Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
     
 
 Closed TopicStart new topic
Win32/Adware.Virtumonde and other problems [CLOSED]
EvoKhmerBoy
post Aug 24 2008, 03:07 PM
Post #1


New Member
*
Posts: 8
OS: Windows XP
Hello, I'm new to the computer stuff and although I had this PC for a while, all of a sudden my desktop background changed to a warning. It says that I had a spyware infection: Win32\Adware.Virtumonde and Win32\PrivacyRemover.M64
I'm hoping that this will be a small issue and can be resolved easily. Heres my HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:05:28 PM, on 8/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\lphc3jqj0er2p.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\drivers\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [2Wire Wireless Manager] "C:\Program Files\2Wire Wireless Manager\2Wire.exe" -a
O4 - HKLM\..\Run: [lphc3jqj0er2p] C:\WINDOWS\system32\lphc3jqj0er2p.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?8d08452c7b8c4ddab69d4a4f4892f39b
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?8d08452c7b8c4ddab69d4a4f4892f39b
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

--
End of file - 8078 bytes


Thank you for your time.
Go to the top of the page
 
+Quote Post
fenzodahl512
post Aug 25 2008, 04:58 AM
Post #2


Trusted Helper
Group Icon
Posts: 5,221
OS: Windows XP
Hello and welcome to GTG...



Please download Malwarebytes' Anti-Malware from HERE or HERE

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
Go to the top of the page
 
+Quote Post
EvoKhmerBoy
post Aug 26 2008, 08:10 PM
Post #3


New Member
*
Posts: 8
OS: Windows XP
Thanks for the reply and sorry for the ever so long delay... currently I cannot connect to any specific websites including the download you have sent me and even geekstogo.com for that matter on the infected pc. please give me another option to do. By the way, I have the recovery console but for some odd reason the administrator password that I KNOW I put is incorrect and it is not incorrect spelling or caps, so im unable to use that either.
Go to the top of the page
 
+Quote Post
fenzodahl512
post Aug 26 2008, 08:46 PM
Post #4


Trusted Helper
Group Icon
Posts: 5,221
OS: Windows XP
If you have ComboFix in your infected PC, please delete it as we will download the latest version..


Please download ComboFix by sUBs from one of the locations below, and save it to your Desktop. You might have to transfer it from another pc via thumbdrive or cd..
Link 1
Link 2
Link 3

Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.
When finished, it shall produce a log for you. Post that log and a fresh HijackThis log in your next reply

Note: DO NOT mouseclick combofix's window while its running. That may cause it to stall
Go to the top of the page
 
+Quote Post
EvoKhmerBoy
post Aug 28 2008, 09:18 PM
Post #5


New Member
*
Posts: 8
OS: Windows XP
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:59:06 PM, on 8/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\0d3b5d19cc06db007bbe6584808bfa9e\update\update.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?8d08452c7b8c4ddab69d4a4f4892f39b
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?8d08452c7b8c4ddab69d4a4f4892f39b
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

--
End of file - 6805 bytes
Go to the top of the page
 
+Quote Post
EvoKhmerBoy
post Aug 28 2008, 09:29 PM
Post #6


New Member
*
Posts: 8
OS: Windows XP
Malwarebytes' Anti-Malware 1.25
Database version: 1093
Windows 5.1.2600 Service Pack 2

6:14:09 PM 8/28/2008
mbam-log-08-28-2008 (18-14-09).txt

Scan type: Full Scan (C:\|D:\|L:\|)
Objects scanned: 333760
Time elapsed: 1 hour(s), 15 minute(s), 40 second(s)

Memory Processes Infected: 2
Memory Modules Infected: 1
Registry Keys Infected: 12
Registry Values Infected: 8
Registry Data Items Infected: 2
Folders Infected: 39
Files Infected: 938

Memory Processes Infected:
C:\WINDOWS\system32\lphc3jqj0er2p.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\system32\drivers\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.

Memory Modules Infected:
C:\WINDOWS\system32\blphc3jqj0er2p.scr (Trojan.FakeAlert) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysrest32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc3jqj0er2p (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\wxfw.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\Common Files\WinAntiVirus Pro 2007 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiVirus Pro 2007\bak (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Network Monitor (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\Ipwindows (Trojan.Rond) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\svhost (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\SSSInst (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\SSSInst\bin (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\SSSInst\Ready (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\SSSInst\temp (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\SSSInst\Upload (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Wallpaper (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Application Data\WinAntiVirus Pro 2007 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Application Data\WinAntiVirus Pro 2007\Logs (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS\Start Menu\Programs\Outerinfo (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\NetMon (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\Games (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\Movies (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\blphc3jqj0er2p.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Desktop\New Folder\bak\retadpu2000340.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Desktop\New Folder\bak\retadpu72.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Documents\Settings\partnership.dll (Trojan.Proxy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\0wl.tmp (Trojan.Patched) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\Bu}230E.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\EvV95ED.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\GVD85B.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\K]lF3DF.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\NDrv.dll (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\nOA8C8A.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\oQAB43.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\par910C.tmp (Trojan.Proxy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\QofBF38.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\sjJ2F82.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\sys16.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\T}t842D.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\uECE.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\VKO67FA.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\XJ3C1B.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\X17F3.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\]OXA478.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\`BO25ED.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\w942B.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\HA603.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\Hp88E0.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\E4811.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\pB9208.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\w16CD.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\{r25DE.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\Q99B6.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\VN135F.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temporary Internet Files\Content.IE5\F7Z9J2UM\bot[1].dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temporary Internet Files\Content.IE5\TVKBVXQ6\bot[1].dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\2D.tmp (Backdoor.Rustock) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.DAD\Local Settings\Temp\jnwf47rz.exe (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun4.exe (Adware.WebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun6.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\~tmp143 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\MBDownloader_876919.exe (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\NNBar_VCSetup_876919_LOG_IES_NoDMY_AFF.exe (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\rsyncini.exe (Trojan.Exitwin) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\snapsnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\vx1dt1.game (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\wavesnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temporary Internet Files\Content.IE5\6FWPCXIH\kcehc_eicooc20070702[1] (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temporary Internet Files\Content.IE5\QH6VG3WT\ctxad-555[1].0000 (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\1.dllb (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\mst1C.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\mst23.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun10.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun12.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun14.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun15.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun4.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun7.exe (Adware.WebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun8.exe (Adware.WebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\~tmp143 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\ffor\ffora.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\ffor\fforl.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\ffor\fforp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\ffor\bak\fform.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\ffor\fford\fforc.dll (Adware.TargetServer) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007\uwas7cw.exe (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Ipwindows\ipwins.dll (Trojan.Rond) -> Quarantined and deleted successfully.
C:\Program Files\Ipwindows\ipwins.exe (Trojan.Rond) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\components\ffcomponent.dll (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Program Files\Network Monitor\netmon.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\Save\ACM.dll (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\Save.exe (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelNE.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelQC.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelqx.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelSlnchr.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelUpdate.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\WiseInstallUtility.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\wxfw.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\WINDOWS\browser.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\inserv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\lsass.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\pc.exe (Trojan.Lmir) -> Quarantined and deleted successfully.
C:\WINDOWS\stub_mma2.exe (Adware.Bookedspace) -> Quarantined and deleted successfully.
C:\WINDOWS\winlogon.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\UWA7P_0001_N91M0809NetInstaller.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA7P_0001_N91M0809NetInstaller.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA7P_0001_N91M0809NetInstaller.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWA7P_0001_N91M0809NetInstaller.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\UWA7P_0001_N91M0809NetInstaller.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\IA\asappsrv.dll (Adware.CommAd) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\7.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\mst1B.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\stdrun4.exe (Adware.WebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\stdrun6.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiVirus Pro 2007\err.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiVirus Pro 2007\mfc71.dll (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiVirus Pro 2007\msvcp71.dll (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiVirus Pro 2007\msvcr71.dll (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\svhost\wr-1-0000077.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\SSSInst\bin\iebyterange.xml (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\SSSInst\bin\iebyterange.xml.backup (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\SSSInst\bin\SSSInst.dll (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\SSSInst\bin\SSSUninst.exe (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Wallpaper\Magic - The Gathering - Childhood Nightmare.jpg (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Wallpaper\swpstart.exe (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Save\===.txt (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\ffext.mod (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\save.db (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\save.htm (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\SaveUninst.exe (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\SET45.tmp (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\SET66.tmp (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\store.db (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\^_^.txt (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\Abbr (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\ActivationCode (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\ProductCode (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Application Data\WinAntiVirus Pro 2007\avtasks.dat (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Application Data\WinAntiVirus Pro 2007\history.db (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Application Data\WinAntiVirus Pro 2007\PGE.dat (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Application Data\WinAntiVirus Pro 2007\Logs\wa7Support.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Application Data\WinAntiVirus Pro 2007\Logs\winav.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS\Start Menu\Programs\Outerinfo\Terms.lnk (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS\Start Menu\Programs\Outerinfo\Uninstall.lnk (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\Abbr (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\ProductCode (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\HighlightHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\logo.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\logoxp.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Reference.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\ReferenceHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\referencehotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\referencexp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\screensaver.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Screensavers0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Weather.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\weatherhotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\weatherxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\images\walertXP.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysrest32.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\csrss.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Delete on reboot.
C:\Program Files\outlook\p.zip (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\Unist1.htm (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\Uninst2.htm (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\desktop.html (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphc3jqj0er2p.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc3jqj0er2p.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.dll (Trojan.Sinowal) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00002.dll (Trojan.Sinowal) -> Quarantined and deleted successfully.
C:\WINDOWS\wr.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\tcb.pmw (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Yazzle1281OinAdmin.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Yazzle1549OinAdmin.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Yazzle1549OinUninstaller.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\WINDOWS\avp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\System32KBRunOnce2.tm_ (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\System32KBRunOnce2.t__ (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\poolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\uninstall_nmon.vbs (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\retadpu2000219.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\retadpu2000340.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\retadpu572.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\retadpu72.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\snapsnet.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hi\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS\Local Settings\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\Outerinfo-1281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Green\Local Settings\Temp\xrun.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\2.dllb (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\7.dllb (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\2.dllb (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\5.dllb (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\6.dllb (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\7.dllb (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\2.dllb (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\5.dllb (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\6.dllb (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\stdrun1.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\stdrun3.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\stdrun5.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\stdrun8.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun1.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun11.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun13.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun16.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun2.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun5.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun6.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun9.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun1.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun3.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun5.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun8.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ma1x1dd1v.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\vx1dt1.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\vx1dt1.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\v3xd1.g22me (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\v4xd3.ga2me (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\v5xd2.g3ame (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\v5xd4.ga2me (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\v6xdt4.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\vx1dt3.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\vx3dt2.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temp\vx1dt1.game (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meas\Local Settings\Temp\v4xd6.gam5e (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr1091.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr125C.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr1488.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr161F.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr1875.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr1894.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr18B4.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr18C3.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr18D3.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr18E3.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr1902.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr1B92.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr1C5D.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr1C69.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr1DD4.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr1EAF.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr22D5.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr25A6.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr25C5.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr25D5.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr25F4.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr2603.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr2613.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr2632.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr2642.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr2652.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr26DD.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr27C9.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr27D8.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr27E6.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr2817.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Settings\Temp\opr2836.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner.MEAS.000\Local Se