Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

IRC.Backdoor.Trojan(hbd.dll)

Started by rkolomiychenko , Apr 25 2006 04:25 AM

  • Please log in to reply

#1
rkolomiychenko
Posted 25 April 2006 - 04:25 AM

rkolomiychenko

    New Member

  • Member
  • Pip
  • 4 posts
Hi Guys,

Every time I open internet explorer, Norton Antivirus pops up saying that the pc is infected with "c:\documents and settings\username\local settings\temp\hbd.dll" file. And there is nothing I can do about it. The internet connection becomes very congested with traffic, router lights are flashing like crazy, and the pc slows down. The only way to stop this is by disabling the internet connection, but as soon as it is reenabled, Antivirus pops up and the same thing happens again.

Can you help please?

Below are the logs:

L2mfix 032106
Creating Account.
The command completed successfully.

Adding Administrative privleges.
The command completed successfully.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful

Running From:
C:\WINDOWS\system32

Killing Processes!

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 448 'smss.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID 640 'winlogon.exe'
Killing PID
  • 0

Advertisements

#2
Flrman1
Posted 25 April 2006 - 09:18 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Hi rkolomiychenko

Welcome to G2G! :whistling:

Please do this:

* Click here to download HJTsetup.exe
  • Save HJTsetup.exe to your desktop.
  • Doubleclick on the HJTsetup.exe icon on your desktop.
  • By default it will install to C:\Program Files\Hijack This.
  • Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
  • Put a check by Create a desktop icon then click Next again.
  • Continue to follow the rest of the prompts from there.
  • At the final dialogue box click Finish and it will launch Hijack This.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

  • 0

#3
rkolomiychenko
Posted 26 April 2006 - 05:11 AM

rkolomiychenko

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Hi Flrman1,

Here's log as per your request:


Logfile of HijackThis v1.99.1
Scan saved at 12:09:32, on 26/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wltray.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\PROGRA~1\BTBROA~1\Help\SMARTB~1\BTHelpNotifier.exe
D:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Lvagent.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IBM\Bluetooth Software\BTTray.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
C:\DOCUME~1\Ruslan\LOCALS~1\Temp\mdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
C:\WINDOWS\system32\ctfmon.exe
D:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
D:\Program Files\Norton Internet Security\Norton AntiVirus\OPScan.exe
D:\Program Files\Norton Internet Security\ccEmFlSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Ruslan\Desktop\SpyWare Tools, etc\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0...S01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0...S01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.client...fo/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.client...arch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSNToolBandBHO - {49E0E0F0-5C30-11D4-945D-000000000000} - C:\WINDOWS\system32\msntb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\BTBROA~1\Help\SMARTB~1\BTHelpNotifier.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LingvoTraining] "D:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Tutor.exe" /ND /NW /AS
O4 - HKLM\..\Run: [Lingvo Launcher] "D:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Lvagent.exe" /STARTUP
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] d:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-gb\msntabres.dll/229?487173f98edf4228a133cc44698aa6a
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-gb\msntabres.dll/230?487173f98edf4228a133cc44698aa6a
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Translate with Lingvo - res://D:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Lingvo.exe/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/...015/CTSUEng.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s.work4sure...ge/w4sgeen9.exe
O16 - DPF: {15F98A00-6250-11D7-873C-000AE611C760} (TicketCtrl Class) - https://a248.e.akama.../TicketReg2.dll
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.truprint....rintActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1118886684303
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1145606234479
O16 - DPF: {7C405D1B-4007-11D3-8B8E-00104B3E656F} (SBCRecorderPlayer Control) - https://www.vodafone...order/SBCRP.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec....rl/SymAData.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/...15021/CTPID.cab
O18 - Protocol: bw+0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - D:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
  • 0

#4
Flrman1
Posted 26 April 2006 - 04:42 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
* Run Hijack This again and put a check by these. Close ALL windows except HijackThis and click "Fix checked"

Fix ALL the O18 entries like this one:

O18 - Protocol: bw+0 - {5F827743-D495-4617-A184-7E12C4C02B74} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll


* Restart your computer.


* Download WinPFind
  • Right Click the Zip Folder and Select "Extract All"
  • Extract it somewhere you will remember like the Desktop
  • Dont do anything with it yet!

* Click here for info on how to boot to safe mode if you don't already know how.


Reboot into Safe Mode


Doubleclick WinPFind.exe
  • Click "Start Scan"
  • It will scan the entire System, so please be patient and let it complete.

Reboot back to Normal Mode!

  • Go to the WinPFind folder
  • Locate WinPFind.txt
  • Copy and paste WinPFind.txt in your next post here please.

  • 0

#5
rkolomiychenko
Posted 27 April 2006 - 07:05 PM

rkolomiychenko

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
HI,

I fixed all the O18 entries successfully.

Unfortunately could not complete the WinPFind, because was unable to boot in safe mode.
Reason being, that I have a dula boot with Windows XP and Vista(recently installed Vista just to have a peek). What happens, is that when I get to the point of choosing a platform to load, Windows XP's advanced options(F8) are disabled, whilst I can access them in Vista. This must have happened since the Vista installation.

Any ideas?
  • 0

#6
Flrman1
Posted 27 April 2006 - 07:54 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Where did you get Vista?
  • 0

#7
Flrman1
Posted 27 April 2006 - 07:54 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
* Go here and do the BitDefender online virus scan.
  • Click "I Agree" to agree to the EULA.
  • Allow the ActiveX control to install when prompted.
  • Click "Click here to scan" to begin the scan.
  • Please refrain from using the computer until the scan is finished.
  • When the scan is finished, click on "Click here to export the scan results"
  • Save the report to your desktop then come back here and attach it to your next reply along with a new Hijack This log..

  • 0

#8
rkolomiychenko
Posted 29 April 2006 - 09:35 PM

rkolomiychenko

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Hi,

below are the logs

HJT log:



Logfile of HijackThis v1.99.1
Scan saved at 04:30:53, on 30/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
d:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wltray.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\PROGRA~1\BTBROA~1\Help\SMARTB~1\BTHelpNotifier.exe
D:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Lvagent.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\WINDOWS\system32\rundll32.exe
D:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IBM\Bluetooth Software\BTTray.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Documents and Settings\Ruslan\Desktop\SpyWare Tools, etc\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0...S01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0...S01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.client...fo/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.client...arch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSNToolBandBHO - {49E0E0F0-5C30-11D4-945D-000000000000} - C:\WINDOWS\system32\msntb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\BTBROA~1\Help\SMARTB~1\BTHelpNotifier.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LingvoTraining] "D:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Tutor.exe" /ND /NW /AS
O4 - HKLM\..\Run: [Lingvo Launcher] "D:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Lvagent.exe" /STARTUP
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] d:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-gb\msntabres.dll/229?487173f98edf4228a133cc44698aa6a
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-gb\msntabres.dll/230?487173f98edf4228a133cc44698aa6a
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Translate with Lingvo - res://D:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Lingvo.exe/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/...015/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s.work4sure...ge/w4sgeen9.exe
O16 - DPF: {15F98A00-6250-11D7-873C-000AE611C760} (TicketCtrl Class) - https://a248.e.akama.../TicketReg2.dll
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.truprint....rintActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1118886684303
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1145606234479
O16 - DPF: {7C405D1B-4007-11D3-8B8E-00104B3E656F} (SBCRecorderPlayer Control) - https://www.vodafone...order/SBCRP.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec....rl/SymAData.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/...15021/CTPID.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - d:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - D:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe


BitDefender's Log:

BitDefender Online Scanner



Scan report generated at: Sun, Apr 30, 2006 - 00:15:29





Scan path: A:\;C:\;D:\;E:\;F:\;G:\;R:\;S:\;V:\;W:\;X:\;Y:\;Z:\;







Statistics

Time
07:12:13

Files
1540705

Folders
28400

Boot Sectors
10

Archives
84048

Packed Files
132935




Results

Identified Viruses
0

Infected Files
0

Suspect Files
4

Warnings
0

Disinfected
0

Deleted Files
4




Engines Info

Virus Definitions
372671

Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)

Scan plugins
13

Archive plugins
39

Unpack plugins
4

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67171495.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Thu, 27 Apr 2006 18:11:31 +0100]=>(MIME part)=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67171495.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Thu, 27 Apr 2006 18:11:31 +0100]=>(MIME part)=>(MIME part)=>(message body)
Disinfection failed

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67171495.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Thu, 27 Apr 2006 18:11:31 +0100]=>(MIME part)=>(MIME part)=>(message body)
Deleted

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67171495.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Thu, 27 Apr 2006 18:11:31 +0100]=>(MIME part)=>(MIME part)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67171495.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Thu, 27 Apr 2006 18:11:31 +0100]=>(MIME part)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67171495.tmp=>(Quarantine-2)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67171495.tmp
Update failed

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67316479.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Thu, 27 Apr 2006 18:16:40 +0100]=>(MIME part)=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67316479.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Thu, 27 Apr 2006 18:16:40 +0100]=>(MIME part)=>(MIME part)=>(message body)
Disinfection failed

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67316479.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Thu, 27 Apr 2006 18:16:40 +0100]=>(MIME part)=>(MIME part)=>(message body)
Deleted

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67316479.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Thu, 27 Apr 2006 18:16:40 +0100]=>(MIME part)=>(MIME part)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67316479.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Thu, 27 Apr 2006 18:16:40 +0100]=>(MIME part)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67316479.tmp=>(Quarantine-2)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67316479.tmp
Update failed

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\711E738B.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Sat, 29 Apr 2006 02:51:22 +0100]=>(MIME part)=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\711E738B.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Sat, 29 Apr 2006 02:51:22 +0100]=>(MIME part)=>(MIME part)=>(message body)
Disinfection failed

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\711E738B.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Sat, 29 Apr 2006 02:51:22 +0100]=>(MIME part)=>(MIME part)=>(message body)
Deleted

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\711E738B.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Sat, 29 Apr 2006 02:51:22 +0100]=>(MIME part)=>(MIME part)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\711E738B.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Sat, 29 Apr 2006 02:51:22 +0100]=>(MIME part)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\711E738B.tmp=>(Quarantine-2)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\711E738B.tmp
Update failed

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\71316F75.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Sat, 29 Apr 2006 02:55:45 +0100]=>(MIME part)=>(MIME part)=>(message body)
Suspected of: Exploit.Iframe.Vulnerability

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\71316F75.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Sat, 29 Apr 2006 02:55:45 +0100]=>(MIME part)=>(MIME part)=>(message body)
Disinfection failed

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\71316F75.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Sat, 29 Apr 2006 02:55:45 +0100]=>(MIME part)=>(MIME part)=>(message body)
Deleted

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\71316F75.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Sat, 29 Apr 2006 02:55:45 +0100]=>(MIME part)=>(MIME part)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\71316F75.tmp=>(Quarantine-2)=>[Subject: Mail Delivery (failure rkolomiychenko@][Date: Sat, 29 Apr 2006 02:55:45 +0100]=>(MIME part)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\71316F75.tmp=>(Quarantine-2)
Updated

D:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\71316F75.tmp
Update failed
  • 0

#9
Flrman1
Posted 30 April 2006 - 10:58 AM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
* Open Hijack This and click on the "Open the Misc Tools section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP