Virus i can't get rid of... HELP PLEASE

L

lloyd

New Member
ewido report part 1

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 21:47:20, 26/08/2005
+ Report-Checksum: C851A223

+ Scan result:

HKLM\SOFTWARE\Classes\Interface\{8578D35E-C6C0-4808-9A80-0F6C29A2C423} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\ShopperReports -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\ShopperReports\cs -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-3797076284-2423628624-2075888198-1005\Software\ShopperReports -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-3797076284-2423628624-2075888198-1005\Software\ShopperReports\cs -> Spyware.HotBar : Cleaned with backup
C:\WINDOWS\system32\drivers\kbfiltr.sys -> TrojanSpy.Xpasslogger : Cleaned with backup
C:\WINDOWS\system32\ShellExt\aOVgDuHSbe.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\aFIACXm.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\aRKwBIVI.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\alWV51lDFz.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\anJx.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\aaE.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\aBUCQ7pArUw.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\aO5tKl7Jw.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\aH0x40vWV.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\aDEhBiTR6x.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\amZ.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\ShellExt\alYS5vft.EXE -> Trojan.Delf.bj : Cleaned with backup
C:\WINDOWS\system32\7k2a86.exe -> Trojan.Delf.cf : Cleaned with backup
C:\WINDOWS\system32\rqu.sys -> Trojan.Delf.cf : Cleaned with backup
C:\WINDOWS\system32\737.exe -> Trojan.Delf.cf : Cleaned with backup
C:\WINDOWS\system32\bUS.dll -> TrojanDropper.Small.abd : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\ringtone.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ringtone.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\WINDOWS\rqu.sys -> Trojan.Delf.cf : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\My Documents\My Received Files\GHOST.exe/hauntpc.exe -> Not-A-Virus.Joke.Hauntpc : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\My Documents\My Received Files\carm down song.exe/hauntpc.exe -> Not-A-Virus.Joke.Hauntpc : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd [email protected][2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd [email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd [email protected][1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@bfast[2].txt -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd [email protected][1].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@adviva[2].txt -> Spyware.Cookie.Adviva : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@targetnet[2].txt -> Spyware.Cookie.Targetnet : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@adorigin[1].txt -> Spyware.Cookie.Adorigin : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd [email protected][2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd eagles@advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd [email protected][2].txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd [email protected][2].txt -> Spyware.Cookie.Etracker : Cleaned with backup
C:\Documents and Settings\Lloyd Eagles\Cookies\lloyd [email protected][1].txt -> Spyware.Cookie.Clickhype : Cleaned with backup
C:\Documents and Settings\abby\Local Settings\Temp\targetsaver.exe -> TrojanDownloader.TSUpdate.f : Cleaned with backup
C:\Documents and Settings\abby\Local Settings\Temp\GLF17GLF17.EXE -> TrojanDownloader.TSUpdate.f : Cleaned with backup
C:\Documents and Settings\abby\Local Settings\Temp\iFA.tmp -> TrojanDownloader.Small.wk : Cleaned with backup
C:\Documents and Settings\abby\Local Settings\Temp\ICD1.tmp\hbinstie.dll -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Local Settings\Temp\rqu.sys -> Trojan.Delf.cf : Cleaned with backup
C:\Documents and Settings\abby\Cookies\geoff [email protected][1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\abby\Cookies\geoff wiseman@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\abby\Cookies\geoff [email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\reports.txt -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_511745-514279.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Games.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hide.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hotmail.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Mails.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_SearchBoxTrapper.mnu -> Spyware.HotBar : Cleaned with backup
 
L

lloyd

New Member
part 2

C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_categorize.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_comparison.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-Mails.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-people.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_favorites.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hotbarcom.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hsskin.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_new.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_premium.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_ringtone.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchfor.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchgo.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_weather.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_yellowpages.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\Top7_theweb.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\ads.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\components.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_1000.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_2000.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_3000.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bar.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar1.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar10.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar11.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar12.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar13.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar14.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar2.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar3.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar4.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar5.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar6.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar7.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar8.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar9.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_logos.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_other.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_x.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_weather.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\default.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\email-def-511724-9595.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\email-t1-bg.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar-premium-hotbar-premium.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar-premium.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar_promo.htm -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\icons2.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords.idx -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords1.dat -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_idx.idx -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_sdf.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\layout.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\linkpathlegal.txt -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\progress.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\s_icons_buttons.res -> Spyware.HotBar : Cleaned with backup
 
L

lloyd

New Member
part 3

C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\t2_bg.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\theweb.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\top7.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\1\tsd_bg.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.txt -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\linkpathlegal.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords1.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_2000.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_3000.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_logos.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_other.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_weather.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\tsd_bg.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\t2_bg.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\progress.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_sdf.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_idx.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bar.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar2.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar3.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar4.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar5.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar6.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar7.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar8.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar9.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar10.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar11.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_x.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar12.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar13.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar14.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\business_promo.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\icons2.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ads.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar-premium.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_511745-514279.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Games.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hide.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hotmail.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Mails.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_SearchBoxTrapper.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_comparison.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-Mails.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-people.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hotbarcom.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_new.mnu -> Spyware.HotBar : Cleaned with backup
 
L

lloyd

New Member
5

C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\86379 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35000 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\49587 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\52253 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64429 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\9313 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387544.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\1.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\hstat -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\hstat\31ff.dat -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\ASPL1.dat -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055531.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\1056045.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\819382.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\412570.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\534912.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\1401904.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383704.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\1403389.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\2885061.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\Hotbar\dynamic\1224397.sdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\HostOL -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\HostOL\static -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\HostOL\dynamic -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\HostOI -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\HostOI\static -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\v3.0\HostOI\dynamic -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\IESkins -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\eskin -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\eskin\empty_bg_st.htm -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\Hotbar\eskin\FileManager.txt -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\dwld -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\persist.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\Config.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\report -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\report\ag.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\report\ag.xml.db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\report\Header.xml -> Spyware.HotBar : Cleaned with backup
 
L

lloyd

New Member
6

C:\Documents and Settings\abby\Application Data\ShopperReports\cs\report\send.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\report\send.xml.db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\db\Aliases.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\db\Sites.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\res1 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\cs\res1\whitelist.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\abby\Application Data\ShopperReports\shprrprt.log -> Spyware.HotBar : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4EBAC9F5-D7B4-44F8-9EC7-397404\A20BD4F8-7C14-41A8-B94C-2988FE -> Spyware.TimeSink : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\CEFE9186-D8D4-400F-AD80-069675\B728EA09-BD99-47C2-80E5-9405C0 -> Spyware.TimeSink : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\51C9C12A-E6CC-4E52-88C7-E9555E\57067B86-482B-4BED-BB39-4B6CB1 -> Spyware.WebHancer : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\51C9C12A-E6CC-4E52-88C7-E9555E\0FBBE928-0282-4034-ADAA-1EE1DE -> Spyware.WebHancer : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq18.tmp -> TrojanDownloader.TSUpdate.f : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2F.tmp -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq30.tmp -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq31.tmp -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq32.tmp -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq35.tmp -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq36.tmp -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq38.tmp -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq64.tmp -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq66.tmp -> Spyware.Cookie.Adviva : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq67.tmp -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq68.tmp -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq69.tmp -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6A.tmp -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6B.tmp -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq16.tmp -> Spyware.MyWebSearch : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq25.tmp -> Spyware.MyWebSearch : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq27.tmp -> Spyware.MyWebSearch : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq28.tmp -> Spyware.MyWebSearch : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq29.tmp -> Spyware.Wesbar : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD.tmp -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE.tmp -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF.tmp -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq10.tmp -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2.tmp -> Spyware.Cookie.Adviva : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3.tmp -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3A.tmp -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3D.tmp -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7.tmp -> TrojanDropper.Delf.ev : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8.tmp -> Spyware.Cookie.Gator : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9.tmp -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA.tmp -> Spyware.Cookie.Targetnet : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5.tmp -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6.tmp -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2C.tmp -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2D.tmp -> Spyware.Cookie.Questionmarket : Cleaned with backup
 
L

lloyd

New Member
last but least 7

C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2E.tmp -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq40.tmp -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq41.tmp -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq42.tmp -> Spyware.Cookie.Targetnet : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq43.tmp -> TrojanDownloader.Rameh.c : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\20041220174655.zip/WINDOWS/system32/ATPartners.dll -> TrojanDownloader.Rameh.c : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4D.tmp -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4E.tmp -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq420.tmp -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq50.tmp -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq55.tmp -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5D.tmp -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF0.tmp -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq61.tmp -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq62.tmp -> Spyware.Cookie.Spylog : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6C.tmp -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6D.tmp -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6E.tmp -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6F.tmp -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq70.tmp -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq75.tmp -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq76.tmp -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7F.tmp -> Adware.SaveNow : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq17.tmp -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7D.tmp -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq80.tmp -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq83.tmp -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq84.tmp -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq85.tmp -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq87.tmp -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq88.tmp -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq89.tmp -> Spyware.Cookie.247realmedia : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8B.tmp -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8C.tmp -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8E.tmp -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq92.tmp -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq96.tmp -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq97.tmp -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq98.tmp -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq99.tmp -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9A.tmp -> Spyware.Cookie.Adserver : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP182\A0201006.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP186\A0205336.dll -> TrojanSpy.Perfectkeylogger.Ad : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP187\A0209606.dll -> TrojanSpy.Perfectkeylogger.Ad : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP190\A0233570.DLL -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP195\A0248364.dll -> TrojanSpy.Delf.fk : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP195\A0248373.dll -> TrojanSpy.Delf.fk : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP197\A0251583.DLL -> Spyware.Hijacker.Generic : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP200\A0263732.dll -> TrojanSpy.Delf.fk : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP200\A0263756.dll -> TrojanSpy.Delf.fk : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP200\A0263842.DLL -> TrojanSpy.Delf.fk : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP202\A0272177.dll -> TrojanSpy.Delf.fk : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP202\A0272190.dll -> TrojanSpy.Delf.fk : Cleaned with backup
C:\System Volume Information\_restore{5E98F68A-5D11-44AB-A2D5-D00686D28292}\RP207\A0279627.dll -> TrojanSpy.Delf.fk : Cleaned with backup


::Report End
 
Buzz1927

Buzz1927

Digaredd
lloyd, is this your's or your mate's? don't post another Ewido report, it's far too long. I was expecting something shorter.
 
Buzz1927

Buzz1927

Digaredd
Alright, let's deal with this first (before your mates)

Run Hijackthis and check these lines (remove anything to do with supanet if you know what it is).


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.supanet.com/search/iepanel/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.supanet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.supanet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tesco.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = mirs Internet Explorer
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.supanet.com/
O16 - DPF: {11111111-1111-1111-1111-111191113457} - file://c:\ied_s7.cab
O16 - DPF: {11111111-1111-1111-1111-511111193457} - file://c:\x.cab
O16 - DPF: {11111111-1111-1111-1111-511111193458} - file://c:\x.cab
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - (no file)

Close all windows, apart from hijackthis, and hit "fix checked".

Then find and delete these folders\files, if they still exist.


C:\Program Files\PartyPoker
c:\ied_s7.cab
c:\x.cab

Then reboot and post a new Hijackthis log.
 
L

lloyd

New Member
ok sorry. this is my one... i dont even want to begin to see what my mates is like.. he has 2436 infections now...
 
L

lloyd

New Member
supanet is my email provider thing... so you want me to check these lines with a tick..and click fix..apart from supanet?
 
L

lloyd

New Member
hijack this 2

Logfile of HijackThis v1.99.1
Scan saved at 23:47:25, on 26/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\YAHOO!\browser\ycommon.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.supanet.com/search/iepanel/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.supanet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.supanet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_2_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.supanet.com/
O15 - Trusted Zone: http://register-tesco.qa.business.ntl.com
O15 - Trusted Zone: http://memberservices.tesco.net
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1102807997265
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Net MD Simple Burner Service (NetMDSB) - Unknown owner - C:\Program Files\Sony\Net MD Simple Burner\NetMDSB.exe (file missing)
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
 
You must log in or register to reply here.
Top