Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Wednesday 22.1.2025 / 18:05
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > do i need zcom_ad
Show topics
 
Forums
Forums
Do I need zcom_ad
  Jump to:
 
Posted Message
hog98
Newbie
_ 		26. August 2006 @ 17:11 _ Link to this message    Send private message to this user   
When I shut down windows, I get a popup screen titled zcom_ad. Whats up with that? Do I need it? I'm on a slow phone line running Netzero. I use the internet to view my emails and do some surfing and that about it. Below is my HjT log file. Anyone see anythig wrong?

Logfile of HijackThis v1.99.1
Scan saved at 8:39:40 PM, on 8/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\wscntfy.exe
C:\WINNT\system32\SK9910DM.EXE
C:\WINNT\GWMDMMSG.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINNT\System32\hphmon04.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\PROGRA~1\Logitech\iTouch\iTouch.exe
C:\WINNT\system32\pctspk.exe
C:\WINNT\system32\PV92Tray.exe
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINNT\System32\HPHipm11.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\NetZero\qsacc\x1exec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hjt\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.netzero.net/s/sp?r=al&cf=sp&mem=gatorplace&login=d07326...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7900
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.amazingdietpatches.com;*.casalemedia.com;*.clickagents.com;*.consumerincentivepromotions.com;*.expedia.com;*.kanoodle.com;*.netzero.net;*.offeroptimizer.com;*.oinadserve.com;*.orexis.com;*.overture.com;*.realmedia.com;*.rn11.com;*.tmsquared.com;*.yoursmartrewards.com;*.zedo.com;64.136.29.30;64.136.21.30;64.136.29.34;amazingdietpatches.com;casalemedia.com;clickagents.com;consumerincentivepromotions.com;expedia.com;kanoodle.com;netzero.net;offeroptimizer.com;oinadserve.com;orexis.com;overture.com;realmedia.com;rn11.com;searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*.pogo.com;*.worldwinner.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;*photosite.com;*.dir.untd.com;*.prod.untd.com;tmsquared.com;yoursmartrewards.com;zedo.com;<local>
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NZSearch\SearchEnh1.dll
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\fwxxxusn.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Popup-Blocker Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\x1IEBHO.dll
O2 - BHO: (no name) - {AD05DCB9-2E19-88A3-BD62-593712D7D089} - C:\WINNT\system32\appqh32.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINNT\System32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\PROGRA~1\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\nzspc.exe" -w
O4 - HKCU\..\RunOnce: [untd_recovery] "C:\Program Files\NetZero\qsacc\x1exec.exe"
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/227
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINNT\System32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{1855A12E-4A9E-421C-81BD-89206D2FE8F3}: NameServer = 64.136.28.120 64.136.20.120
O17 - HKLM\System\CS1\Services\Tcpip\..\{1855A12E-4A9E-421C-81BD-89206D2FE8F3}: NameServer = 205.171.3.65 205.171.2.65
O17 - HKLM\System\CS2\Services\Tcpip\..\{1855A12E-4A9E-421C-81BD-89206D2FE8F3}: NameServer = 64.136.28.120 64.136.20.120
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: PictureTaker - Unknown owner - c:\fixit\pt\PCTKRNT.SYS (file missing)
O23 - Service: Pml Driver HPH11 - HP - C:\WINNT\System32\HPHipm11.exe
[ + quote]
Niobis
Senior Member
_ 		26. August 2006 @ 18:31 _ Link to this message    Send private message to this user   
Go here http://free.grisoft.com/doc/1 and download Ewido.

Install and update.
Restart your computer in safe mode(press F8 upon boot, select "Safe Mode" from menu).
Run a full scan with Ewdio.
When scanning is finished, set all items to delete and click apply all actions.
Save a log file!
Restart in normal mode.

Post back with a new HijackThis log and the Ewido log.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
hog98
Newbie
_ 		27. August 2006 @ 17:20 _ Link to this message    Send private message to this user   
Niobis,

Ok, I downloaded Ewdio and followed your instruction. Below are the HijackThis log and Ewido report. (I hope the Ewido report is what you needed. It is very large.) I did not see an Ewido log to copy.

If there are changes I have to make please provide step-by-step instruction. I'm not that good at this stuff. Sorry.

If there is anything in the reports which deals with the "about:blank"
I need to remove that too. My cpu is running slower now then before these two issues infected it.

Thanks for any help you can provide,
Hog98

Logfile of HijackThis v1.99.1
Scan saved at 8:59:52 PM, on 8/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\SK9910DM.EXE
C:\WINNT\GWMDMMSG.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINNT\System32\hphmon04.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\PROGRA~1\Logitech\iTouch\iTouch.exe
C:\WINNT\system32\pctspk.exe
C:\WINNT\system32\PV92Tray.exe
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINNT\system32\wscntfy.exe
C:\WINNT\System32\HPHipm11.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\NetZero\qsacc\x1exec.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hjt\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.netzero.net/s/sp?r=al&cf=sp&mem=gatorplace&login=d07326...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7900
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.amazingdietpatches.com;*.casalemedia.com;*.clickagents.com;*.consumerincentivepromotions.com;*.expedia.com;*.kanoodle.com;*.netzero.net;*.offeroptimizer.com;*.oinadserve.com;*.orexis.com;*.overture.com;*.realmedia.com;*.rn11.com;*.tmsquared.com;*.yoursmartrewards.com;*.zedo.com;64.136.29.30;64.136.21.30;64.136.29.34;amazingdietpatches.com;casalemedia.com;clickagents.com;consumerincentivepromotions.com;expedia.com;kanoodle.com;netzero.net;offeroptimizer.com;oinadserve.com;orexis.com;overture.com;realmedia.com;rn11.com;searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*.pogo.com;*.worldwinner.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;*photosite.com;*.dir.untd.com;*.prod.untd.com;tmsquared.com;yoursmartrewards.com;zedo.com;<local>
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NZSearch\SearchEnh1.dll
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\fwxxxusn.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Popup-Blocker Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\x1IEBHO.dll
O2 - BHO: (no name) - {AD05DCB9-2E19-88A3-BD62-593712D7D089} - C:\WINNT\system32\appqh32.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINNT\System32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\PROGRA~1\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\nzspc.exe" -w
O4 - HKCU\..\RunOnce: [untd_recovery] "C:\Program Files\NetZero\qsacc\x1exec.exe"
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/227
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINNT\System32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{1855A12E-4A9E-421C-81BD-89206D2FE8F3}: NameServer = 64.136.20.121 64.136.28.121
O17 - HKLM\System\CS1\Services\Tcpip\..\{1855A12E-4A9E-421C-81BD-89206D2FE8F3}: NameServer = 205.171.3.65 205.171.2.65
O17 - HKLM\System\CS2\Services\Tcpip\..\{1855A12E-4A9E-421C-81BD-89206D2FE8F3}: NameServer = 64.136.20.121 64.136.28.121
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: PictureTaker - Unknown owner - c:\fixit\pt\PCTKRNT.SYS (file missing)
O23 - Service: Pml Driver HPH11 - HP - C:\WINNT\System32\HPHipm11.exe

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:42:19 PM 8/27/2006

+ Scan result:



C:\Documents and Settings\Owner\Local Settings\Temp\THI6C6B.tmp\pynix.cab/polall1p.exe -> Adware.BetterInternet : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temp\THI6C6B.tmp\pynix.cab/Pynix.dll -> Adware.BiSpy : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{01394D83-DF3D-3A0E-A258-1A733995AD98} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{01789791-5DA5-E2E1-655E-B7C515B49D81} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{03FF7663-C35E-6699-5A28-2CF30D6E3BE5} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{08460DA7-3C2B-3C21-9883-34880E388D10} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{0DC9341C-5589-9EFD-745C-C14B294022FF} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{146C8A66-A94A-54BB-A69B-93363DD26286} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{15FA0F4D-480D-83DC-C92D-44F99FD62903} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{166CDEFE-E88F-C410-5454-34602088172B} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{177D8DED-3389-6538-A987-C086D0210C15} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{193FF3B5-F2EC-7143-05A3-086AA5519855} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{1C57D9B3-3087-A139-1C5E-BB570B544CC0} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{1C94BC71-9782-E435-E986-069D46C89255} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{235090AC-C72A-5655-0AD6-3F3C44EDBEFB} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{260F1BAC-4546-66EB-0788-80A8D4A06ED0} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{292D86A4-74E4-75DB-372B-ADBFB2C0AAE7} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{2CEC0869-5C29-E428-D833-3B9B2A8977DD} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{33899E0A-3F62-AEAA-C241-60E4EC0DB1AC} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{366CA0B2-BB10-16B0-C70C-6457401C3A3D} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{3CA144E3-3EDF-5E8A-4A55-C2E5F481CD1E} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{44C0E523-5AC2-5B62-7CF1-D4088D32F80A} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{4A515210-1CD0-C708-D58B-235E88247714} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{4A9C09E1-BE38-5B61-F6B0-FC8C4F9B1F4B} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{52FBD3DB-FC5A-BD59-EB5A-4D906DF6C968} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{5E32CDBD-DE16-35E9-F83E-6345429FD0E2} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{60F1B77A-C063-6009-D43A-9B05BA99FEAB} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{6102D9E3-411C-B2D7-6CEB-7E1F3F3B846F} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{6D2538D0-4696-0060-7F97-004E367C3C7F} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{6F450786-4787-A44D-CDD4-0CE738C6A513} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{71F6EF32-C681-46A3-ED09-19B4CE9875AA} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{78BA4201-3544-F490-1037-A0AC2A41B6C8} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{7FDF69C0-D9FD-9D48-7DA9-32F1C5E64B19} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{8430846B-8A81-CE71-E16C-22A97EFCBE41} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{8F6EFF6D-66EE-DB11-7404-87844D56D6E1} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{8F81986D-802E-D9AA-0FD3-B0937653C654} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{9406510C-9A92-6906-0843-F5671E7AA181} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{99ED8EAB-6FE0-F8B8-4CD0-FEB826314566} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{A42792DB-84B3-2629-D920-47DC8978768F} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{B1E9261D-EF1C-0DCD-3B09-A8CBB602CDF7} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{BCE8BE5B-0CE8-5679-7126-794292C14490} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{BE66A9C1-10FA-86F9-D013-9C177FD23477} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{C1BE0CB4-0D9B-2B4C-F9AA-F3E4FB11C9AF} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{C477A645-EF58-D2AA-35D1-783C7D6D4C8B} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{C5E372CD-45A2-3B6F-E7F0-487650BC242B} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{D1705B99-FC99-2629-58CD-0897A0154904} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{DA991481-89B4-0B26-9C54-3A2FD8525D10} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{DBD497A0-51DB-5718-A5FE-1982103CA3A1} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{DC0E2D8F-285B-98A6-1EFF-E94EDB01C121} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{DFB2AA15-E401-4849-EC8D-09D78BFC8D4A} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{E558C92A-26ED-983A-0F8B-64C91ED05AE9} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{EE44066D-FBD9-877A-06D0-AC8EAF7557D9} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{F31513BE-7500-064A-DA14-8520ADF3C68E} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{F318EC0A-5201-D9AB-E630-55ADC69D633C} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{FB01DEFA-EBAA-E09F-EB9C-39C2D57678D3} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{FB070AAE-B9E2-74B0-C055-D4E11738D2AD} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{FBD61D26-207A-2CEA-35F1-42853BFD0CEB} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{FC41D24D-B315-464B-49FD-7739B7BB7D83} -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{FC5F2570-5122-BE3A-0585-BC958ED5E461} -> Adware.CoolWebSearch : Cleaned.
HKU\.DEFAULT\Software\intexp -> Adware.IEPlugin : Cleaned.
HKU\.DEFAULT\Software\intexp\Config -> Adware.IEPlugin : Cleaned.
HKU\.DEFAULT\Software\intexp\MyFileSystem2 -> Adware.IEPlugin : Cleaned.
HKU\S-1-5-18\Software\intexp -> Adware.IEPlugin : Cleaned.
HKU\S-1-5-18\Software\intexp\Config -> Adware.IEPlugin : Cleaned.
HKU\S-1-5-18\Software\intexp\MyFileSystem2 -> Adware.IEPlugin : Cleaned.
C:\Documents and Settings\Owner\Application Data\dees.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP801\A0214636.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP835\A0214757.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP837\A0214769.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP840\A0214835.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP842\A0214854.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP847\A0214887.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP848\A0214913.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP854\A0215358.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP855\A0215371.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP859\A0215423.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP859\A0215604.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP868\A0215645.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\WINNT\KB825119.log:rjbfka -> Adware.SearchPage : Cleaned.
C:\WINNT\SYSINI.QTW:dkpfwj -> Adware.SearchPage : Cleaned.
C:\WINNT\Sti_Trace.log:voqrgy -> Adware.SearchPage : Cleaned.
C:\WINNT\iTouch.ini:vqzewi -> Adware.SearchPage : Cleaned.
C:\WINNT\wmsetup.log:oclnzx -> Adware.SearchPage : Cleaned.
C:\WINNT\yzibg.dat:wlkpkj -> Adware.SearchPage : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:jktddp -> Adware.SearchPage : Cleaned.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QRKXINQP\bridge-c9[1].cab/SyncroAdX.dll -> Adware.WinAD : Cleaned.
C:\WINNT\system32\spoolsc -> Backdoor.Wootbot : Cleaned.
C:\WINNT\BEFFIGO.ini:ezfpc -> Downloader.Agent.bc : Cleaned.
C:\WINNT\FNTALIAS.INI:wkgygv -> Downloader.Agent.bc : Cleaned.
C:\WINNT\KB824141.log:abgou -> Downloader.Agent.bc : Cleaned.
C:\WINNT\KB886185.log:vzyxf -> Downloader.Agent.bc : Cleaned.
C:\WINNT\KB891781.log:hwllc -> Downloader.Agent.bc : Cleaned.
C:\WINNT\Q317277.log:zhufyi -> Downloader.Agent.bc : Cleaned.
C:\WINNT\Q324380.log:bnqpp -> Downloader.Agent.bc : Cleaned.
C:\WINNT\Rhododendron.bmp:qujcm -> Downloader.Agent.bc : Cleaned.
C:\WINNT\Run32A50.mch:llkvba -> Downloader.Agent.bc : Cleaned.
C:\WINNT\iehq.dll -> Downloader.Agent.bc : Cleaned.
C:\WINNT\n_hcxckg.dat -> Downloader.Agent.bc : Cleaned.
C:\WINNT\n_ngapvj.log -> Downloader.Agent.bc : Cleaned.
C:\WINNT\sdkhq32.dll -> Downloader.Agent.bc : Cleaned.
C:\WINNT\system32\msjd32.dll -> Downloader.Agent.bc : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\03149E83-58CC-4729-89D0-5C1AAE -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\111AD26B-9CC2-4CA0-BBAA-8692C8 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\189E9037-1424-405A-ADF6-328CAB -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\1BE5F6D5-65B7-4587-B786-67A9A5 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\1FD3C2D8-3026-4E86-AF29-6D8472 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\235BB3C5-BFDD-4DC7-A13E-E5A5F4 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\3DAC3183-AA7F-4100-AC12-286B84 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\4CBEE9C3-0F1E-4CFD-8165-7A4656 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\66FB038D-543A-4B8A-8CBB-B1237B -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\7027E9B3-6B89-48A6-A281-C961D2 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\7749CF88-5510-4971-AAF4-3C0D14 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\7ADB7B14-94C0-4A8A-9781-A2DD70 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\7B202EC4-0E69-45ED-895C-8D6D69 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\AF0304B1-4EF9-4EFE-BA30-3AD6BC -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\BF95E3AA-E06B-408B-9E8C-763278 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\C262E717-A23E-4B6C-832A-552302 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\CF806FBA-5CAB-4FBB-8932-239D9E -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\EE136E57-83BF-4866-92EF-FB85D5 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\F4FEE444-784C-4C76-B293-2EAD86 -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\FCB34EE2-73BC-4603-98D1-8E7577 -> Downloader.Agent.bq : Cleaned.
C:\WINNT\002337_.tmp:fpomkf -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Active Setup Log.txt:kplmqi -> Downloader.Agent.bq : Cleaned.
C:\WINNT\CTDV10K2.CDF:actsv -> Downloader.Agent.bq : Cleaned.
C:\WINNT\CTDV10K2.CDF:rjiqvm -> Downloader.Agent.bq : Cleaned.
C:\WINNT\CTDVAUDY.CDF:rosekt -> Downloader.Agent.bq : Cleaned.
C:\WINNT\DUMP4035.tmp:ggukrg -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Debug.ini:veqrvl -> Downloader.Agent.bq : Cleaned.
C:\WINNT\EReg206.dat:jstrqg -> Downloader.Agent.bq : Cleaned.
C:\WINNT\FaxSetup.log:xigsso -> Downloader.Agent.bq : Cleaned.
C:\WINNT\HPSETUP.INI:lgcpxq -> Downloader.Agent.bq : Cleaned.
C:\WINNT\KB834707.log:ojxnih -> Downloader.Agent.bq : Cleaned.
C:\WINNT\KB839643.log:qddepv -> Downloader.Agent.bq : Cleaned.
C:\WINNT\KB885250.log:oeojpv -> Downloader.Agent.bq : Cleaned.
C:\WINNT\KB885836.log:vmajc -> Downloader.Agent.bq : Cleaned.
C:\WINNT\KB890047.log:sxnrnt -> Downloader.Agent.bq : Cleaned.
C:\WINNT\MAXLINK.INI:tyfgnp -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Q308677.log:tqoxsh -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Q323172.log:lvjpdd -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Q324380.log:ngzmdc -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Q329170.log:gdltfs -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Q331953.log:prpks -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Q817606.log:bnosfn -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Q817606.log:enenws -> Downloader.Agent.bq : Cleaned.
C:\WINNT\River Sumida copy.psd:pfescw -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Santa Fe Stucco.bmp:yerrob -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Soap Bubbles.bmp:hgzyt -> Downloader.Agent.bq : Cleaned.
C:\WINNT\Soap Bubbles.bmp:kxvpi -> Downloader.Agent.bq : Cleaned.
C:\WINNT\_default.pif:otaqel -> Downloader.Agent.bq : Cleaned.
C:\WINNT\cmsetacl.log:nksnho -> Downloader.Agent.bq : Cleaned.
C:\WINNT\comsetup.log:yyepmw -> Downloader.Agent.bq : Cleaned.
C:\WINNT\control.ini:hbams -> Downloader.Agent.bq : Cleaned.
C:\WINNT\flsvw.dat:imabab -> Downloader.Agent.bq : Cleaned.
C:\WINNT\frigd.txt:hsllr -> Downloader.Agent.bq : Cleaned.
C:\WINNT\frigd.txt:hsllro -> Downloader.Agent.bq : Cleaned.
C:\WINNT\hpfsched.ini:woymte -> Downloader.Agent.bq : Cleaned.
C:\WINNT\jautoexp.dat:oiuqmo -> Downloader.Agent.bq : Cleaned.
C:\WINNT\jautoexp.dat:sqwkpr -> Downloader.Agent.bq : Cleaned.
C:\WINNT\qxquy.dat:ofzzxb -> Downloader.Agent.bq : Cleaned.
C:\WINNT\setupapi.log.0.old:wlvsvw -> Downloader.Agent.bq : Cleaned.
C:\WINNT\spupdsvc.log:aamgvh -> Downloader.Agent.bq : Cleaned.
C:\WINNT\taumon.INI:nqvduo -> Downloader.Agent.bq : Cleaned.
C:\WINNT\tavtm.log:vbgtbt -> Downloader.Agent.bq : Cleaned.
C:\WINNT\unwise.ini:byxabl -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.BAK:kdmgdj -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:ajijvh -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:auhhfc -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:ayxikj -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:bfrhmb -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:bsllvd -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:ccjchv -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:chynmk -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:cuqhzy -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:cvrnke -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:dawdee -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:dgsaxe -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:difmsq -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:elulxp -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:euyeir -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:eyyuoi -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:ficvc -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:ficvcl -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:fiuelg -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:fojlpu -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:folfxv -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:fwpnsa -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:ghwhyg -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:gtfyag -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:hjxwbf -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:hldvtj -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:hqjtfu -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:ijyngs -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:inrgbk -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:inxvgy -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:iqrrpd -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:jbcgyp -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:jgykyt -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:jjhkln -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:jskifm -> Downloader.Agent.bq : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:knawzu -> Downloader.Agent.bq : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\01013B0C-3263-4705-9AB4-ACBABB -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\0AF450EE-2D4C-45ED-81B9-4DAB5D -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\13B8E59C-0AD2-413D-9EB8-541CF6 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\1640EFC2-36BC-4C82-B8F7-6BFCFE -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\1DF54806-D80B-4F10-A3B4-99B017 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\395F8913-943B-4A30-A0B4-2DC258 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\39BC22A9-D14D-42C9-80D7-4D4D11 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\450AEF69-1DF7-4B95-B0A1-85FF0B -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\465D8002-0ED8-4F5E-A546-4ABAF1 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\4B04393A-6D7E-446E-A21C-2419B3 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\5461BAE2-BEB8-4385-B3DC-C0848D -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\58F9F019-473C-4926-A036-F340D5 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\598CB984-9D35-415D-8CFB-30A30C -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\63A7B311-01A6-4554-9696-E449BB -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\6765AEFE-BC86-4DBC-9157-186C15 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\6A4B8353-9B00-4089-8333-1EF5C9 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\6AB2D248-061A-4400-BA72-4C35D2 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\6B979D4F-B3F3-4067-9230-2A32CF -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\77C720A0-7BC6-4C0C-A9A7-45A22E -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\7B8A6053-AB42-4375-BC81-BA84A0 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\879CC8ED-13D2-4805-BF43-74E326 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\8A439057-7648-4217-AF26-515953 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\8A6963EC-7888-475F-A08A-28DB60 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\986FDF4A-B34A-429D-B795-1941E1 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\ABC69D02-3E5D-4F24-8708-52EFC6 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\B640DC72-AED4-4C58-A058-046D6E -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\BA833B93-B010-4F0F-9076-E50F0F -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\C6793F23-A6CA-4C6F-9BDD-A404EC -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\C75D1FEF-E8DE-482F-A0C4-E2C53F -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\C9D947BB-20E9-46FB-9522-40C722 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\E81FC0B2-0B2A-42F3-BEA7-2B6FC6 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\F25E5AAC-8447-4444-A1B8-82D67D -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\539107B1-D974-499C-8CCC-FFAE3E\F8992401-45C7-4D0D-B10E-C51DAD -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\01C6F162-041C-412F-88EC-693BFB -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\080FBDF4-E018-4049-80DD-990AB6 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\2703DAE9-BB10-489D-8D7B-DA2A7F -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\29AC94D5-014D-4AD2-80E2-AD0747 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\3F748094-770B-461C-A057-DFCBDB -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\411E1C0E-FDFB-4324-90E4-A10300 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\4C6214A7-6179-4C7F-9E4F-2436D1 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\6901E487-33B7-4512-9C99-8A5271 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\744C2996-9D11-4D5A-9B9C-55DE66 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\773D7575-AB98-415F-B17A-93DACE -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\778BE44A-E215-4D90-B5A5-7005EC -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\7A78699B-A714-499C-B5C2-276E80 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\8B346027-892F-4EA1-8872-55BC4A -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\A37EEBA5-1323-45C2-A481-8D11D5 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\A98FEEBD-1BF9-4893-A394-DCE8C8 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\AC6D59DB-C07B-4B80-958E-7E5ACA -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\AF7FF86B-2C15-414A-9EC5-0224D9 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\B35DF8E0-F96F-40C7-8588-F568A8 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\BAE21C04-52FB-4293-B9A0-7FD4F9 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\C485A1BC-5E1D-4F84-B848-506187 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\CA96442F-7757-45E6-AD7E-2313A3 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\CFF9B61B-B023-4705-902A-B09C83 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\E3665B16-7EAA-427D-AC0C-08AA85 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\EB312FED-B297-4F41-9B54-52AE1B -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\F552E094-3088-46AA-AFEF-8BAF28 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9748F7C5-FB08-4B7D-930A-FCB7DF\FF8CE953-2181-4305-987A-97D417 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\B1E3C0E4-0E03-45DF-829A-EE5F9C\10E81E85-BE64-4A3C-9047-170B1B -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\B1E3C0E4-0E03-45DF-829A-EE5F9C\2F853EB3-BE43-4B36-A16A-3B7D7C -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\B1E3C0E4-0E03-45DF-829A-EE5F9C\68653130-4751-47CE-B2BA-918897 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\B1E3C0E4-0E03-45DF-829A-EE5F9C\98CA870D-8267-4680-98EA-3D4709 -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\B1E3C0E4-0E03-45DF-829A-EE5F9C\AB6C0A58-9855-4436-BD5D-DED2BB -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\B1E3C0E4-0E03-45DF-829A-EE5F9C\E70222A5-8680-4EB4-9914-814ECB -> Downloader.Agent.jb : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\B1E3C0E4-0E03-45DF-829A-EE5F9C\F1378C6F-C79D-4EE0-8E78-365F5D -> Downloader.Agent.jb : Cleaned.
C:\WINNT\FaxSetup.log:khcpi -> Downloader.Agent.jb : Cleaned.
C:\WINNT\Q309521.log:eokhm -> Downloader.Agent.jb : Cleaned.
C:\WINNT\Q329048.log:dtjdbd -> Downloader.Agent.jb : Cleaned.
C:\WINNT\bootstat.dat:yyrrq -> Downloader.Agent.jb : Cleaned.
C:\WINNT\quark.ini:bzbjek -> Downloader.Agent.jb : Cleaned.
C:\WINNT\quark.ini:cvbnp -> Downloader.Agent.jb : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:flgeay -> Downloader.Agent.jb : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:hobye -> Downloader.Agent.jb : Cleaned.
C:\q123.vbs -> Downloader.Iwill.g : Cleaned.
C:\ntfirewall.exe -> Downloader.Small.mt : Cleaned.
C:\WINNT\system.ini:mayzjt -> Downloader.WinShow.ak : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:cenpum -> Downloader.WinShow.ak : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:czovcu -> Downloader.WinShow.ak : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:jnwsjl -> Downloader.WinShow.ak : Cleaned.
C:\WINNT\system32\blank.html -> Hijacker.Linker.j : Cleaned.
C:\ndfav.exe/blank.html -> Hijacker.Linker.j : Cleaned.
C:\staff.html -> Hijacker.Linker.j : Cleaned.
C:\svchosting.exe/staff.html -> Hijacker.Linker.j : Cleaned.
C:\WINNT\system32\stevej.exe -> Logger.Briss.h : Cleaned.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OF8HMXOP\mtrslib2[1].js -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temp\~145.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~1CB.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~1CD.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~1F8.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~49A.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~505.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~DD.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~E1.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~EB.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~EC.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~ED.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\Temp\~EE.tmp -> Proxy.Bobax.c : Cleaned.
C:\WINNT\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IV1X3K0O\65.140.130[1].gif -> Proxy.Bobax.c : Cleaned.
C:\WINNT\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IV1X3K0O\65.141.101[1].gif -> Proxy.Bobax.c : Cleaned.
C:\WINNT\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\PJQOMEA7\65.140.44[1].gif -> Proxy.Bobax.c : Cleaned.
C:\WINNT\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\PJQOMEA7\65.178.179[1].gif -> Proxy.Bobax.c : Cleaned.
C:\WINNT\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SXI7W5IB\65.141.184[1].gif -> Proxy.Bobax.c : Cleaned.
C:\WINNT\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\VHTNQQNZ\65.140.117[1].gif -> Proxy.Bobax.c : Cleaned.
C:\WINNT\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\VHTNQQNZ\65.140.54[1].gif -> Proxy.Bobax.c : Cleaned.
C:\WINNT\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\VHTNQQNZ\65.143.228[1].gif -> Proxy.Bobax.c : Cleaned.
:mozilla.13:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\fwxxxusn.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.15:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\fwxxxusn.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.6:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\fwxxxusn.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.7:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\fwxxxusn.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@counter12.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP843\A0214858.exe -> Trojan.Agent.bi : Cleaned.
C:\WINNT\BEFFIGO.ini:cvpmto -> Trojan.Agent.bi : Cleaned.
C:\WINNT\CSTBox.INI:znaqhi -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Cmousecc.ini:fxlksm -> Trojan.Agent.bi : Cleaned.
C:\WINNT\DUMP4074.tmp:yzieww -> Trojan.Agent.bi : Cleaned.
C:\WINNT\FaxSetup.log:lvvtwr -> Trojan.Agent.bi : Cleaned.
C:\WINNT\FaxSetup.log:qliwgr -> Trojan.Agent.bi : Cleaned.
C:\WINNT\FeatherTexture.bmp:wqiaub -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Gone Fishing.bmp:sfkjdf -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Greenstone.bmp:olyeag -> Trojan.Agent.bi : Cleaned.
C:\WINNT\KB823980.log:diucmu -> Trojan.Agent.bi : Cleaned.
C:\WINNT\KB824141.log:mnigdv -> Trojan.Agent.bi : Cleaned.
C:\WINNT\KB833330.log:ydsqnl -> Trojan.Agent.bi : Cleaned.
C:\WINNT\KB839643.log:ddlyti -> Trojan.Agent.bi : Cleaned.
C:\WINNT\KB887472.log:zxultj -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Q317277.log:svrjbt -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Q323172.log:dfhhjs -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Q323172.log:samsas -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Q328940.log:nksgli -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Q329390.log:ttbdhf -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Q329390.log:wluivn -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Q810577.log:jmvfkd -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Run32A50.mch:feyeuz -> Trojan.Agent.bi : Cleaned.
C:\WINNT\SYSINI.QTW:uydysl -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Santa Fe Stucco.bmp:emdavk -> Trojan.Agent.bi : Cleaned.
C:\WINNT\SchedLgU.Txt:dkcmtl -> Trojan.Agent.bi : Cleaned.
C:\WINNT\Sti_Trace.log:lavafg -> Trojan.Agent.bi : Cleaned.
C:\WINNT\TTINSTAL.INI:jerdnz -> Trojan.Agent.bi : Cleaned.
C:\WINNT\addow.exe -> Trojan.Agent.bi : Cleaned.
C:\WINNT\bxkjp.txt:ujzife -> Trojan.Agent.bi : Cleaned.
C:\WINNT\control.ini:ziqctc -> Trojan.Agent.bi : Cleaned.
C:\WINNT\d3hs.exe -> Trojan.Agent.bi : Cleaned.
C:\WINNT\dahotfix.log:cdymbj -> Trojan.Agent.bi : Cleaned.
C:\WINNT\dimfmobj.INI:nfbfpw -> Trojan.Agent.bi : Cleaned.
C:\WINNT\etxvi.txt:ninfym -> Trojan.Agent.bi : Cleaned.
C:\WINNT\iPlayer.INI:apdxvg -> Trojan.Agent.bi : Cleaned.
C:\WINNT\kwv2.dat:axubsm -> Trojan.Agent.bi : Cleaned.
C:\WINNT\m2khd.ini:dduucy -> Trojan.Agent.bi : Cleaned.
C:\WINNT\netzv32.exe -> Trojan.Agent.bi : Cleaned.
C:\WINNT\pifqy.txt:jpvrxw -> Trojan.Agent.bi : Cleaned.
C:\WINNT\quark.ini:elbagk -> Trojan.Agent.bi : Cleaned.
C:\WINNT\setuplog.txt:phcbbx -> Trojan.Agent.bi : Cleaned.
C:\WINNT\system32\mszq32.exe -> Trojan.Agent.bi : Cleaned.
C:\WINNT\system32\sdknb32.exe -> Trojan.Agent.bi : Cleaned.
C:\WINNT\ukosk.txt:jxevhb -> Trojan.Agent.bi : Cleaned.
C:\WINNT\wplog.txt:drxgiy -> Trojan.Agent.bi : Cleaned.
C:\WINNT\ziqct.log:rcttjy -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.BAK:agvatq -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:agmpsd -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:bfhxlo -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:bphjec -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:bvuznx -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:coivzd -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:cqbkuu -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:dcbrfm -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:dcokqt -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:dpvsel -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:ducfec -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:eeuhiq -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:encbac -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:fivdas -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:fpqxmu -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:gxpkip -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:hsdizy -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:hznnne -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:iiearo -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:iiiikh -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:imizwp -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:itxuls -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:ixmdqy -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:jarasr -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:jfgcsq -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:jggaki -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:jtxbfn -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:kbrwft -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:kifwcr -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:kqtcop -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:kuhiqb -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:lgavdc -> Trojan.Agent.bi : Cleaned.
C:\WINNT\{00000002-00000000-0000000C-00001102-00000004-00581102}.CDF:lhnyyf -> Trojan.Agent.bi : Cleaned.
C:\35er.exe/re11.REG -> Trojan.LowZones.a : Cleaned.
C:\WINNT\system32\re11.REG -> Trojan.LowZones.a : Cleaned.
C:\YEA.REG -> Trojan.LowZones.a : Cleaned.
C:\me832.exel/re11.REG -> Trojan.LowZones.a : Cleaned.
C:\ndfav.exe/re11.REG -> Trojan.LowZones.a : Cleaned.
C:\sservicesr.exe/YEA.REG -> Trojan.LowZones.a : Cleaned.
C:\svchosting.exe/YEA.REG -> Trojan.LowZones.a : Cleaned.
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP843\A0214860.exe -> Worm.Sasser.a : Cleaned.
C:\WINNT\system32\30641_up.exe -> Worm.Sasser.a : Cleaned.
C:\WINNT\system32\9378_up.exe -> Worm.Sasser.a : Cleaned.


::Report end
[ + quote]
Advertisement
_ 		__
 
_
Niobis
Senior Member
_ 		30. August 2006 @ 00:59 _ Link to this message    Send private message to this user   
Sorry for the late reply!

Run a scan only with HijackThis, check to fix these.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.amazingdietpatches.com;*.casalemedia.com;*.clickagents.com;*.consumerincentivepromotions.com;*.expedia.com;*.kanoodle.com;*.netzero.net;*.offeroptimizer.com;*.oinadserve.com;*.orexis.com;*.overture.com;*.realmedia.com;*.rn11.com;*.tmsquared.com;*.yoursmartrewards.com;*.zedo.com;64.136.29.30;64.136.21.30;64.136.29.34;amazingdietpatches.com;casalemedia.com;clickagents.com;consumerincentivepromotions.com;expedia.com;kanoodle.com;netzero.net;offeroptimizer.com;oinadserve.com;orexis.com;overture.com;realmedia.com;rn11.com;searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*.pogo.com;*.worldwinner.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;*photosite.com;*.dir.untd.com;*.prod.untd.com;tmsquared.com;yoursmartrewards.com;zedo.com;<local>

O2 - BHO: (no name) - {AD05DCB9-2E19-88A3-BD62-593712D7D089} - C:\WINNT\system32\appqh32.dll (file missing)

O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)

How are things now?
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > do i need zcom_ad
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork