Sessieloubob
2006-07-17, 07:39
Thank you very much for all the info, it was all very useful, effective, and much appreciated. Here are the logs from the scans.
Logfile of HijackThis v1.99.1
Scan saved at 11:03:20 PM, on 16/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\TClock\TClock.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Roy Smith\Desktop\HijackThis\HijackThis.exe
SmitFraudFix v2.72
Scan done at 21:29:40.48, 16/07/2006
Run from C:\Documents and Settings\Roy Smith\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\ishost.exe FOUND !
C:\WINDOWS\system32\ismon.exe FOUND !
C:\WINDOWS\system32\isnotify.exe FOUND !
C:\WINDOWS\system32\issearch.exe FOUND !
C:\WINDOWS\system32\ixt?.dll FOUND !
C:\WINDOWS\system32\ixt??.dll FOUND !
C:\WINDOWS\system32\ts.ico FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Roy Smith\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
C:\WINDOWS\Antivirus Test Online.url FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\Malware-Wipe\ FOUND !
C:\Program Files\SpyQuake2.com\ FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}"
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 10:33:11 PM 16/07/2006
+ Scan result:
HKU\S-1-5-21-602162358-436374069-1060284298-1004\Software\Hotbar -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-602162358-436374069-1060284298-1004\Software\Hotbar\Common -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-602162358-436374069-1060284298-1004\Software\Hotbar\Common\updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : Cleaned with backup (quarantined).
C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
[204] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[252] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[264] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[420] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[472] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[516] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[732] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
HKLM\SOFTWARE\Classes\AppID\{4F5E5D72-C915-4f3b-908B-527D064B0FAA} -> Adware.SysProtect : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{EF130E77-0A34-4365-BFB7-218FD3DDCD5F} -> Adware.SysProtect : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Interface\{02946FD1-2D99-46E6-A790-3A089714EDD9} -> Adware.SysProtect : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TypeLib\{7EACF70B-302F-4049-AC68-2D62EB43E473} -> Adware.SysProtect : Cleaned with backup (quarantined).
C:\WINDOWS\system32\awtrq.dll.vir -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\vtutqpp.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\Documents and Settings\Roy Smith\Local Settings\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\Cache\71F545FEd01 -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\Documents and Settings\Roy Smith\Local Settings\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\Cache\B23E4567d01 -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\Documents and Settings\Roy Smith\Local Settings\Temp\ICD4.tmp\USYP_0001_N85M2606NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\Documents and Settings\Roy Smith\Local Settings\Temp\ICD5.tmp\USYP_0001_N85M2606NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N85M2606NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA6P_0001_N85M0307NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA6P_0001_N85M0307NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\USYP_0001_N85M2606NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N85M0307NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\4db7490422ab945c2bb1ac09b4a44ee6_35.exe -> Downloader.Small.bwy : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.a : Ignored.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Ignored.
C:\WINDOWS\system32\components\flx5.dll -> Not-A-Virus.Hoax.Win32.Renos.dw : Ignored.
:mozilla.101:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.86:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@abetterinternet[1].txt -> TrackingCookie.Abetterinternet : Cleaned.
:mozilla.34:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.147:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.148:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.68:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.167:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@cliks[2].txt -> TrackingCookie.Cliks : Cleaned.
:mozilla.55:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.166:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.108:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.112:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.146:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.133:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.134:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.65:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.66:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.67:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.10:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.11:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.12:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.13:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.14:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.15:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.16:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.9:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@starware[2].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.157:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.158:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.165:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.171:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.172:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.83:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.84:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.85:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.150:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.151:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\system32\wincnh32.dll -> Trojan.Mezzia : Cleaned with backup (quarantined).
C:\Program Files\Common Files\{244CBE69-03B0-1033-0103-031228200002}\Update.exe -> Trojan.Starter.65 : Cleaned with backup (quarantined).
::Report end
Logfile of HijackThis v1.99.1
Scan saved at 11:03:20 PM, on 16/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\TClock\TClock.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Roy Smith\Desktop\HijackThis\HijackThis.exe
SmitFraudFix v2.72
Scan done at 21:29:40.48, 16/07/2006
Run from C:\Documents and Settings\Roy Smith\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\ishost.exe FOUND !
C:\WINDOWS\system32\ismon.exe FOUND !
C:\WINDOWS\system32\isnotify.exe FOUND !
C:\WINDOWS\system32\issearch.exe FOUND !
C:\WINDOWS\system32\ixt?.dll FOUND !
C:\WINDOWS\system32\ixt??.dll FOUND !
C:\WINDOWS\system32\ts.ico FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Roy Smith\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
C:\WINDOWS\Antivirus Test Online.url FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\Malware-Wipe\ FOUND !
C:\Program Files\SpyQuake2.com\ FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}"
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 10:33:11 PM 16/07/2006
+ Scan result:
HKU\S-1-5-21-602162358-436374069-1060284298-1004\Software\Hotbar -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-602162358-436374069-1060284298-1004\Software\Hotbar\Common -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-602162358-436374069-1060284298-1004\Software\Hotbar\Common\updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : Cleaned with backup (quarantined).
C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
[204] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[252] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[264] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[420] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[472] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[516] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
[732] C:\WINDOWS\system32\attrib.dll -> Adware.PurityScan : Error during cleaning.
HKLM\SOFTWARE\Classes\AppID\{4F5E5D72-C915-4f3b-908B-527D064B0FAA} -> Adware.SysProtect : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{EF130E77-0A34-4365-BFB7-218FD3DDCD5F} -> Adware.SysProtect : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Interface\{02946FD1-2D99-46E6-A790-3A089714EDD9} -> Adware.SysProtect : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TypeLib\{7EACF70B-302F-4049-AC68-2D62EB43E473} -> Adware.SysProtect : Cleaned with backup (quarantined).
C:\WINDOWS\system32\awtrq.dll.vir -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\vtutqpp.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\Documents and Settings\Roy Smith\Local Settings\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\Cache\71F545FEd01 -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\Documents and Settings\Roy Smith\Local Settings\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\Cache\B23E4567d01 -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\Documents and Settings\Roy Smith\Local Settings\Temp\ICD4.tmp\USYP_0001_N85M2606NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\Documents and Settings\Roy Smith\Local Settings\Temp\ICD5.tmp\USYP_0001_N85M2606NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USYP_0001_N85M2606NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA6P_0001_N85M0307NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA6P_0001_N85M0307NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\USYP_0001_N85M2606NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N85M0307NetInstaller.exe -> Downloader.Agent.alr : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\4db7490422ab945c2bb1ac09b4a44ee6_35.exe -> Downloader.Small.bwy : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.a : Ignored.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Ignored.
C:\WINDOWS\system32\components\flx5.dll -> Not-A-Virus.Hoax.Win32.Renos.dw : Ignored.
:mozilla.101:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.86:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@abetterinternet[1].txt -> TrackingCookie.Abetterinternet : Cleaned.
:mozilla.34:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.147:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.148:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.68:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.167:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@cliks[2].txt -> TrackingCookie.Cliks : Cleaned.
:mozilla.55:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.166:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.108:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.112:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.146:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.133:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.134:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.65:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.66:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.67:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.10:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.11:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.12:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.13:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.14:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.15:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.16:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.9:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@starware[2].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.157:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.158:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.165:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.171:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.172:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.83:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.84:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.85:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Roy Smith\Local Settings\Temp\Cookies\roy smith@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.150:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.151:C:\Documents and Settings\Roy Smith\Application Data\Mozilla\Firefox\Profiles\3z15n7sy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\system32\wincnh32.dll -> Trojan.Mezzia : Cleaned with backup (quarantined).
C:\Program Files\Common Files\{244CBE69-03B0-1033-0103-031228200002}\Update.exe -> Trojan.Starter.65 : Cleaned with backup (quarantined).
::Report end