[Alliana]

Well i finally got my personal computer hooked up to the internet again, and it needs some major cleanup. Spyware is everywhere! Here is the log...
___________________________

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 8/4/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.97.7
Scan saved at 4:28:06 PM, on 8/19/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Documents and Settings\Amy\My Documents\Downloaded Programs\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/googlesidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.juyexznfuhwljdycc.com/We...lI_3Op/I1sEcLPeDOMvouBS7MaJVfmRrvKXll10v7.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pnuwitpwnankq.com/Weed6WXFMqTv478cqzbDY5MX6aPQXD9OYMH_JmGeAkg.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.dell4me.com/myway
R3 - URLSearchHook: (no name) - {965A592F-8EFA-4250-8630-7960230792F1} - (no file)
R3 - URLSearchHook: US Class - {1FFED2CB-FC98-49f8-B3D0-678D03350F1E} - C:\WINDOWS\mscore.dll
O1 - Hosts: 216.130.185.143 websearch.com216.130.185.143 websearch.com216.130.185.143 websearch.com
O1 - Hosts: 216.130.185.143 websearch.com
O1 - Hosts: 216.130.185.143 www.websearch.com
O1 - Hosts: 216.130.185.143 websearch.com
O1 - Hosts: 216.130.185.143 www.websearch.com
O1 - Hosts: 216.130.185.143 websearch.com
O1 - Hosts: 216.130.185.143 www.websearch.com
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {1451ED44-F13F-38BB-0958-AB8256A91709} - C:\WINDOWS\Huwhobhk.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {A290CE6E-EFE5-3DE3-5C99-87DF6AB47E14} - C:\DOCUME~1\Amy\APPLIC~1\WIPEDA~1\bows delete.exe
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {F2C5973C-D5A6-7B06-3440-115D67D9E210} - C:\PROGRA~1\WIPEDA~1\bows delete.exe (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll
O3 - Toolbar: Search - {8CAC8672-D527-4510-C747-0AF9354F85E0} - C:\WINDOWS\Huwhobhk.dll
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [Adstartup] C:\WINDOWS\System32\automove.exe
O4 - HKLM\..\Run: [wovax] C:\WINDOWS\wovax.exe
O4 - HKLM\..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe
O4 - HKLM\..\Run: [aqadcup] C:\WINDOWS\aqadcup.exe
O4 - HKLM\..\Run: [Jawa32] C:\WINDOWS\jawa32.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [messfraggrimbias] C:\Documents and Settings\All Users\Application Data\helpbindmessfrag\elsewave.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [T1nk1c] C:\documents and settings\amy\local settings\temp\T1nk1c.exe
O4 - HKLM\..\Run: [Jawa322] C:\WINDOWS\jawa32.exe
O4 - HKLM\..\Run: [waitforddumbbows] C:\Documents and Settings\All Users\Application Data\32 Does Wait Ford\idolbeep.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [GridThird] C:\DOCUME~1\Amy\APPLIC~1\MPEGMO~1\Objvgaatom.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cab
O16 - DPF: {01118400-3E00-11D2-8470-0060089874ED} (SdcNetCheckCtl Class) - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) - http://members27.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {5C7F15E1-F31A-44FD-AA1A-2EC63AAFFD3A} - http://www.atelys.com/src/Speedup.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1094077969140
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28177.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab


End of KRC HijackThis Analyzer Log.
====================================================================

 

[Ried]

Hi Alliana,

Please print out or copy this page to Notepad since you will not have any of browsers open while you are fixing this. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. Again, you should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. If you have Windows XP, the search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that 'Search system folders', 'Search hidden files and folders', and 'Search subfolders' are checked.

Download CleanUp! (Alternate Link if main link doesn't work) and install it. Do not run it yet.

Download Hoster http://www.greyknight17.com/spy/Hoster.exe and run it. Choose the 'Restore Original Hosts' button and press OK.

Please download and run the WebSearch removal tool. http://securityresponse.symantec.com/avcenter/FxWebsch.exe

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Make sure to close any open browsers.

Messenger Plus - this program comes with a sponsor program. Do remember if you installed that or not? If you don't remember, I suggest uninstalling and then reinstalling but make sure not to install the sponsor program.

Go into Hijack This->Config->Misc. Tools->Open process manager. Select the following and click “Kill process” for each one if they are still listed (they shouldn't be - but double check it):(You must kill them one at a time).

C:\Program Files\Messenger Plus! 3\MsgPlus.exe

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

Messenger Plus! 3
WildTangent - This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all. They collect information about you and your usage. We recommend uninstalling it.

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/googlesidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.juyexznfuhwljdycc.com/We...RrvKXll10v7.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pnuwitpwnankq.com/Weed6W...MH_JmGeAkg.html
R3 - URLSearchHook: (no name) - {965A592F-8EFA-4250-8630-7960230792F1} - (no file)
R3 - URLSearchHook: US Class - {1FFED2CB-FC98-49f8-B3D0-678D03350F1E} - C:\WINDOWS\mscore.dll
O1 - Hosts: 216.130.185.143 websearch.com216.130.185.143 websearch.com216.130.185.143 websearch.com
O1 - Hosts: 216.130.185.143 websearch.com
O1 - Hosts: 216.130.185.143 www.websearch.com
O1 - Hosts: 216.130.185.143 websearch.com
O1 - Hosts: 216.130.185.143 www.websearch.com
O1 - Hosts: 216.130.185.143 websearch.com
O1 - Hosts: 216.130.185.143 www.websearch.com
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {1451ED44-F13F-38BB-0958-AB8256A91709} - C:\WINDOWS\Huwhobhk.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {A290CE6E-EFE5-3DE3-5C99-87DF6AB47E14} - C:\DOCUME~1\Amy\APPLIC~1\WIPEDA~1\bows delete.exe
O3 - Toolbar: Search - {8CAC8672-D527-4510-C747-0AF9354F85E0} - C:\WINDOWS\Huwhobhk.dll
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [Adstartup] C:\WINDOWS\System32\automove.exe
O4 - HKLM\..\Run: [wovax] C:\WINDOWS\wovax.exe
O4 - HKLM\..\Run: [aqadcup] C:\WINDOWS\aqadcup.exe
O4 - HKLM\..\Run: [Jawa32] C:\WINDOWS\jawa32.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [messfraggrimbias] C:\Documents and Settings\All Users\Application Data\helpbindmessfrag\elsewave.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [T1nk1c] C:\documents and settings\amy\local settings\temp\T1nk1c.exe
O4 - HKLM\..\Run: [Jawa322] C:\WINDOWS\jawa32.exe
O4 - HKLM\..\Run: [waitforddumbbows] C:\Documents and Settings\All Users\Application Data\32 Does Wait Ford\idolbeep.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [GridThird] C:\DOCUME~1\Amy\APPLIC~1\MPEGMO~1\Objvgaatom.exe

Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist.

C:\Program Files\Messenger Plus! 3
C:\DOCUME~1\Amy\APPLIC~1
C:\Program Files\WildTangent
C:\WINDOWS\mscore.dll
C:\WINDOWS\Huwhobhk.dll
c:\installer
C:\WINDOWS\System32\automove.exe
C:\WINDOWS\wovax.exe
C:\WINDOWS\aqadcup.exe
C:\WINDOWS\jawa32.exe
C:\Documents and Settings\All Users\Application Data\helpbindmessfrag
C:\Documents and Settings\All Users\Application Data\32 Does Wait Ford

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
-Empty Recycle Bins
-Temporary Internet Files
-Delete Cookies
-Delete Prefetch files
]-[X]Scan local drives for temporary files [/b] (Please uncheck this option)
-Cleanup! All Users
Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.

Reboot into Normal Mode.

Perform an online scan with Internet Explorer with Panda ActiveScan - requires Internet Explorer

1. Click on the Scan your PC button & a 'pop up' window shall appear. * ensure that your pop up blocker doesn't block it
2. Click On 'Scan Now'
3. Enter your e-mail address & click 'Scan Now' ...begins downloading Panda's ActiveX controls.- 8MB
4. Begin the scan by selecting My Computer
   * You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
5. If it finds any malware, it will offer you a report. Click on see report
6. Then click Save report
7. Post the contents of the report in your next reply along with a new HijackThis log.

 

[Alliana]

Ok, I did everything you said.. here are the two logs:
______________________

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 8/4/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.97.7
Scan saved at 7:38:14 AM, on 8/21/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Documents and Settings\Amy\My Documents\Downloaded Programs\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.dell4me.com/myway
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {F2C5973C-D5A6-7B06-3440-115D67D9E210} - C:\PROGRA~1\WIPEDA~1\bows delete.exe (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe
O4 - HKLM\..\Run: [T1nk1c.exe] C:\documents and settings\amy\local settings\temp\T1nk1c.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cab
O16 - DPF: {01118400-3E00-11D2-8470-0060089874ED} (SdcNetCheckCtl Class) - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) - http://members27.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {5C7F15E1-F31A-44FD-AA1A-2EC63AAFFD3A} - http://www.atelys.com/src/Speedup.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1094077969140
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28177.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab


End of KRC HijackThis Analyzer Log.
====================================================================



Incident Status Location

Adware:adware/tvmedia No disinfected C:\DOCUMENTS AND SETTINGS\AMY\APPLICATION DATA\tvmcwrd.dll
Adware:adware/adlogix No disinfected C:\WINDOWS\SYSTEM32\adupdmanager.xml
Adware:adware/transponder No disinfected C:\WINDOWS\SYSTEM32\c17b6s.dll
Spyware:spyware/betterinet No disinfected C:\WINDOWS\SYSTEM32\in10b6s.dll
Spyware:spyware/bargainbuddy No disinfected C:\WINDOWS\SYSTEM32\javex80.vxd
Spyware:spyware/linkreplacer No disinfected C:\WINDOWS\SYSTEM32\lmdv.bin
Adware:adware/portalscan No disinfected C:\WINDOWS\SYSTEM32\SWin32.dll
Adware:adware/sahagent No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\SAHUninstall_.exe
Adware:adware/topspyware No disinfected C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\wmplayer.exe.tmp
Adware:adware/comet No disinfected C:\WINDOWS\INF\CC_43.PNF
Adware:adware/lop No disinfected C:\PROGRAM FILES\C2Media
Adware:adware/myway No disinfected C:\PROGRAM FILES\MyWay
Adware:adware/wupd No disinfected C:\PROGRAM FILES\Windows SyncroAd
Adware:adware/bookedspace No disinfected C:\WINDOWS\bsx32
Spyware:spyware/clearsearch No disinfected Windows Registry
Virus:W32/Imagrayd.A.wom Disinfected C:\a.zip[Setup.exe]
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\Antepingstopjugs.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\czjrdyje.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\dztnzsqa.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\goehjlrh.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\jlaeedng.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\mnetswiu.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\nddjbhrx.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\Objvgaatom.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\regs real part.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\ulhawdgo.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\My Documents\Downloaded Programs\hijackthis\backup-20050820-224026-203.dll
Adware:Adware/BHO No disinfected C:\Documents and Settings\Amy\My Documents\Downloaded Programs\hijackthis\backup-20050820-224026-928.dll
Possible Virus. No disinfected C:\Documents and Settings\Amy\My Documents\Hanson\hanson\Hanson.exe
Possible Virus. No disinfected C:\Documents and Settings\Amy\My Documents\Hanson\hanson.zip[Hanson.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Documents and Settings\Amy\Shared\ Adobe Photoshop CS2 v9.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\ Coach Carter -ftp fast-.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\ System Shock 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\2 Beautiful Lesbians.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\2nd Speech Center 3.00.050818.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\3d Sex Villa Repacked.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Title Buttons v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Transparent Window v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Window Guard v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Window Manager v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Window Menu v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Window Minimizer v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Window Rollup v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\AlbumPro 8.51.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Alias SketchBook Pro 2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Alicia Rhodes & Her Big Perfect Tits.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\All Home Inventory 1.3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\All-In-One Learn To Speak Foreign Langua.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\American Pie 1-2-3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Apollo DVD Copy v4.5.1..zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Asmw PC-Optimizer Pro 7.5.264.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Auto Power-on & Shut-down 1.52.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Auto Power-on and Shut-down 1.44.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Battlefield 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Big Tit ****.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Blade 3 - Trinity.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\BLOODRAYNE.2-DEViANCE.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Browser Sentinel v2.1.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Button Studio 2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Carmen Electra- Playboy DVD.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Chicago - Greatest Hits - 1982-1989.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\CodeSmith Professional 2.6.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Counter Strike Source.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Cubase.STEINBERG.SX.v3.0.2.623-FULL H2O-RELEASE!.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Dark Water.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Data Recovery Software All In One 7 in 1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Deep Purple - Machine Head.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Delta Force.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Demons & Wizards - Touched By The Crimson.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\DJ Tiesto - Cream Amnesia.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\DJ Tiesto - Magik 6 Live in Amsterdam.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Dolly Parton - The Bluegrass Collectio.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\FinePrint 5.41 Enterprise.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\FinePrint pdfFactory Pro v2.43.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\First Alert Service Monitor v9.80.01.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Flash SWF to GIF AVI Converter 1.43.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\FlashGet v1.70.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Fresh UI 7.41.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Gaim 1.5.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Gothika (2003).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Grand Theft Auto San Andreas.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Headsoft Clone Cleaner Pro 1.02.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Herb Alpert & The Tijuana Brass - Greatest Hits.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\HiDownload 6.8.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Image To PDF 2.6.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Instant Message Grabber v2.3 Beta.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\ISO Commander v1.6.031 RC2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Joint Operations Typhoon Rising.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Juiced.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Kamasutra Hits 2005.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Kaspersky Anti-Hacker v1.8.180.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Kaylynn POV Blowjob.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Kingdia DVD Ripper Pro v2.4.3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Krystal First Time ****.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Lunar Strike.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Mechwarrior 4 Vengance.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\MetaProducts All-In-One 14 in 1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Michael Ball - Always.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Michael Ball - Love Changes Everything.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Microsoft Office Visio 2003.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Microsoft office XP Pro.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Microsoft Office XP.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Microsoft Plus! Digital Media Edition.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Microsoft Virtual PC 2004.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\MP3 Tag Clinic v4.1.3.4.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Need For Speed Underground 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\NetSpeeder 3.52.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\NetSupport Manager 9.10.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Nicky Reed **** and Suck.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Nofeel FTP Server 3.0.2600.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Paris Hilton Sex Tape.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\pinnacle studio 9.4.3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Platypus cracked.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Prince of Persia 4D.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\RegFreeze 5.31.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\RockIt 2000 Pro DJ Software 3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Rolling Stones - Black and Blue.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Service Record v5.4.8.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Sex 13 min Japanese girl.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\SmartFTP v1.5.988.50.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\SmartSoft Video Converter v2.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Sonic Dvdit Pro V6.0 Multilanguage.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\SoundForge 8.0b Build 110.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Spy Emergency 2005 2.0.300.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Steganos Safe v8.0.5 WinAll Multilingual.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Style XP 3.13.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\SWF Max 1.4.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Symantec Antivirus Corporate Edition v10.0.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Tennis Titans v1.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\The Hitchhiker's Guide to the Galaxy (20.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\The Last Dragon.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\The Longest Yard (2005).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\The Prince and Me.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\The Sixth Sense.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Topee CD Ripper 1.2.58.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Tori Amos - Mix.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Tori Amos Live - Miami-96.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Trance Voices Vol.16 (2005).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Ulead DVD MovieFactory 4.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Van Morrison - Magic Time.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Vyapin Admin Report Kit for Internet Information Server 3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Warez P2P 2.85 .zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\WinAbility Folder Guard Pro v7.6.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Windows XP Media Center 2005 2CD ISO.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\WinHex 12.35 SR-2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\WINner Tweak 3.2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\World of Warcraft.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Xeru Image Converter 1.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Xilisoft Audio Converter v2.0.36.809.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Zelda Classic.zip[Setup.exe]
Adware:Adware/Lop No disinfected C:\Program Files\C2Media\Setup.exe
Adware:Adware/MyWay No disinfected C:\Program Files\MyWay\myBar\1.bin\MY2NS.EXE
Adware:Adware/MyWay No disinfected C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
Adware:Adware/MyWay No disinfected C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL
Adware:Adware/MyWay No disinfected C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Setup.exe
Virus:Trj/Lemmy.C Disinfected C:\Program Files\Windows Media Player\wmplayer.exe.tmp
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\winupdates\winupdates.exe
Virus:W32/Imagrayd.A.wom Disinfected C:\s.tmp
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\ Coach Carter -ftp fast-.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\ System Shock 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\2 Beautiful Lesbians.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\2nd Speech Center 3.00.050818.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\3d Sex Villa Repacked.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Title Buttons v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Transparent Window v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Window Guard v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Window Manager v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Window Menu v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Window Minimizer v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Window Rollup v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\AlbumPro 8.51.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Alias SketchBook Pro 2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Alicia Rhodes & Her Big Perfect Tits.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\All Home Inventory 1.3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\All-In-One Learn To Speak Foreign Langua.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\American Pie 1-2-3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Apollo DVD Copy v4.5.1..zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Asmw PC-Optimizer Pro 7.5.264.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Auto Power-on & Shut-down 1.52.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Auto Power-on and Shut-down 1.44.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Battlefield 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Big Tit ****.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Blade 3 - Trinity.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\BLOODRAYNE.2-DEViANCE.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Browser Sentinel v2.1.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Button Studio 2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Carmen Electra- Playboy DVD.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Chicago - Greatest Hits - 1982-1989.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\CodeSmith Professional 2.6.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Counter Strike Source.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Cubase.STEINBERG.SX.v3.0.2.623-FULL H2O-RELEASE!.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Dark Water.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Data Recovery Software All In One 7 in 1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Deep Purple - Machine Head.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Delta Force.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Demons & Wizards - Touched By The Crimson.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\DJ Tiesto - Cream Amnesia.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\DJ Tiesto - Magik 6 Live in Amsterdam.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Dolly Parton - The Bluegrass Collectio.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\FinePrint 5.41 Enterprise.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\FinePrint pdfFactory Pro v2.43.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\First Alert Service Monitor v9.80.01.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Flash SWF to GIF AVI Converter 1.43.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\FlashGet v1.70.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Fresh UI 7.41.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Gaim 1.5.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Gothika (2003).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Grand Theft Auto San Andreas.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Headsoft Clone Cleaner Pro 1.02.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Herb Alpert & The Tijuana Brass - Greatest Hits.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\HiDownload 6.8.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Image To PDF 2.6.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Instant Message Grabber v2.3 Beta.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\ISO Commander v1.6.031 RC2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Joint Operations Typhoon Rising.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Juiced.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Kamasutra Hits 2005.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Kaspersky Anti-Hacker v1.8.180.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Kaylynn POV Blowjob.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Kingdia DVD Ripper Pro v2.4.3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Krystal First Time ****.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Lunar Strike.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Mechwarrior 4 Vengance.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\MetaProducts All-In-One 14 in 1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Michael Ball - Always.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Michael Ball - Love Changes Everything.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Microsoft Office Visio 2003.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Microsoft office XP Pro.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Microsoft Office XP.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Microsoft Plus! Digital Media Edition.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Microsoft Virtual PC 2004.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\MP3 Tag Clinic v4.1.3.4.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Need For Speed Underground 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\NetSpeeder 3.52.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\NetSupport Manager 9.10.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Nicky Reed **** and Suck.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Nofeel FTP Server 3.0.2600.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Paris Hilton Sex Tape.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\pinnacle studio 9.4.3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Platypus cracked.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Prince of Persia 4D.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\RegFreeze 5.31.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\RockIt 2000 Pro DJ Software 3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Rolling Stones - Black and Blue.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Service Record v5.4.8.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Sex 13 min Japanese girl.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\SmartFTP v1.5.988.50.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\SmartSoft Video Converter v2.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Sonic Dvdit Pro V6.0 Multilanguage.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\SoundForge 8.0b Build 110.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Spy Emergency 2005 2.0.300.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Steganos Safe v8.0.5 WinAll Multilingual.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Style XP 3.13.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\SWF Max 1.4.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Symantec Antivirus Corporate Edition v10.0.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Tennis Titans v1.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\The Hitchhiker's Guide to the Galaxy (20.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\The Last Dragon.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\The Longest Yard (2005).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\The Prince and Me.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\The Sixth Sense.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Topee CD Ripper 1.2.58.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Tori Amos - Mix.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Tori Amos Live - Miami-96.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Trance Voices Vol.16 (2005).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Ulead DVD MovieFactory 4.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Van Morrison - Magic Time.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Vyapin Admin Report Kit for Internet Information Server 3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Warez P2P 2.85 .zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\WinAbility Folder Guard Pro v7.6.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Windows XP Media Center 2005 2CD ISO.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\WinHex 12.35 SR-2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\WINner Tweak 3.2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\World of Warcraft.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Xeru Image Converter 1.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Xilisoft Audio Converter v2.0.36.809.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Zelda Classic.zip[Setup.exe]
Adware:Adware/Popuper No disinfected C:\WINDOWS\bevdev.exe_
Adware:Adware/MyDailyHoroscopeNo disinfected C:\WINDOWS\bundles\setup_silent_14725.exe
Virus:Trj/Downloader.MO Disinfected C:\WINDOWS\Downloaded Program Files\default.inf
Possible Virus. No disinfected C:\WINDOWS\Hanson.scr
Spyware:Spyware/ISTbar No disinfected C:\WINDOWS\SYSTEM32\istinstall_adlogix.exe
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\SYSTEM32\javex80.vxd[nls.exe]
Spyware:Spyware/LinkReplacer No disinfected C:\WINDOWS\SYSTEM32\lmf32v.dll
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\SYSTEM32\psis80ex.ax[bb_welcome.html]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\SYSTEM32\psis80ex.ax[icon.gif]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\SYSTEM32\psis80ex.ax[cashback.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\SYSTEM32\psis80ex.ax[cb.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\SYSTEM32\psis80ex.ax[flash.exe]
Adware:Adware/AdLogix No disinfected C:\WINDOWS\SYSTEM32\SWin32.dll
Adware:Adware/AdLogix No disinfected C:\WINDOWS\SYSTEM32\trans.exe
Possible Virus. No disinfected C:\WINDOWS\Temp\ASHeuristic\Hanson.exe.vir
Possible Virus. No disinfected C:\WINDOWS\Temp\ASHeuristic\Hanson.scr.vir

 

[Alliana]

Ok, I did everything you said.. here are the two logs:
______________________

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 8/4/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.97.7
Scan saved at 7:38:14 AM, on 8/21/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Documents and Settings\Amy\My Documents\Downloaded Programs\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.dell4me.com/myway
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {F2C5973C-D5A6-7B06-3440-115D67D9E210} - C:\PROGRA~1\WIPEDA~1\bows delete.exe (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe
O4 - HKLM\..\Run: [T1nk1c.exe] C:\documents and settings\amy\local settings\temp\T1nk1c.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cab
O16 - DPF: {01118400-3E00-11D2-8470-0060089874ED} (SdcNetCheckCtl Class) - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) - http://members27.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {5C7F15E1-F31A-44FD-AA1A-2EC63AAFFD3A} - http://www.atelys.com/src/Speedup.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1094077969140
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28177.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab


End of KRC HijackThis Analyzer Log.
====================================================================



Incident Status Location

Adware:adware/tvmedia No disinfected C:\DOCUMENTS AND SETTINGS\AMY\APPLICATION DATA\tvmcwrd.dll
Adware:adware/adlogix No disinfected C:\WINDOWS\SYSTEM32\adupdmanager.xml
Adware:adware/transponder No disinfected C:\WINDOWS\SYSTEM32\c17b6s.dll
Spyware:spyware/betterinet No disinfected C:\WINDOWS\SYSTEM32\in10b6s.dll
Spyware:spyware/bargainbuddy No disinfected C:\WINDOWS\SYSTEM32\javex80.vxd
Spyware:spyware/linkreplacer No disinfected C:\WINDOWS\SYSTEM32\lmdv.bin
Adware:adware/portalscan No disinfected C:\WINDOWS\SYSTEM32\SWin32.dll
Adware:adware/sahagent No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\SAHUninstall_.exe
Adware:adware/topspyware No disinfected C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\wmplayer.exe.tmp
Adware:adware/comet No disinfected C:\WINDOWS\INF\CC_43.PNF
Adware:adware/lop No disinfected C:\PROGRAM FILES\C2Media
Adware:adware/myway No disinfected C:\PROGRAM FILES\MyWay
Adware:adware/wupd No disinfected C:\PROGRAM FILES\Windows SyncroAd
Adware:adware/bookedspace No disinfected C:\WINDOWS\bsx32
Spyware:spyware/clearsearch No disinfected Windows Registry
Virus:W32/Imagrayd.A.wom Disinfected C:\a.zip[Setup.exe]
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\Antepingstopjugs.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\czjrdyje.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\dztnzsqa.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\goehjlrh.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\jlaeedng.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\mnetswiu.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\nddjbhrx.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\Objvgaatom.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\regs real part.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\Application Data\Mpegmodesave\ulhawdgo.exe
Adware:Adware/Lop No disinfected C:\Documents and Settings\Amy\My Documents\Downloaded Programs\hijackthis\backup-20050820-224026-203.dll
Adware:Adware/BHO No disinfected C:\Documents and Settings\Amy\My Documents\Downloaded Programs\hijackthis\backup-20050820-224026-928.dll
Possible Virus. No disinfected C:\Documents and Settings\Amy\My Documents\Hanson\hanson\Hanson.exe
Possible Virus. No disinfected C:\Documents and Settings\Amy\My Documents\Hanson\hanson.zip[Hanson.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Documents and Settings\Amy\Shared\ Adobe Photoshop CS2 v9.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\ Coach Carter -ftp fast-.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\ System Shock 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\2 Beautiful Lesbians.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\2nd Speech Center 3.00.050818.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\3d Sex Villa Repacked.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Title Buttons v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Transparent Window v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Window Guard v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Window Manager v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Window Menu v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Window Minimizer v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Actual Window Rollup v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\AlbumPro 8.51.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Alias SketchBook Pro 2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Alicia Rhodes & Her Big Perfect Tits.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\All Home Inventory 1.3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\All-In-One Learn To Speak Foreign Langua.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\American Pie 1-2-3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Apollo DVD Copy v4.5.1..zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Asmw PC-Optimizer Pro 7.5.264.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Auto Power-on & Shut-down 1.52.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Auto Power-on and Shut-down 1.44.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Battlefield 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Big Tit ****.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Blade 3 - Trinity.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\BLOODRAYNE.2-DEViANCE.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Browser Sentinel v2.1.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Button Studio 2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Carmen Electra- Playboy DVD.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Chicago - Greatest Hits - 1982-1989.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\CodeSmith Professional 2.6.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Counter Strike Source.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Cubase.STEINBERG.SX.v3.0.2.623-FULL H2O-RELEASE!.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Dark Water.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Data Recovery Software All In One 7 in 1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Deep Purple - Machine Head.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Delta Force.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Demons & Wizards - Touched By The Crimson.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\DJ Tiesto - Cream Amnesia.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\DJ Tiesto - Magik 6 Live in Amsterdam.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Dolly Parton - The Bluegrass Collectio.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\FinePrint 5.41 Enterprise.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\FinePrint pdfFactory Pro v2.43.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\First Alert Service Monitor v9.80.01.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Flash SWF to GIF AVI Converter 1.43.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\FlashGet v1.70.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Fresh UI 7.41.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Gaim 1.5.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Gothika (2003).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Grand Theft Auto San Andreas.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Headsoft Clone Cleaner Pro 1.02.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Herb Alpert & The Tijuana Brass - Greatest Hits.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\HiDownload 6.8.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Image To PDF 2.6.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Instant Message Grabber v2.3 Beta.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\ISO Commander v1.6.031 RC2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Joint Operations Typhoon Rising.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Juiced.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Kamasutra Hits 2005.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Kaspersky Anti-Hacker v1.8.180.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Kaylynn POV Blowjob.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Kingdia DVD Ripper Pro v2.4.3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Krystal First Time ****.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Lunar Strike.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Mechwarrior 4 Vengance.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\MetaProducts All-In-One 14 in 1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Michael Ball - Always.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Michael Ball - Love Changes Everything.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Microsoft Office Visio 2003.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Microsoft office XP Pro.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Microsoft Office XP.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Microsoft Plus! Digital Media Edition.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Microsoft Virtual PC 2004.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\MP3 Tag Clinic v4.1.3.4.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Need For Speed Underground 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\NetSpeeder 3.52.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\NetSupport Manager 9.10.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Nicky Reed **** and Suck.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Nofeel FTP Server 3.0.2600.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Paris Hilton Sex Tape.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\pinnacle studio 9.4.3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Platypus cracked.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Prince of Persia 4D.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\RegFreeze 5.31.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\RockIt 2000 Pro DJ Software 3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Rolling Stones - Black and Blue.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Service Record v5.4.8.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Sex 13 min Japanese girl.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\SmartFTP v1.5.988.50.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\SmartSoft Video Converter v2.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Sonic Dvdit Pro V6.0 Multilanguage.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\SoundForge 8.0b Build 110.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Spy Emergency 2005 2.0.300.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Steganos Safe v8.0.5 WinAll Multilingual.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Style XP 3.13.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\SWF Max 1.4.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Symantec Antivirus Corporate Edition v10.0.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Tennis Titans v1.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\The Hitchhiker's Guide to the Galaxy (20.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\The Last Dragon.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\The Longest Yard (2005).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\The Prince and Me.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\The Sixth Sense.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Topee CD Ripper 1.2.58.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Tori Amos - Mix.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Tori Amos Live - Miami-96.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Trance Voices Vol.16 (2005).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Ulead DVD MovieFactory 4.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Van Morrison - Magic Time.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Vyapin Admin Report Kit for Internet Information Server 3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Warez P2P 2.85 .zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\WinAbility Folder Guard Pro v7.6.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Windows XP Media Center 2005 2CD ISO.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\WinHex 12.35 SR-2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\WINner Tweak 3.2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\World of Warcraft.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Xeru Image Converter 1.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Xilisoft Audio Converter v2.0.36.809.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Ares\My Shared Folder\Zelda Classic.zip[Setup.exe]
Adware:Adware/Lop No disinfected C:\Program Files\C2Media\Setup.exe
Adware:Adware/MyWay No disinfected C:\Program Files\MyWay\myBar\1.bin\MY2NS.EXE
Adware:Adware/MyWay No disinfected C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
Adware:Adware/MyWay No disinfected C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL
Adware:Adware/MyWay No disinfected C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\Setup.exe
Virus:Trj/Lemmy.C Disinfected C:\Program Files\Windows Media Player\wmplayer.exe.tmp
Virus:W32/Imagrayd.A.wom Disinfected C:\Program Files\winupdates\winupdates.exe
Virus:W32/Imagrayd.A.wom Disinfected C:\s.tmp
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\ Coach Carter -ftp fast-.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\ System Shock 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\2 Beautiful Lesbians.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\2nd Speech Center 3.00.050818.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\3d Sex Villa Repacked.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Title Buttons v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Transparent Window v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Window Guard v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Window Manager v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Window Menu v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Window Minimizer v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Actual Window Rollup v3.7.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\AlbumPro 8.51.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Alias SketchBook Pro 2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Alicia Rhodes & Her Big Perfect Tits.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\All Home Inventory 1.3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\All-In-One Learn To Speak Foreign Langua.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\American Pie 1-2-3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Apollo DVD Copy v4.5.1..zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Asmw PC-Optimizer Pro 7.5.264.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Auto Power-on & Shut-down 1.52.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Auto Power-on and Shut-down 1.44.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Battlefield 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Big Tit ****.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Blade 3 - Trinity.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\BLOODRAYNE.2-DEViANCE.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Browser Sentinel v2.1.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Button Studio 2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Carmen Electra- Playboy DVD.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Chicago - Greatest Hits - 1982-1989.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\CodeSmith Professional 2.6.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Counter Strike Source.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Cubase.STEINBERG.SX.v3.0.2.623-FULL H2O-RELEASE!.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Dark Water.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Data Recovery Software All In One 7 in 1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Deep Purple - Machine Head.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Delta Force.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Demons & Wizards - Touched By The Crimson.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\DJ Tiesto - Cream Amnesia.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\DJ Tiesto - Magik 6 Live in Amsterdam.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Dolly Parton - The Bluegrass Collectio.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\FinePrint 5.41 Enterprise.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\FinePrint pdfFactory Pro v2.43.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\First Alert Service Monitor v9.80.01.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Flash SWF to GIF AVI Converter 1.43.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\FlashGet v1.70.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Fresh UI 7.41.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Gaim 1.5.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Gothika (2003).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Grand Theft Auto San Andreas.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Headsoft Clone Cleaner Pro 1.02.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Herb Alpert & The Tijuana Brass - Greatest Hits.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\HiDownload 6.8.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Image To PDF 2.6.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Instant Message Grabber v2.3 Beta.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\ISO Commander v1.6.031 RC2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Joint Operations Typhoon Rising.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Juiced.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Kamasutra Hits 2005.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Kaspersky Anti-Hacker v1.8.180.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Kaylynn POV Blowjob.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Kingdia DVD Ripper Pro v2.4.3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Krystal First Time ****.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Lunar Strike.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Mechwarrior 4 Vengance.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\MetaProducts All-In-One 14 in 1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Michael Ball - Always.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Michael Ball - Love Changes Everything.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Microsoft Office Visio 2003.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Microsoft office XP Pro.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Microsoft Office XP.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Microsoft Plus! Digital Media Edition.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Microsoft Virtual PC 2004.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\MP3 Tag Clinic v4.1.3.4.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Need For Speed Underground 2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\NetSpeeder 3.52.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\NetSupport Manager 9.10.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Nicky Reed **** and Suck.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Nofeel FTP Server 3.0.2600.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Paris Hilton Sex Tape.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\pinnacle studio 9.4.3.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Platypus cracked.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Prince of Persia 4D.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\RegFreeze 5.31.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\RockIt 2000 Pro DJ Software 3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Rolling Stones - Black and Blue.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Service Record v5.4.8.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Sex 13 min Japanese girl.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\SmartFTP v1.5.988.50.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\SmartSoft Video Converter v2.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Sonic Dvdit Pro V6.0 Multilanguage.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\SoundForge 8.0b Build 110.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Spy Emergency 2005 2.0.300.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Steganos Safe v8.0.5 WinAll Multilingual.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Style XP 3.13.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\SWF Max 1.4.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Symantec Antivirus Corporate Edition v10.0.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Tennis Titans v1.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\The Hitchhiker's Guide to the Galaxy (20.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\The Last Dragon.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\The Longest Yard (2005).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\The Prince and Me.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\The Sixth Sense.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Topee CD Ripper 1.2.58.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Tori Amos - Mix.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Tori Amos Live - Miami-96.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Trance Voices Vol.16 (2005).zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Ulead DVD MovieFactory 4.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Van Morrison - Magic Time.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Vyapin Admin Report Kit for Internet Information Server 3.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Warez P2P 2.85 .zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\WinAbility Folder Guard Pro v7.6.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Windows XP Media Center 2005 2CD ISO.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\WinHex 12.35 SR-2.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\WINner Tweak 3.2.0.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\World of Warcraft.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Xeru Image Converter 1.1.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Xilisoft Audio Converter v2.0.36.809.zip[Setup.exe]
Virus:W32/Imagrayd.A.wom Disinfected C:\Uploads\Zelda Classic.zip[Setup.exe]
Adware:Adware/Popuper No disinfected C:\WINDOWS\bevdev.exe_
Adware:Adware/MyDailyHoroscopeNo disinfected C:\WINDOWS\bundles\setup_silent_14725.exe
Virus:Trj/Downloader.MO Disinfected C:\WINDOWS\Downloaded Program Files\default.inf
Possible Virus. No disinfected C:\WINDOWS\Hanson.scr
Spyware:Spyware/ISTbar No disinfected C:\WINDOWS\SYSTEM32\istinstall_adlogix.exe
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\SYSTEM32\javex80.vxd[nls.exe]
Spyware:Spyware/LinkReplacer No disinfected C:\WINDOWS\SYSTEM32\lmf32v.dll
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\SYSTEM32\psis80ex.ax[bb_welcome.html]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\SYSTEM32\psis80ex.ax[icon.gif]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\SYSTEM32\psis80ex.ax[cashback.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\SYSTEM32\psis80ex.ax[cb.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\SYSTEM32\psis80ex.ax[flash.exe]
Adware:Adware/AdLogix No disinfected C:\WINDOWS\SYSTEM32\SWin32.dll
Adware:Adware/AdLogix No disinfected C:\WINDOWS\SYSTEM32\trans.exe
Possible Virus. No disinfected C:\WINDOWS\Temp\ASHeuristic\Hanson.exe.vir
Possible Virus. No disinfected C:\WINDOWS\Temp\ASHeuristic\Hanson.scr.vir

 

[Alliana]

Just wanted to make sure this works... my reply doesn't seem to be showing up.

 

[greyknight17]

As you can see, you have downloaded many worms and viruses from Ares. My suggestion is to stop downloading any games or other media data from Ares. You're only going to get yourself back here again very soon.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Download KillBox http://www.greyknight17.com/spy/KillBox.exe. Run KillBox and check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'. Copy the below files and go back to KillBox. Go to File->Paste from Clipboard and then hit the button with a red circle and white X. Confirm to delete and when asked if you want to reboot, say no:

C:\DOCUMENTS AND SETTINGS\AMY\APPLICATION DATA\tvmcwrd.dll
C:\WINDOWS\SYSTEM32\adupdmanager.xml
C:\WINDOWS\SYSTEM32\c17b6s.dll
C:\WINDOWS\SYSTEM32\in10b6s.dll
C:\WINDOWS\SYSTEM32\javex80.vxd
C:\WINDOWS\SYSTEM32\lmdv.bin
C:\WINDOWS\SYSTEM32\SWin32.dll
C:\WINDOWS\DOWNLOADED PROGRAM FILES\SAHUninstall_.exe
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\wmplayer.exe.tmp
C:\WINDOWS\INF\CC_43.PNF
C:\a.zip
C:\Documents and Settings\Amy\My Documents\Downloaded Programs\hijackthis\backup-20050820-224026-203.dll
C:\Documents and Settings\Amy\My Documents\Downloaded Programs\hijackthis\backup-20050820-224026-928.dll
C:\Documents and Settings\Amy\My Documents\Hanson\hanson\Hanson.exe
C:\Documents and Settings\Amy\My Documents\Hanson\hanson.zip
C:\WINDOWS\bevdev.exe_
C:\WINDOWS\Hanson.scr
C:\WINDOWS\SYSTEM32\istinstall_adlogix.exe
C:\WINDOWS\SYSTEM32\lmf32v.dll
C:\WINDOWS\SYSTEM32\psis80ex.ax
C:\WINDOWS\SYSTEM32\trans.exe

Delete these folders if found:

C:\Documents and Settings\Amy\Application Data\Mpegmodesave\
C:\PROGRAM FILES\C2Media\
C:\PROGRAM FILES\MyWay\
C:\PROGRAM FILES\Windows SyncroAd\
C:\WINDOWS\bundles\
C:\WINDOWS\bsx32

Restart your computer.

You have an outdated version of HijackThis. Download the newest version at http://www.greyknight17.com/spy/HijackThis.exe and run it.

Before you give us a new log here, if we gave you instructions for a fix, please do the fixes first and then post the new log with this updated version.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Post the HijackThis log here.

 

[Alliana]

I keep trying to download the new version of hijackthis from your link, but whenever i do it gives my computer a virus...

What should i do?

 

[Ried]

Can you explain what you mean by "it gives you a virus"?

Try this link:

Please click on the link below to download the latest version:

• HiJackThis_sfx.exe

1. Delete your current HiJackThis.exe file
2. Double-click on the file you just downloaded.
3. Click on the "Unzip" button to install the newer version.
4. It will by default install to the directory - C:\Program Files\HiJackThis\

 

[Alliana]

Yeah, it did the same thing with this link to. When I try to download it, this message pops up from my anti-virus program:

 

[Ried]

If you haven't already, please proceed with the fixes greyknight17 gave you and try again to download HijackThis.

If P2Pworm is still detected by McAfee when you try to download it, please do the following:

Please empty any Quarantine folder in your antivirus program and purge all recovery items in the Spybot program (if you use it) before running this tool.

Download the Mwav virus checker at http://www.mwti.net/antivirus/mwav.asp (Use Link 3)

1. Save it to a folder.
2. Reboot into Safe Mode.
3. Double click the Mwav.exe file. This is a stand alone tool and NOT just a virus checker......so it won't install anything.
4. Select all local drives, scan all files, and press SCAN. When it is completed, anything found will be displayed in the lower pane.
5. In the Virus Log Information Pane......
Left click and highlight all the information in the Lower pane --- Use CTRL C on your keyboard to copy everything found in the lower pane and save it to a notepad file
*Note* If prompted that a virus was found and you need to purchase the product to remove the malware, just close out the prompt and let it continue scanning. We are not going to use this to remove anything...but to ID the bad files.

Once you copy that to a Notepad file...highlight the text and copy it here.

Do you have another computer you can use to download HijackThis and transfer to this PC? It will fit on a floppy.