Tech Support banner

Status
Not open for further replies.
1 - 12 of 12 Posts

·
Registered
Joined
·
57 Posts
Discussion Starter #1
I dont know whether my PC is infected something or what because the PC running slow day by day :sad: Here my log

Logfile of HijackThis v1.99.1
Scan saved at 2:12:11 PM, on 10/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\SigXC\SigX.exe
C:\Program Files\LClock\lclock.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\PROGRA~1\Altnet\DOWNLO~1\ASM.exe
C:\Program Files\TBONBin\tbon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\rsvp.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - C:\Program Files\RXToolBar\RXToolBar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [AltnetPointsManager] C:\Program Files\Altnet\Points Manager\Points Manager.exe -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SigXC] C:\Program Files\SigXC\SigX.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r
O4 - HKCU\..\RunOnce: [BullguardoptIn] C:\WINDOWS\Temp\BullGuard\bulldownload.exe
O4 - HKCU\..\RunOnce: [RXToolBar] regsvr32 /s "C:\Program Files\RXToolBar\RXToolBar.dll"
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126768388933
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 

·
Administrator
Joined
·
4,870 Posts
Hello and welcome to TSF

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions. If necessary, please ask any questions before proceeding with the procedures below.

Go to My Computer >Tools >Folder Options >View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing / visible. Uncheck the Hide protected operating system files option.

Please download Cleanup! or use this (Alternate Link) if the main link does not work and install it. You will use this later.

Download, install,and update Ewido Security Suite
  • Install Ewido Security Suite
  • Launch Ewido, there will be a big E icon on your desktop which you must double-click.
  • The program will prompt you to update so you need to click the OK button
  • The program will take you to the main screen
You must update Ewido with the latest definition files.
  • On the left hand side of the main screen click Update
  • Click on Start
The update will start and a progress bar will show the updates being installed. After the updates are installed, exit Ewido

Reboot into Safe Mode by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.

Run Ewido:
  • Click [Scanner]
  • Click [Complete System Scan] to begin scanning.
  • Click [OK] when prompted to clean files
  • With the first file it prompts to clean, select the option - Perform action on all infections. Choose clean then click [OK].
  • Once finished, click the [Save report] button and save the report to your desktop.
Close Ewido

Reboot back to normal mode.

Go into Hijack This->Config->Misc. Tools->Open process manager. Select the following and click “Kill process” for each one (If they still exist)(You must kill them one at a time).

C:\Program Files\SigXC\SigX.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\TBONBin\tbon.exe
C:\WINDOWS\vsnpstd3.exe
C:\PROGRA~1\Altnet\DOWNLO~1\ASM.exe


Click > Start > Control Panel > Add / Remove Programs and uninstall the following programs:

SigXC
P2P Networking
Altnet
BestOffers
- If it exists
My Search Bar or MyWay Speed Bar or My Web Bar

Open Hijack This and click on Scan. Check the following entries (make sure you do not miss any)

O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL
02 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AltnetPointsManager] C:\Program Files\Altnet\Points Manager\Points Manager.exe -s
O4 - HKCU\..\Run: [SigXC] C:\Program Files\SigXC\SigX.exe
O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r
O4 - HKCU\..\RunOnce: [BullguardoptIn] C:\WINDOWS\Temp\BullGuard\bulldownload.exe
O4 - HKCU\..\RunOnce: [RXToolBar] regsvr32 /s "C:\Program Files\RXToolBar\RXToolBar.dll"
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll


Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears).

Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist.

C:\Program Files\Need2Find\bar\
C:\PROGRA~1\INSTAF~1 - May present itself as "INSTAFIND"
C:\Program Files\RXToolBar
C:\Program Files\Altnet\Points Manager
C:\Program Files\SigXC
C:\Program Files\TBONBin
C:\Program Files\RXToolBar


*NOTE* Cleanup deletes EVERYTHING out of temporary folders and does not make backups.

Open Cleanup! by double-clicking the icon on your desktop (or from Start > All Programs). Set the program up as follows:

Click Options
Move the slider button down to Custom CleanUp!

Check the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Cleanup! All Users
Uncheck the following :
  • Scan local drives for temporary files


Click OK, Press the CleanUp! button to start the program and reboot in Normal Mode when prompted.

Please do an online scan at Panda ActiveScan

  1. Click on the Scan your PC button & a pop up window shall appear. (Ensure that your pop up blocker doesn't block it)
  2. Click On Next
  3. Enter your e-mail address & click Send. (It will begin downloading Panda's ActiveX controls which are about 8MB in size)
  4. In the next window, & checkmark the following:
    • Disinfect automatically
    • Scan compressed files
    • Scan e-mail files
    • Detect unknown viruses (Heuristic)
    • Detect spyware
  5. Begin the scan by selecting All My Computer

    You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.

  6. If it finds any malware, it will offer you a report. Click on see report
  7. Then click Save report
  8. Post the contents of the report in your next reply

Please post a fresh Hijack This log together with the Panda scan log and Ewido report so that we can check if your system is clean.
 

·
Registered
Joined
·
57 Posts
Discussion Starter #3
Logfile of HijackThis v1.99.1
Scan saved at 5:50:36 PM, on 10/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\LClock\lclock.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126768388933
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Panda Report

Incident Status Location

Adware:adware/p2pnetworking No disinfected C:\WINDOWS\SYSTEM32\P2P Networking v126.cpl
Adware:adware/twain-tech No disinfected C:\WINDOWS\smdat32a.sys
Spyware:spyware/altnet No disinfected C:\Documents and Settings\Daniel\Start Menu\Programs\Altnet
Spyware:spyware/cydoor No disinfected C:\WINDOWS\cdmxtras
Adware:adware/instafinder No disinfected Windows Registry
Adware:Adware/IST.ISTBar No disinfected C:\Documents and Settings\Daniel\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-15328f0a.zip[InstallerApplet.class]
Adware:Adware/P2PNetworking No disinfected C:\WINDOWS\system32\P2P Networking v126.cpl

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 5:10:43 PM, 10/12/2005
+ Report-Checksum: 5E8A0015

+ Scan result:

HKLM\SOFTWARE\Altnet -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\ADM -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\Dashboard -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\Dashboard\Messages -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\Dashboard\Settings -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\Dashboard\Setup -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\Dashboard\Temp Internet Shares -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\DownloadManager -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\LocalFiles -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\TopSearch -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM.ADM -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM.ADM\CLSID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM.ADM\CLSID\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM.ADM\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM.ADM.1 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM.ADM.1\CLSID\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25.1 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM25.ADM25.1\CLSID\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4.1 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\ADM4.ADM4.1\CLSID\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\adm.EXE\\AppID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE\\AppID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\{8B0FEF15-54DC-49F5-8377-8172DE975F75} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\{99A8E2B2-3405-4C0D-9110-131C14CAAF62} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1D3BCE37-7834-4579-8169-E67681420A98} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}\TypeLib\\ -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3646C2BD-3554-49CA-8125-44DEEFB881DE} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3f4d4f88-0198-4921-b630-957f3eb814e0} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-90F0-F66AB581A933} -> Spyware.MyWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}\\AppID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\\AppID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}\TypeLib\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E813099D-5529-47F4-9B37-4AFAFCB00A43} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\instafink.INSTAFINK -> Spyware.InstaFinder : Cleaned with backup
HKLM\SOFTWARE\Classes\instafink.INSTAFINK\Clsid -> Spyware.InstaFinder : Cleaned with backup
HKLM\SOFTWARE\Classes\instafink.INSTAFINK\Clsid\\ -> Spyware.MyWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{258A3625-183B-4477-AEE2-EA54DF6D878D} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{258A3625-183B-4477-AEE2-EA54DF6D878D}\TypeLib\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5} -> Spyware.BrilliantDigital : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5}\TypeLib\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{9D4548CE-92FD-4C6C-AE7F-3DBE3BC763D8} -> Spyware.BrilliantDigital : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{9D4548CE-92FD-4C6C-AE7F-3DBE3BC763D8}\TypeLib\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{AD5BC1F0-72D8-44B3-8E3D-8E8FECCE43FB} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{AD5BC1F0-72D8-44B3-8E3D-8E8FECCE43FB}\ProxyStubClsid32\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438} -> Spyware.BrilliantDigital : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438}\TypeLib\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{E813099D-5529-47F4-9B37-4AFAFCB00A43} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{E813099D-5529-47F4-9B37-4AFAFCB00A43}\ProxyStubClsid32\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{FB590D02-0A82-4F44-9FAD-517948DCF4F3}\TypeLib\\ -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\RXToolBar.TBInfo -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\RXToolBar.TBInfo\CLSID -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\RXToolBar.TBInfo\CLSID\\ -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\RXToolBar.TBInfo\CurVer -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\RXToolBar.TBInfo.1 -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\RXToolBar.TBInfo.1\CLSID\\ -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\SigningModule.SigningModule -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\SigningModule.SigningModule\CLSID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\SigningModule.SigningModule\CLSID\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\SigningModule.SigningModule\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\SigningModule.SigningModule.1 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\SigningModule.SigningModule.1\CLSID\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464} -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{676F6D1D-C559-42A9-860B-27C1477B7179} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{BFF4F684-677E-44F4-8C74-1D575C950E10} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-90F0-F66AB581A933} -> Spyware.MyWebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AltnetDM -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RXToolBar -> Spyware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Need2Find -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar\Partner -> Spyware.Need2Find : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1068 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1074 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4492 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4543 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1068 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1074 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1068 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1074 -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Queue -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Status -> Spyware.Cydoor : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} -> Spyware.RXToolbar : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Need2Find -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-1292428093-1606980848-1060284298-1003\Software\RX Toolbar -> Spyware.RXToolbar : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Error during cleaning
[1392] C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL -> Spyware.404Search : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.241:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.245:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.250:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.251:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.252:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.275:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.307:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.308:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.311:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.312:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v4hagran.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Documents and Settings\Daniel\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Daniel\Cookies\[email protected][2].txt -> Spyware.Cookie.Mysearch : Cleaned with backup
C:\Documents and Settings\Daniel\Local Settings\Temp\asmfiles.cab/asm.exe -> Spyware.Altnet : Cleaned with backup
C:\Documents and Settings\Daniel\Local Settings\Temp\asmfiles.cab/asmps.dll -> Spyware.Altnet : Cleaned with backup
C:\Documents and Settings\Daniel\Local Settings\Temp\p2psetup.exe -> Spyware.P2PNetworking : Cleaned with backup
C:\Documents and Settings\Daniel\Local Settings\Temporary Internet Files\Content.IE5\II1AOI3I\asmfiles[1].cab/asm.exe -> Spyware.Altnet : Cleaned with backup
C:\Documents and Settings\Daniel\Local Settings\Temporary Internet Files\Content.IE5\II1AOI3I\asmfiles[1].cab/asmps.dll -> Spyware.Altnet : Cleaned with backup
C:\Documents and Settings\Daniel\Local Settings\Temporary Internet Files\Content.IE5\V9NU3OHX\p2psetup[1].exe -> Spyware.P2PNetworking : Cleaned with backup
C:\Program Files\Altnet -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\DBBackup -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\DBBackup\Sigfiles.db -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\adm25.dll -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\adm4.dll -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\adm4005.exe -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\admdata.dll -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\admdloader.dll -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\admfdi.dll -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\admprog.dll -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\altnetuninstall.exe -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\asm.exe -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\asmend.exe -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\asmps.dll -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\dminfo3.cab -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\dminstall7.cab -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\dmsetup.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\dmsetupbig.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\jsinstall.cab -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\jslegals.txt -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\selectdir.txt -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Download Manager\selectdir1st.txt -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\My Altnet Shares -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages\altnet.css -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages\gradient.gif -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages\local_firstuse.html -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages\local_points.html -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages\local_redeem.html -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages\local_start.html -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages\local_wallet.html -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages\notconnected.gif -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages\offline.gif -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\LocalPages\pixel.gif -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Points Manager.exe -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Points Manager.exe.Manifest -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\settings.cab -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\setup.cab -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\back-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\back.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\bottom.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\bottomleft.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\bottomright.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\close-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\close.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\forward-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\forward.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\help-bottom.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\help-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\help-sel.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\help-top.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\help-topleft.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\help-topright.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\help.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\Help.xml -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\left.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\maximise-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\maximise.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\mb_bottom.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\mb_bottomleft.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\mb_bottomright.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\mb_left.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\mb_right.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\mb_top.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\mb_topleft.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\mb_topright.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\message.xml -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\minimise-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\minimise.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\points-disabled.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\points-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\points-sel.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\points.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\redeem-disabled.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\redeem-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\redeem-sel.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\redeem.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\refresh-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\refresh.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\right.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\Sav3BD.tmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\settings-disabled.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\settings-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\settings-sel.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\settings.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\Skin.xml -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\start-disabled.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\start-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\start-sel.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\start.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\top.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\topleft-pro.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\topleft-reg.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\topleft.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\topright.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\wallet-disabled.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\wallet-over.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\wallet-sel.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Skin\wallet.bmp -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\sysdetect.dll -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Altnet\Points Manager\Temp Internet Shares -> Spyware.Altnet : Cleaned with backup
C:\Program Files\INSTAFINK -> Spyware.404Search : Cleaned with backup
C:\Program Files\INSTAFINK\Cache -> Spyware.404Search : Cleaned with backup
C:\Program Files\INSTAFINK\Cache\instafinktb0302.cfg -> Spyware.404Search : Cleaned with backup
C:\Program Files\INSTAFINK\Cache\NewCfg -> Spyware.404Search : Cleaned with backup
C:\Program Files\INSTAFINK\Cache\T12245.tmp -> Spyware.404Search : Cleaned with backup
C:\Program Files\INSTAFINK\InstaFinderK_inst.exe -> Spyware.404Search : Cleaned with backup
C:\Program Files\INSTAFINK\instafink.dll -> Spyware.404Search : Cleaned with backup
C:\Program Files\INSTAFINK\Uninstall.exe -> Spyware.404Search : Cleaned with backup
C:\Program Files\Kazaa\TopSearch.dll -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Need2Find -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\History -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\History\search -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\Settings -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\RXToolBar -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\graphics -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\graphics\additional.gif -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\graphics\additional_active.gif -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\graphics\background.jpg -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\graphics\blue_hr_horz.GIF -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\graphics\gray_hr_horz.GIF -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\graphics\thumbtack.gif -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\graphics\thumbtack_active.gif -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\graphics\thumbtack_click.gif -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\HTML -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\HTML\content.htm -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\HTML\main.htm -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\RXToolBar.dll -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\sfcont.bin -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\RXToolBar\sfcont.dll -> Spyware.RXToolbar : Cleaned with backup
C:\Program Files\TBONBin\tbon.exe -> TrojanDownloader.Agent.vr : Cleaned with backup
C:\Program Files\TBONBin\Uninstall.exe -> TrojanDownloader.Agent.vr : Cleaned with backup
C:\Program Files\Uninstall Need2Find Bar.dll -> Spyware.MySearch : Cleaned with backup
C:\WINDOWS\system32\AdCache -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_0_0_106800.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_0_0_107400.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_1_0_449200.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_1_0_454300.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_2_0_106800.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_2_0_107400.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_3_0_106800.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\AdCache\B_329_3_0_107400.htm -> Adware.Cydoor : Cleaned with backup
C:\WINDOWS\system32\P2P Networking -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10000-0x0603ed7a28d516e0a4974b02fc1277ea.sig -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10000-0xb6e3fdc669cab9a5ddd5442744c33b1e.sig -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10001-107.sig -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\index256.dbb -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\P2P Networking.eng -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\Temp\Adware\InstaFinderK_inst.exe -> Spyware.404Search.h : Cleaned with backup
C:\WINDOWS\Temp\Altnet -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\adm.exe -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\adm25.dll -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\adm4.dll -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\admdata.dll -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\admdloader.dll -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\admfdi.dll -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\admprog.dll -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\Atl.dll -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\dmfiles.cab -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\DMinfo3.cab -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\dminstall7.cab -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\msvcirt.dll -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\mysearch.cab -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\pmexe.cab -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\pmfiles.cab -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\pminstall.cab -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\Setup.cab -> Spyware.Altnet : Cleaned with backup
C:\WINDOWS\Temp\Altnet\Setup.exe -> Spyware.Altnet : Cleaned with backup


::Report End
 

·
Administrator
Joined
·
4,870 Posts
Hi Daniel

Just a little more wok to do. Download Killbox.

Copy the following file name to the clipboard by highlighting it and pressing Ctrl-C:

C:\Program Files\RXToolBar\sfcont.dll

Start KillBox then go to the File menu, and choose Paste from clipboard. Verify that you've done this properly by clicking the drop-down arrow next to the Full Path of File to Delete field. The filenames you pasted will be found in there. Select and check the following:

Delete on Reboot
End Explorer Shell While Killing File
Unregister.dll Before Deleting if it's not grayed out.

Click the RED X button.

Click [Yes] at the Delete on Reboot prompt. Click [No] at the Pending Operations prompt.

Open Hijack This and click on Scan. Check the following entries (make sure you do not miss any)

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll

Please remember to close all other windows, including browsers then click Fix checked.

Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears).

Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist.

C:\WINDOWS\SYSTEM32\P2P Networking v126.cpl
C:\WINDOWS\smdat32a.sys
C:\WINDOWS\cdmxtras


Reboot your system in Normal Mode.

Please do an online scan at Panda ActiveScan

  1. Click on the Scan your PC button & a pop up window shall appear. (Ensure that your pop up blocker doesn't block it)
  2. Click On Next
  3. Enter your e-mail address & click Send. (It will begin downloading Panda's ActiveX controls which are about 8MB in size)
  4. In the next window, & checkmark the following:
    • Disinfect automatically
    • Scan compressed files
    • Scan e-mail files
    • Detect unknown viruses (Heuristic)
    • Detect spyware
  5. Begin the scan by selecting All My Computer

    You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.

  6. If it finds any malware, it will offer you a report. Click on see report
  7. Then click Save report
  8. Post the contents of the report in your next reply

Please post a fresh Hijack This log together with the Panda scan log report so that we can check if your system is clean.
 

·
Registered
Joined
·
57 Posts
Discussion Starter #5
Horse i have a screenshot right here.About msconfig there are so many startup but i dont know it use anot so i want to disable it but i dont know which one should i disable.


----------------------------------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 9:42:17 AM, on 10/14/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\LClock\lclock.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126768388933
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Panda ActiveScan Report
Incident Status Location

Adware:adware/twain-tech No disinfected C:\WINDOWS\smdat32m.sys
Spyware:spyware/altnet No disinfected C:\Documents and Settings\Daniel\Start Menu\Programs\Altnet
Adware:adware/instafinder No disinfected Windows Registry
Adware:Adware/IST.ISTBar No disinfected C:\Documents and Settings\Daniel\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-15328f0a.zip[InstallerApplet.class]
 

·
TSF Security Team, Emeritus
Joined
·
26,363 Posts
Delete this files/folder:

C:\Documents and Settings\Daniel\Start Menu\Programs\Altnet
C:\Documents and Settings\Daniel\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-15328f0a.zip



Then Killbox this file using the delete on reboot feature - C:\WINDOWS\smdat32m.sys


After you have done that, list down your PC specs. Tell me why you think it's slow.
 

·
Registered
Joined
·
57 Posts
Discussion Starter #7 (Edited)
@sUBs

I mean my PC slow because when i open thing it like lagging.And since horse helped me to clean my PC now i think ok already :smile: .sUBs Can help me see the screen shot that i just post ? About the startup.
 

·
TSF Security Team, Emeritus
Joined
·
26,363 Posts
If you're serious about freeing your system resources, these are programs you can disable via msconfig.



These are related to viewing East Asian languages. Not required if you dont need them

IMJPMIG8.1
MSPY2002
PHIME2002ASync
PHIME2002A
ctfmon.exe




These are related to your nvidia display card. I had mine disabled.

NvCplDaemon
nwiz
NvMediaCenter



These are a waste of resources:

snpstd3
SunJavaUpdateSched
LClock



This can be disabled via msconfig > services tab

ewido security suite control


Post a new HJT log after you have completed the above
 

·
Registered
Joined
·
57 Posts
Discussion Starter #9
30+ processes drop till 25 :smile:

-----------------------------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 10:28:57 PM, on 10/14/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\LClock\lclock.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126768388933
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 

·
TSF Security Team, Emeritus
Joined
·
26,363 Posts
Get Ad-aware to scan the machine & see if it finds anymore errant registry entries.

After that, run a reg utility like Reg Mechanic to clean up whatever orphaned entries it finds. Then have Reg Mechanic optimise & compact the registry.

With a smaller Registry, Windows will load easier.
 

·
TSF Security Team, Emeritus
Joined
·
26,363 Posts
I take it that you no longer have issues with your computer.

Let me know if it isn't so.
 
1 - 12 of 12 Posts
Status
Not open for further replies.
Top