.exe/data0002 Infected: Trojan-Downloader.Win32.VB.tw
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109422.exe/data0003 Infected: Trojan.Win32.VB.tg
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109422.exe/data0006 Infected: Trojan.Win32.VB.tg
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109422.exe/data0007 Infected: Trojan.Win32.VB.tg
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109422.exe Infected: Trojan.Win32.VB.tg
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109548.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.u
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109551.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109552.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109553.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0109554.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110052.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110053.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110394.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110395.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110399.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110400.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110401.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110402.dll Infected: not-a-virus:AdWare.Win32.SurfSide.aa
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110403.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110410.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110412.exe Infected: not-a-virus:AdWare.Win32.NewDotNet
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110413.exe Infected: not-a-virus:AdWare.Win32.NewDotNet
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110414.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110421.exe/data0002/data0006 Infected: Trojan-Dropper.Win32.VB.kk
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110421.exe/data0002 Infected: Trojan-Dropper.Win32.VB.kk
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110421.exe Infected: Trojan-Dropper.Win32.VB.kk
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110431.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110432.dll Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110435.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110437.exe/data0001 Infected: Trojan-Clicker.Win32.Small.jf
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110437.exe Infected: Trojan-Clicker.Win32.Small.jf
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110439.exe/data0002 Infected: Trojan-Clicker.Win32.Small.jf
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110439.exe Infected: Trojan-Clicker.Win32.Small.jf
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110451.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110452.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110453.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110454.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110457.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110457.exe/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110457.exe/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110457.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110457.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110457.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110457.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110460.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110461.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110462.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110463.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110464.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110517.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110518.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110523.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110524.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110525.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110526.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110527.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110528.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110529.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110530.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110531.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110532.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110533.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110534.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110541.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110542.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110544.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110545.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110546.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110547.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110548.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110549.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110553.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP321\A0110556.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.w
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP322\A0114656.dll Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP322\A0114661.dll Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP322\A0114882.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP322\A0114883.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP322\A0114884.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP322\A0114888.exe Infected: not-a-virus:AdWare.Win32.NewDotNet
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP322\A0114889.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0114961.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0114962.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0114963.dll Infected: not-a-virus:AdWare.Win32.NewDotNet.i
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0115296.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0115518.dll Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0115519.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0115717.exe Infected: not-a-virus:Monitor.Win32.NetMon.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0115725.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0115727.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0115730.dll Infected: not-a-virus:AdWare.Win32.SurfSide.aa
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0115901.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0116054.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.l
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0116056.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0116156.exe/data0002/data0006 Infected: Trojan-Dropper.Win32.VB.kk
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0116156.exe/data0002 Infected: Trojan-Dropper.Win32.VB.kk
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0116156.exe Infected: Trojan-Dropper.Win32.VB.kk
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0116177.exe/data0006 Infected: Trojan-Dropper.Win32.VB.kk
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0116177.exe Infected: Trojan-Dropper.Win32.VB.kk
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0118620.exe/data0001 Infected: Trojan-Clicker.Win32.Small.jf
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0118620.exe Infected: Trojan-Clicker.Win32.Small.jf
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0118628.exe/data0002 Infected: Trojan-Downloader.Win32.VB.tw
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0118628.exe/data0003 Infected: Trojan.Win32.VB.tg
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0118628.exe/data0006 Infected: Trojan.Win32.VB.tg
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0118628.exe/data0007 Infected: Trojan.Win32.VB.tg
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0118628.exe Infected: Trojan.Win32.VB.tg
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0118753.exe/data0002 Infected: Trojan-Clicker.Win32.Small.jf
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0118753.exe Infected: Trojan-Clicker.Win32.Small.jf
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0118772.exe Infected: Trojan-Dropper.Win32.PurityScan.ad
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0127067.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0127155.exe Infected: not-a-virus:Monitor.Win32.NetMon.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0127163.exe Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0127533.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ai
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0127553.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0127767.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0127816.dll Infected: not-a-virus:AdWare.Win32.EZula.cc
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0127970.dll Infected: not-a-virus:AdWare.Win32.PurityScan.ak
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0128274.exe Infected: not-a-virus:AdWare.Win32.SafeSurfing.y
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0130539.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0131072.exe Infected: not-a-virus:AdWare.Win32.Maxifiles.y
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0131272.exe/unknown2.bin Infected: not-a-virus:AdWare.Win32.Ucmore.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0131272.exe/UCMTSAIE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0131272.exe/IUCMORE.DLL Infected: not-a-virus:AdWare.Win32.Ucmore
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0131272.exe Infected: not-a-virus:AdWare.Win32.Ucmore
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0131563.exe Infected: not-a-virus:AdWare.Win32.Zestyfind
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0131677.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.u
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0131678.exe Infected: not-a-virus:AdWare.Win32.NewDotNet
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0131679.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0131680.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0132141.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0132145.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0132262.dll Infected: not-a-virus:AdWare.Win32.SafeSurfing.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0132267.vxd Infected: not-a-virus:AdWare.Win32.BargainBuddy.q
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0132445.srg Infected: not-a-virus:AdWare.Win32.BargainBuddy.q
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0132524.dll Infected: not-a-virus:AdWare.Win32.HotSearchBar.i
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0132525.dll Infected: not-a-virus:AdWare.Win32.EZula.cc
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0132527.dll Infected: not-a-virus:AdWare.Win32.HotSearchBar.i
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133035.dll Infected: not-a-virus:AdWare.Win32.SurfSide.aa
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133089.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133090.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133091.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133092.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133093.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133094.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133095.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133218.dll Infected: not-a-virus:AdWare.Win32.CommAd.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133219.exe Infected: not-a-virus:AdWare.Win32.CommAd.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133220.dll Infected: not-a-virus:AdWare.Win32.Sud.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133228.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133518.exe Infected: not-a-virus:Monitor.Win32.NetMon.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133610.exe Infected: not-a-virus:AdWare.Win32.NewDotNet
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133611.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133612.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0133634.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0134976.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135067.exe Infected: not-a-virus:AdWare.Win32.EZula.bn
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135068.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135069.dll Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135070.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135071.exe Infected: not-a-virus:AdWare.Win32.Maxifiles.y
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135072.exe Infected: not-a-virus:Monitor.Win32.NetMon.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135073.exe Infected: not-a-virus:AdWare.Win32.MediaTickets.u
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135074.exe Infected: not-a-virus:AdWare.Win32.NewDotNet
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135075.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135076.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135077.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135078.dll Infected: not-a-virus:AdWare.Win32.PurityScan.ak
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135079.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135080.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135081.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135082.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135083.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135084.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135085.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135086.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135087.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135088.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135089.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135090.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135091.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135092.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135093.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135094.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135095.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135096.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135097.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135098.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135099.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135100.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135101.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135102.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135103.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135104.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135105.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135106.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135107.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135108.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135109.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135110.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135111.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135112.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135113.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135114.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135115.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135116.dll Infected: not-a-virus:AdWare.Win32.SafeSurfing.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135117.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135118.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135119.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135120.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135121.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135122.exe Infected: not-a-virus:AdWare.Win32.SafeSurfing.y
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135123.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135124.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135125.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135126.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135127.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135128.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135129.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135130.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135131.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135132.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135133.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135134.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135135.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135136.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135137.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135138.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135139.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135140.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135141.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135142.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135143.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135144.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135145.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135146.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135147.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135148.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135149.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135150.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135151.dll Infected: not-a-virus:AdWare.Win32.EZula.cc
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135152.dll Infected: not-a-virus:AdWare.Win32.EZula.cc
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135153.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135154.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135155.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135156.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135157.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.l
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135158.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135159.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135160.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135161.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135162.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135163.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135164.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135165.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135166.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135167.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135167.exe/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135167.exe/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135167.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135167.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135167.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135167.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135168.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135169.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135170.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135171.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135172.exe Infected: not-a-virus:AdWare.Win32.PurityScan.a
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP324\A0135173.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m
C:\WINDOWS\system32\aagkdk.dll Infected: not-a-virus:AdWare.Win32.PurityScan.ak
C:\WINDOWS\system32\ѕνchost.exe Infected: not-a-virus:AdWare.Win32.PurityScan.dq
Scan process completed.
------------------------------------------------
hjt:
Logfile of HijackThis v1.99.1
Scan saved at 10:34:04 PM, on 2/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Documents and Settings\Lori Deaton\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.yahoo.com
O2 - BHO: (no name) - {365F3B7A-88B9-A33E-C1DA-F38AD8D6F398} - C:\WINDOWS\system32\aagkdk.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\DEFEND~1\DEFEND~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} -
http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/downloads/k...an_unicode.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/actives...ree/asinst.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
------------------------------------------------
This thing is 110% better even after the first run of fixes. Not really noticing any ill affects at this time. And thanks again for your help.