Detected a virus

martyb · Feb 21, 2006

It's not my computer, but i need to fix it.
XP home and all the security update's are downloaded.
AVG Antivirus, Spybot search and destroy, Ad-Aware and Xoftspy.
I run them once a week but a few thing's have stopped working.
The printer's not working, AOL explorer's the same.
I ran an online virus check and it came up with this.

Scan report generated at: Tue, Feb 21, 2006 - 20:41:18

Scan path: A:\;C:\;D:\;E:\;G:\;H:\;I:\;J:\;

Statistics
Time 01:07:27
Files 335340
Folders 5919
Boot Sectors 2
Archives 8691
Packed Files 31751

Results
Identified Viruses 4
Infected Files 6
Suspect Files 2
Warnings 0
Disinfected 0
Deleted Files 8

Engines Info
Virus Definitions 274215
Engine build AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins 13
Archive plugins 39
Unpack plugins 4
E-mail plugins 6
System plugins 1

Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes

Scanned File Status
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034=>(CAB Sfx r)=>Save.exe Detected with: Adware.Whenu.A
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034=>(CAB Sfx r)=>Save.exe Disinfection failed
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034=>(CAB Sfx r)=>Save.exe Deleted
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034=>(CAB Sfx r) Update failed
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034=>(CAB Sfx r) Infected with: Trojan.Whenu.C
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034=>(CAB Sfx r) Disinfection failed
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034=>(CAB Sfx r) Deleted
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034 Update failed
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034=>(CAB Sfx r) Infected with: Trojan.Whenu.C
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034=>(CAB Sfx r) Disinfection failed
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034=>(CAB Sfx r) Deleted
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0034 Update failed
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0035 Detected with: Application.Adware.NewDotNet.Dropper
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe=>wise0035 Deleted
C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe Update failed
C:\Program Files\EPSON\EPSON Stylus Photo 900\EPISME02.SWB Suspected of: Exploit.Win32.MS06-005.Gen
C:\Program Files\EPSON\EPSON Stylus Photo 900\EPISME02.SWB Disinfection failed
C:\Program Files\EPSON\EPSON Stylus Photo 900\EPISME02.SWB Deleted
C:\System Volume Information\_restore{94D11BF6-63FD-4C4E-8178-65FC4931495B}\RP674\A0220703.SWB Suspected of: Exploit.Win32.MS06-005.Gen
C:\System Volume Information\_restore{94D11BF6-63FD-4C4E-8178-65FC4931495B}\RP674\A0220703.SWB Disinfection failed
C:\System Volume Information\_restore{94D11BF6-63FD-4C4E-8178-65FC4931495B}\RP674\A0220703.SWB Deleted
C:\My Downloads\daniel\---===== shayne thats's my goal.rar=>setup.exe=>(NSIS o)=>lzma_nsis0004 Infected with: Trojan.Downloader.Istbar.NN
C:\My Downloads\daniel\---===== shayne thats's my goal.rar=>setup.exe=>(NSIS o)=>lzma_nsis0004 Disinfection failed
C:\My Downloads\daniel\---===== shayne thats's my goal.rar=>setup.exe=>(NSIS o)=>lzma_nsis0004 Deleted
C:\My Downloads\daniel\---===== shayne thats's my goal.rar=>setup.exe=>(NSIS o) Update failed
C:\My Downloads\daniel\shayne thats's my goal.ace=>setup.exe=>(NSIS o)=>lzma_nsis0004 Infected with: Trojan.Downloader.Istbar.NN
C:\My Downloads\daniel\shayne thats's my goal.ace=>setup.exe=>(NSIS o)=>lzma_nsis0004 Disinfection failed
C:\My Downloads\daniel\shayne thats's my goal.ace=>setup.exe=>(NSIS o)=>lzma_nsis0004 Deleted
C:\My Downloads\daniel\shayne thats's my goal.ace=>setup.exe=>(NSIS o) Update failed

Is this what's wrong with it, and if so how do i get rid of it. Or is bitdefender a load of rubbish?

talldude123 · Feb 21, 2006

try using another antivirus, such as AVG or Avast, they're free.

Also scan for spyware with Spybot and Ad-Aware

martyb · Feb 21, 2006

Did you read my post, I'm using AVG,spybot and Ad-Aware already.

MicroBell · Feb 23, 2006

Screensavers:

*Note* There is no such thing as FREE screensavers. 99% contain not only the screen saver but adware/spyware in it as well. This is likely how you got infected and it says so in your logs.

C:\Documents and Settings\Nichola\My Documents\Examples\fish screensaver.exe <--delete that file

C:\My Downloads\daniel\shayne thats's my goal.rar <--delete that file.

Perform an online scan with Internet Explorer with Panda ActiveScan
** click on "Free use ActiveScan" located on the top right hand corner

Click Check Now & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
Enter your e-mail address, country, and state & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls

Begin the scan by selecting My Computer

If it finds any malware, it will offer you a report.
[*] Please ignore any entry it finds and wants you to buy the program for removal as we will address this later.
[*] Click on see report. Then click Save report

Please post that log in your next reply.

martyb · Feb 23, 2006

Thank you my friend i'm doing that just now.
I'll post the log shortly

martyb · Feb 23, 2006

Here's the log.

Incident Status Location

Adware:adware/swimsuitnetwork Not disinfected C:\WINDOWS\SYSTEM32\MYDLL.dll
Adware:adware/searchrelevancy Not disinfected C:\PROGRAM FILES\SearchRelevant
Adware:adware/wupd Not disinfected Windows Registry
Potentially unwanted tool:application/myway Not disinfected HKEY_CLASSES_ROOT\CLSID\{66FC8717-EFA7-4546-8C4A-E224F3A80C76}
Adware:adware/sahagent Not disinfected Windows Registry
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ask[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@belnk[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@com[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@fastclick[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@dist.belnk[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@dist.belnk[4].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@go[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@bluestreak[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@adopt.hbmediapro[4].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@banner[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xiti[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@winfixer[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@adopt.hbmediapro[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@112.2o7[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xmts[2].txt
Spyware:Cookie/Errorguard Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@errorguard[1].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@www.myaffiliateprogram[2].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@did-it[2].txt
Spyware:Cookie/Kount Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@kount[2].txt
Spyware:Cookie/SpywareStormer Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@spywarestormer[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@serving-sys[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@searchportal.information[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@burstnet[2].txt
Spyware:Cookie/Microsofte Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@microsofteup.112.2o7[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xiti[3].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xiti[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@com[3].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@did-it[3].txt
Spyware:Cookie/Servlet Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@servlet[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@as-us.falkag[1].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@yadro[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@belnk[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ath.belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@dist.belnk[1].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@banner[2].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@fe.lea.lycos[1].txt
Spyware:Cookie/web-stat Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@www.web-stat[2].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xmts[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@toplist[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@casalemedia[2].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@offeroptimizer[1].txt
Spyware:Cookie/Paypopup Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@paypopup[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@2o7[1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@go[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@fe.lea.lycos[2].txt
Spyware:Cookie/GoClick Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@c.goclick[2].txt
Spyware:Cookie/Affiliate fuel Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@www.affiliatefuel[1].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ask[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@adopt.hbmediapro[3].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ad.yieldmanager[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@burstnet[3].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@www.burstbeacon[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@112.2o7[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@tribalfusion[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@burstnet[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ad.yieldmanager[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@com[4].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@stats1.reliablestats[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xmts[3].txt
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@stat.onestat[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@adtech[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@media.fastclick[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@www.burstbeacon[3].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ask[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@belnk[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@com[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@fastclick[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@dist.belnk[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@dist.belnk[4].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@go[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@bluestreak[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@adopt.hbmediapro[4].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@banner[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xiti[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@winfixer[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@adopt.hbmediapro[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@112.2o7[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xmts[2].txt
Spyware:Cookie/Errorguard Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@errorguard[1].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@www.myaffiliateprogram[2].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@did-it[2].txt
Spyware:Cookie/Kount Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@kount[2].txt
Spyware:Cookie/SpywareStormer Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@spywarestormer[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@serving-sys[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@searchportal.information[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@burstnet[2].txt
Spyware:Cookie/Microsofte Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@microsofteup.112.2o7[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xiti[3].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xiti[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@com[3].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@did-it[3].txt
Spyware:Cookie/Servlet Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@servlet[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@as-us.falkag[1].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@yadro[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@belnk[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ath.belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@dist.belnk[1].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@banner[2].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@fe.lea.lycos[1].txt
Spyware:Cookie/web-stat Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@www.web-stat[2].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xmts[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@toplist[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@casalemedia[2].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@offeroptimizer[1].txt
Spyware:Cookie/Paypopup Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@paypopup[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@2o7[1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@go[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@fe.lea.lycos[2].txt
Spyware:Cookie/GoClick Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@c.goclick[2].txt
Spyware:Cookie/Affiliate fuel Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@www.affiliatefuel[1].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ask[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@adopt.hbmediapro[3].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ad.yieldmanager[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@burstnet[3].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@www.burstbeacon[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@112.2o7[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@tribalfusion[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@burstnet[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ad.yieldmanager[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@com[4].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@stats1.reliablestats[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@xmts[3].txt
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@stat.onestat[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@adtech[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@media.fastclick[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@www.burstbeacon[3].txt
Adware:Adware/ClockSync Not disinfected C:\Documents and Settings\Natasha king\Local Settings\Temp\VVSNInst.exe
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@questionmarket[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@[url]www.burstbeacon[/url][1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@xmts[2].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@2o7[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@adtech[2].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@go[2].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@go[3].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@ath.belnk[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@xmts[3].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@ask[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@belnk[2].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@z1.adserver[1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@go[1].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@ask[3].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@zedo[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@searchportal.information[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@burstnet[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@adopt.hbmediapro[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@ad.yieldmanager[1].txt
Spyware:Cookie/Paypopup Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@paypopup[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@winfixer[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@dist.belnk[1].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@offeroptimizer[2].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@xmts[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@dist.belnk[3].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@burstnet[3].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@casalemedia[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@[url]www.burstbeacon[/url][2].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@yadro[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@stats1.reliablestats[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@statcounter[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@tradedoubler[1].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@i.screensavers[1].txt
Spyware:Cookie/Affiliate fuel Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@[url]www.affiliatefuel[/url][1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@adopt.hbmediapro[3].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@serving-sys[4].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@112.2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@ad.yieldmanager[3].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@com[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@tribalfusion[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@as-us.falkag[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@bluestreak[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Natasha king\Cookies\natasha king@burstnet[1].txt
Adware:Adware/SaveNow Not disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\7F409A5B-1D19-4AE0-B820-46FCB3\EA983344-8086-496D-B45E-D10DFD
Adware:Adware/WinTools Not disinfected C:\Program Files\NevLogoDesktop\insthlp.dat
Adware:Adware/SearchRelevancy Not disinfected C:\Program Files\SearchRelevant\SearchRelevant.dll
Adware:Adware/IST.ISTBar Not disinfected C:\My Downloads\daniel\---===== shayne thats's my goal.rar[setup.exe]
Adware:Adware/IST.ISTBar Not disinfected C:\My Downloads\daniel\shayne thats's my goal.ace[setup.exe]

MicroBell · Feb 23, 2006

Download and install Cleanup but DO NOT run it yet!

Download KillBox http://www.bleepingcomputer.com/files/spyware/KillBox.zip

Download, install, and update Ewido Security Suite

Install ewido security suite
Launch ewido, there should be a big E icon on your desktop, double-click it.
The program will prompt you to update click the OK button
The program will now go to the main screen

You will need to update ewido to the latest definition files.

On the left hand side of the main screen click update
Click on Start

The update will start and a progress bar will show the updates being installed.
After the updates are installed, exit Ewido

Open add/remove programs and remove the following IF listed.

NevLogoDesktop
SearchRelevancy

Run KILL box. Paste the following locations into KILL BOX one at a time. Checkmark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletionÂ…say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot.

C:\WINDOWS\SYSTEM32\MYDLL.dll
C:\PROGRAM FILES\SearchRelevant
C:\My Downloads\daniel\---===== shayne thats's my goal.rar
C:\Program Files\NevLogoDesktop\insthlp.dat
C:\My Downloads\daniel\shayne thats's my goal.ace

If you get a "Pending File" message...reboot manaully.

Once you reboot......

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:

Empty Recycle Bins
Delete Cookies
Delete Prefetch files
[X]Scan local drives for temporary files (Please uncheck this option)
Cleanup! All Users

Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.

Reboot into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.

Run Ewido:

Click [Scanner]
Click [Complete System Scan] to begin scanning.
Click [OK] when prompted to clean files
With the first file it prompts to clean, select the option - "Perform action on all infections" - & choose clean and click [OK].
Once finished, click the [Save report] button
Save the report to your desktop

Close Ewido

Reboot back to normal mode and run another Panda scan. Post it's log along with the Ewido log.

*Note* Several of your cookies indicate you visted some very bad sites. Please post a hijackthis log as well...so I can make certain nothing else is lurking in the system.

martyb · Feb 26, 2006

Me again

Hijack this log,

Logfile of HijackThis v1.99.1
Scan saved at 18:49:07, on 26/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\S3tray2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFAGENT.EXE
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\AOL\1140473812\ee\AOLSoftware.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\xtras\mssysmgr.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Documents and Settings\Nichola\My Documents\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.supanet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.seekerbar.com/ie.aspx?tb_id=50154
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = supanet Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ajBar BHO - {5A074B21-F830-49de-A31B-5BB9D7F6B407} - C:\Program Files\AskJeeves\bar\bin\ajBar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Ask Jeeves - {5A074B29-F830-49de-A31B-5BB9D7F6B407} - C:\Program Files\AskJeeves\bar\bin\ajBar.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1140473812\ee\AOLSoftware.exe
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-GB ee://aol/imApp
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Search - http://speedbar.ask.com/menusearch.html?p=4
O8 - Extra context menu item: Save To MyJeeves - res://C:\Program Files\AskJeeves\bar\bin\saveit.ocx/imageit.html
O9 - Extra button: Coral Eurobet Poker - {050AC5CD-E1E1-41ab-8CE0-61B56EFA7FA1} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Coral Eurobet Poker - {050AC5CD-E1E1-41ab-8CE0-61B56EFA7FA1} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.supanet.com/
O15 - Trusted Zone: http://www.snapfiles.com
O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.3.4.64/holdem/holdem-ob-assets.cab
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt3_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.co.uk/save/makeover.cab
O16 - DPF: {1B9935E4-8A50-4DD8-BD09-A7518723BF97} (eAssist NetAgent Customer ActiveX Control version 3) - http://etalk.epson.co.uk/netagent/objects/custappx3.CAB
O16 - DPF: {27B84445-9953-4E9B-B01C-73D734A57DEA} (Big Race Control) -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by11fd.bay11.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {53D71A20-15BA-4884-A778-07A75F6049F4} (AudioHand Class) - http://webcam.gsu.edu/activex/AMC.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {607486A7-8ED0-4AEF-B9EF-62087E57E343} (RaceControl Control) -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://66.35.137.234/activex/AMC.cab
O16 - DPF: {77712A64-F30B-47C8-A363-CDA1CEC7DC1B} (WebBar Class) - http://www.advancedsearchbar.com/searchbarsetup2.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://195.41.18.51/activex/AxisCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9C88EF87-3AA0-40AE-890C-4F260E8C3ABB} (WHVHR Control) -
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.bigfishgames.com/online/feedingfrenzy/Game/SproutLauncher.cab
O16 - DPF: {D670D0B3-05AB-4115-9F87-D983EF1AC747} (AOL Downloader Plugin) - http://pictures04.aol.co.uk/ygp/aol/plugin/download/YGPPicDownload.en-UK.9.1.6.18.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/514/webolr/OCX/FlashAX.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://antu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {F5A8CC44-9F3A-4C4E-823F-982AE49CB93A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

Panda log,

Incident Status Location

Adware:adware/searchrelevancy Not disinfected C:\PROGRAM FILES\SearchRelevant
Adware:adware/wupd Not disinfected Windows Registry
Potentially unwanted tool:application/myway Not disinfected HKEY_CLASSES_ROOT\CLSID\{66FC8717-EFA7-4546-8C4A-E224F3A80C76}
Adware:adware/sahagent Not disinfected Windows Registry
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@as1.falkag[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@statcounter[1].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ask[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@casalemedia[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@com[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@overture[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@2o7[2].txt
Spyware:Cookie/GoClick Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@c.goclick[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@as-us.falkag[2].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@questionmarket[2].txt
Adware:Adware/WinTools Not disinfected C:\WINDOWS\system32\grwinsthlp.exe
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@as1.falkag[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@statcounter[1].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@ask[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@casalemedia[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@com[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@overture[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@2o7[2].txt
Spyware:Cookie/GoClick Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@c.goclick[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@as-us.falkag[2].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Nichola\Cookies\nichola@questionmarket[2].txt
Adware:Adware/IST.ISTBar Not disinfected C:\!KillBox\shayne thats's my goal.ace[setup.exe]

Ewido log,

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 19:41:11, 26/02/2006
+ Report-Checksum: FB6CD9CF

+ Scan result:

C:\Documents and Settings\Nichola\Cookies\nichola@122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Nichola\Cookies\nichola@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\System Volume Information\_restore{94D11BF6-63FD-4C4E-8178-65FC4931495B}\RP676\A0220904.dll -> Adware.Relevance : Cleaned with backup

::Report End

Detected a virus

martyb

Solid State Member

talldude123

Banned

martyb

Solid State Member

MicroBell

Daemon Poster

martyb

Solid State Member

martyb

Solid State Member

MicroBell

Daemon Poster

martyb

Solid State Member

Similar threads