Edited by Jessivea, 25 August 2006 - 12:33 PM.
Im back and more %$#$#$ then ever! [CLOSED]
Started by
Jessivea
, Aug 18 2006 11:17 PM
#16
Posted 25 August 2006 - 10:55 AM
#17
Posted 25 August 2006 - 01:12 PM
Ok its running the same if not slower is there a way i can test it to see how much ram im using out of 254 etc? Heres the log
Logfile of HijackThis v1.99.1
Scan saved at 1:10:37 PM, on 8/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\WinTask\Bin\SchedSrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\WinTask\Bin\SchedInd.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\System32\svchost.exe
C:\Backup\hijackthis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: WTBho Class - {348FE907-249E-4C65-A838-F34A193FE1D1} - C:\Program Files\WinTask\Bin\TaskBHO.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [WTIndicator] C:\Program Files\WinTask\Bin\SchedInd.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\cameron\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Steam] "c:\mpa2\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1156407549093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{85B9DE2B-71C3-45D2-9A57-3035368C8553}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{92800F17-238B-4085-B07B-6177E9391EE3}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: WTScheduler - Unknown owner - C:\Program Files\WinTask\Bin\SchedSrv.exe
Logfile of HijackThis v1.99.1
Scan saved at 1:10:37 PM, on 8/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\WinTask\Bin\SchedSrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\WinTask\Bin\SchedInd.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\System32\svchost.exe
C:\Backup\hijackthis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: WTBho Class - {348FE907-249E-4C65-A838-F34A193FE1D1} - C:\Program Files\WinTask\Bin\TaskBHO.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [WTIndicator] C:\Program Files\WinTask\Bin\SchedInd.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\cameron\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Steam] "c:\mpa2\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1156407549093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{85B9DE2B-71C3-45D2-9A57-3035368C8553}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{92800F17-238B-4085-B07B-6177E9391EE3}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: WTScheduler - Unknown owner - C:\Program Files\WinTask\Bin\SchedSrv.exe
Edited by Jessivea, 25 August 2006 - 01:14 PM.
#18
Posted 25 August 2006 - 02:27 PM
We need to run FixWareout again, as it didn't seem to work the first time.
Please download FixWareout from one of these sites:
http://downloads.sub.../Fixwareout.exe
http://www.bleepingc.../Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Once the desktop loads a text file will open (report.txt). Paste the entire log into a reply. It may take more than one reply to get the whole log, but please paste the entire log.
-Ryan
Please download FixWareout from one of these sites:
http://downloads.sub.../Fixwareout.exe
http://www.bleepingc.../Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Once the desktop loads a text file will open (report.txt). Paste the entire log into a reply. It may take more than one reply to get the whole log, but please paste the entire log.
-Ryan
#19
Posted 25 August 2006 - 08:27 PM
It didnt do anything.. It just said after press any key to continue was script registered to run on reboot..If you read this befor i edit the log in ill be rebooting it anyway.
#20
Posted 26 August 2006 - 12:01 AM
No new logs were made...
#21
Posted 26 August 2006 - 09:30 AM
Open ewido anit-malware
- On the main screen select the icon "Update" then select the "Update now" link.
- Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
- Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
IMPORTANT: Do not open any other windows or programs while ewido is scanning, it may interfere with the scanning proccess: - Lauch ewido-anti-spyware by double-clicking the icon on your desktop.
- Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
- ewido will now begin the scanning process, be patient this may take a little time.
Once the scan is complete do the following: - If you have any infections you will prompted, then select "Apply all actions"
- Next select the "Reports" icon at the top.
- Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
- Close ewido and reboot your system back into Normal Mode and post the results of the ewido report scan as well as a new HiJack This log.
#22
Posted 27 August 2006 - 01:20 PM
Well theres 600+ viruses found while AVG found 1000+..every day Heres the ewido one
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 1:01:00 PM, 8/27/2006
+ Report-Checksum: AF1EA23F
+ Scan result:
HKLM\SOFTWARE\Classes\Media-Codec.Chl -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\Media-Codec.Chl\CLSID -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj\CLSID -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj\CurVer -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj.1 -> Adware.CoolWebSearch : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP841\A1870675.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP845\A1876741.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP850\A1877882.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP850\A1877892.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880949.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880952.exe -> Downloader.Agent.uj : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880955.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880956.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880957.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880958.exe -> Downloader.Agent.uj : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880960.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880963.exe -> Trojan.Small.gq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880964.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880965.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880966.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880967.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880968.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880969.exe -> Trojan.Small.gq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880970.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880971.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880972.exe -> Downloader.Agent.uj : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880973.exe -> Trojan.Small.gq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880974.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880975.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\yazfj.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\WINDOWS\SYSTEM32\{018E735E-52FE-457D-B732-5C7784CF8962}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{12C26808-CDB2-4273-9FD8-5AEB4493AE2E}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{1C6524D8-231C-47D0-B36C-FCCB93EAD282}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{1F6808BB-8B70-401B-BBDC-9256A7905272}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{39ABAADB-7714-4A96-846E-A6BB6FFAEE80}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{39BC2CE8-38B1-469D-B810-29C2ACD3FE35}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{39DBE0DF-82B9-42DB-A1EB-0D91B1028288}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{3C56AD23-8067-4D81-A59D-83E764B111F0}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{3EB28F59-7168-4624-AC1D-978299C9E689}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{3EFF3B1E-A27D-4A04-94A7-DA3C962645D8}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{42997659-970D-4462-B034-8F6239FA8A57}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{4BD10F2A-1BBB-4683-8D86-422359A411E5}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{52928881-7A67-48A2-BD8C-4E2E52BB66F1}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{53EF551A-E6A3-4A6B-8A60-615132E2F91F}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{54641394-6960-4185-A460-F3F253973202}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{5C148BDB-357D-43DE-A01D-BFA0A10A236E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{5F1F3529-AD2C-4C4F-9F7F-FC3268EE70C2}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{628E7E5C-7BF4-40D4-8A0E-90595C1F3AED}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6786AF22-BA3A-4A7E-88EF-E1C485EAF705}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6842F2AA-4550-4B6F-BB98-8085150ECB52}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{68553E5E-A7A1-412D-BFDC-0FC64DC48B16}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{68798E7D-0B90-4853-949D-AD59B892017E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{687CF64B-74AF-4D35-8E76-5CF2D2868C87}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{68B6AA09-73CE-405E-B76C-29AE06D4E1E5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{68CDCBEA-ABDE-4C64-9823-B8C17C082FE4}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6915C9E9-785B-420F-919B-409A96041D4F}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6936BFCD-64DE-41C3-A586-B1F92CB3B63A}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{69A820EC-A526-442B-9769-4E8853104C83}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{69F3322F-9B0B-4B30-95A8-D46A0D1C7461}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6A06B334-A8C5-4ED5-ACF0-D6C68F14B166}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6A2E5CA4-C3E2-4692-9FF6-84A2728D5E83}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6A32A253-4B83-44E8-8F18-FE7260269DCF}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6B0E2885-B06B-4938-8AA9-B8776093050C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6B23D082-E7C0-449A-85DA-CCA591833FF7}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6B3D575A-3006-4DE5-B70F-10E28CD96A2E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6BC931D0-2487-4BDF-A99B-8317B0917539}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6C1774E3-784D-4E85-9535-E474E263D70C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6CA28158-A7DE-400C-BF9A-FF7BF74DAFFA}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6CA336CE-278C-4F56-B9FC-BD30C9608318}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6D176248-FD09-4284-A69A-5C5CB4A2CCD2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6D6D697B-020C-4949-A1D3-23C0532677BE}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6DB21FCE-C4A7-4BA8-80CB-C2F8BA5815FF}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6E420800-BE20-4285-8E2D-A596381C765A}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6E96C793-96EF-41F6-8E84-3C9284A5A19C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6EDD1063-D087-405D-8E43-90FC88C00522}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6F0E01D7-BC91-4C0D-B838-8BC631E469D8}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6F3A4106-E017-41FC-A4FB-4BCBF8AA1A0A}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6F492CDD-E702-4E54-8AEE-112AFFEBA3AC}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6F7CC322-F0C0-485B-B8C8-C7A24DD6DDCE}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6F975467-E568-43E1-8B7A-94BC54ECEC1B}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6FBC52AF-5ACC-43F1-87ED-37ED4CA8E0AD}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{704821CE-6DAC-46DB-B99E-56235E52D5E3}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{70E92700-B7EC-4AC0-9F01-CD00CAF50A6B}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{710B7EFE-1046-4630-9A87-6FEEBE4FA06B}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{711E7389-27D6-44B7-B373-77803556461B}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7163BB24-2993-434E-A0FF-A8AD5C2725C4}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{71C49628-931B-4194-8726-7946C01E76F3}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{71F9444F-8DE2-468F-BE7A-B2F9FDD65C56}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{722B4509-1B76-4905-9EC5-2579FD6A2E4D}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7231E33F-96E3-4A84-9F7E-E85708699689}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{726AA803-00FB-4B7D-89FD-44CB737E590D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{72CAE1F0-FB6A-49B6-9910-201446B6E6FF}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{72F26744-E711-4965-85E2-EE852CA2CC08}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{734258C6-7A02-40A0-ADE7-EA54A845091D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{73E864D8-7E89-435A-BE5C-3D81E166441F}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{74004A8C-365C-4FC6-AD35-CB6184102B4A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{743C8A7D-932A-47A3-8D98-458044BF0E83}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{747FA1F0-6331-4C3D-AE49-A4A3060D94C8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{749B2F63-2AA5-46FE-93BA-728DF76AB594}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{74A3E6E1-F165-4196-AFB0-01B378E60B98}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{74AD242F-3923-4D1E-9A84-8DCF0AA0EEEE}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{74CA5CF8-30EA-4C3A-9191-D504BC1FF57F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{74EFCC07-B5DF-41EC-8CF7-0C7C6CB116E4}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{759B5017-9CFA-4A49-BBAB-4CDB7CC91F02}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{75A2CF45-81E0-4564-886D-440AE292CF2E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{767353F3-9E68-475D-981A-BEF384600EBF}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{76B0FF73-DAFE-45FE-83EB-CD93E94A6F51}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{76ECFEF7-2432-4703-B867-BF259B8F5651}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{772FBC52-5DD0-483A-9B87-F459EF696686}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{77627312-D436-4CA5-9BA3-3514EA9E3953}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{77915AF2-F38E-491D-98A9-6D217F9DB263}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{77F25245-77F4-4F1E-A5C3-A9DD6F5CE9DC}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{78053A23-C579-4E5E-99DC-54C3FE279703}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{78260F31-480D-44FC-9FCC-BFB83DF59BD3}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{797C22D2-60A7-4409-ABBA-7D2E4A1A1427}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{79A48E4B-C9D0-4A77-BF88-3087FC09D024}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{79C15EAA-3E0B-44F5-905C-323BE390A6BA}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{79D62BB4-BD8D-4C26-80A2-1AE79D643F68}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7A7076D6-7059-4409-A259-34E58358BCA5}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7A7279E6-BF4E-40D0-85B4-9146679543A5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7AD68FE8-00F1-48C1-8DF5-91E774F0439F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7B0FC25F-1585-45B6-B03A-C8E6EB162EC1}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7B17966C-ABB7-4DD2-96F8-0A2D9453E6C7}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7B66E10F-0A64-4A31-8D98-1E5EE90F6613}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7B6B0143-2CE2-472C-B29A-CE84FF705805}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7BBD5701-FD38-4D7A-9B93-95909CAC801F}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7C7F79BB-26AB-449A-93F9-A9A74A4EF453}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7CE481CB-5EB3-41AF-9A31-E115770419BF}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7D667CB1-E5CE-4E68-865E-B2C6426B0A5D}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7DB02F7B-E5AA-42DB-A633-9060177610B6}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7DBAEC20-C043-4DDF-87F9-704602AC677A}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7E20A594-10FA-463D-8C76-7B17A9AD479B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7EAED3E9-CD51-49FA-9460-220A1F9B689E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7F328BFB-E8E5-4EF8-BAB3-5D70D02C869D}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7FCC02F1-3CA5-4C90-B480-5B2E4F8E5C20}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8020A388-92F4-4260-B58F-A788E8921790}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8043FCE1-91DB-4B63-8BCA-A61452E51DD9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{80478D94-325E-4935-9DD5-E9A156D4E277}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{80B74489-6F6A-4015-967F-B801358EAA38}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{80B7EFCA-B40A-4D93-A347-887F97A2BF12}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{81CFC8C7-B02F-407F-A69F-568E6DFF2740}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{82152951-C177-4B37-9B70-EE20A852F344}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{821A9261-F431-46C4-9F05-31FA22CA30D1}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{82223ED5-B1CD-4A0E-92B9-7F5AF6219957}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{825148D2-D896-4171-8C86-B9F1BFDD0345}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{827765A0-87A3-48B2-BF15-8DA1EBF6282A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{828FC4B3-1475-4BE6-BC39-0CA56E7DB30B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{82BC0F9A-C7D3-49DA-AC1F-DC94DBD4610F}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{82F770BC-B61C-440B-9E40-5A11CE644A56}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{83425D44-5868-4F6B-9C26-329FEBB210CD}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8360114B-1325-448C-A210-B61C1C1347E2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8372CD08-B634-495C-9FBD-77BCE4ED3916}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{837E7E6F-EE25-4872-9534-046F95AE41B6}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{839DB9ED-BA0D-4766-BB26-B4F3DC6FEB5D}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{83E16694-C6F3-4B7D-84F9-3CC21DE74C80}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{843E8F2C-F061-47C8-A96D-14F71CA1139C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{84900C4D-029F-4581-8E63-A941BEFDB14E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8496DB08-B601-479B-BC03-01EAF6222679}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{84ECA3ED-A733-4A92-8712-110376C11F3F}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{84F4C2B1-3656-4A01-B6B1-D7673DA85D61}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{85D7C1DB-18D3-4E1E-9387-B58AD24640A5}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{85DF2EF4-1704-4703-A52F-0E224D0D4BC5}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{868D1329-23DD-4625-BEB4-4C3472A5409D}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{86EB26E0-F613-417C-B2A4-83FA448A7320}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{86EFCC84-3A39-4D49-94C3-5DF8CE7E6B3C}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{87062ACC-024C-4F98-BD79-A11B933F4478}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{87164A75-3E70-42DC-8F4B-7AE453C0D300}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{878B0272-A8D8-4296-9671-4C1AF933E72D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{87B16D19-103C-43A1-976E-ACBBDBCCA931}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{87EBE8E1-B55F-44E7-B223-7645FC69CEB0}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8878DC10-3DC1-420B-B06E-BE22FABE23D2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{88B8DCD8-16A0-4C1F-8BDA-DC26141DE66E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{896FBCCC-9DF4-49B7-807E-310C2AC3D4BC}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{899F759A-EF76-4D93-9984-07329490D937}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{89BDDB2B-B5D1-4EAB-ABC7-1A5E03296EBF}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{89FD712B-0A6F-462B-AA55-74F87EE7DE52}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8A175EB8-A48C-4011-9A15-401F4C4D75B7}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8A40CE3B-5CD1-45F9-90B2-CB7C6DBC5940}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8A440582-AC6B-4722-9019-E8B736E67049}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8A516002-864E-43F6-A1D6-BEAAD7D86A53}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8A82C5E9-F418-41D9-B241-B354907C0630}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8B11DA19-D355-475A-90C2-9DCE54BF18A8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8BEAC8B1-5DF4-43A2-BE91-1CCE5B37BC35}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8C0478AA-5AF1-4DD7-A1DF-E9CA372DE5B5}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8C0CB7C8-69F4-47CB-A04D-F8969B418BAC}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8CA50352-02CD-4A61-BEF8-9EFE91E694EF}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8CAFFCC1-E952-4226-9C05-A093D071BDA4}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8CEC78FA-7104-4B95-9C1F-F55C74D742D9}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8D162BF6-E260-4FE0-97DB-80C0F6D6E2C2}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8D4E625D-269A-4587-8160-52B491AE950E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8DCE8782-F012-4DC0-8A84-E6F693E59AFD}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8DF7F9F3-6A0B-4668-8780-3D7D659A61C8}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8E727A47-BECE-49C9-8E15-BF3DF25526E8}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8EFCB7A5-6604-4BE1-AF88-CF4674510AF8}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8F2991E4-3B97-40C8-B198-4C6A9301B7C7}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8F44669B-1CDB-4FC7-8BF6-D8AECB8D24CC}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8F834FC8-C818-40CF-87A5-50A6E93A12F9}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8FD16615-9B5F-4D41-A72C-84BA46A65DB8}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{901FADFA-5A12-467A-A502-2E5EFB500E31}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{90243A7C-E6FA-4FBD-9786-D26F1B405A52}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{904D8314-74A2-4216-BC94-68ACBA054EDD}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9078834E-F939-4F14-BC20-0F206F1BFC1A}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{907C2347-DC9F-487B-819F-3D0E8137CCFD}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{907DCCEC-8644-403B-B818-6EF2CF029E0D}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{91516F77-36E7-4EEF-B8FD-A47BD2812E1E}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{92302EA0-8820-4D35-829A-3456DB0C6807}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{93018CBD-C5A0-469B-9E0A-BE7A408494D7}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9320A51C-3F77-45CF-A3DB-2CD219F3419E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{93218CF6-B776-47AF-85CB-8753DABC0071}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9358FD55-2D08-441D-99FB-458D4C1C5F7D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{93964CF8-4D65-440A-91D6-49C99EC04B11}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{93E5DF4C-DA47-4A55-8168-682EAA2F22D7}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{93E8F88B-4382-42B0-979B-23FDF9DD8A8A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{943A84EE-7A0B-4E2E-BC2C-22E02DD95361}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9461755F-0B0E-4395-823D-795818C46787}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9467F031-6A9E-4148-A57E-C2BC59711C8E}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{95341F39-0432-4A8E-900E-833BCB5C05D9}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{957FD45C-4927-4284-BFCC-0577A2A5D862}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{95CF6F3B-8A0D-4638-824A-05458C00C0EE}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{95F8047D-A66A-43F5-A9B5-5F9BC96A82B6}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{96148E24-3453-4290-8157-A0D025AA6877}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{967594EE-29AF-4457-911B-CFEF648F9B00}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{96A887A9-BEDA-4D95-9D39-6245CBE4E68B}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{96E0F380-31E9-41B3-8C0E-103F3D8B9F60}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{978307F8-DBC6-4FE6-B913-E3BB84F694E4}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{97C27BE4-15B0-4E76-AB33-66D1E0B79AC0}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{97E0C2E7-874A-43D2-9C0B-AC5FFBFD986C}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{97E5678B-D5DF-4337-B031-A0A54D6C0E15}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{98352A9F-C3F5-45F0-A9FC-04A5D92105C2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{983E6766-CA09-4684-9930-5270F965CA3F}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{986CE891-B921-4DBA-A5EE-943C0599C208}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9900DA68-1FEC-4B77-9573-BB02A95BB164}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{99072F42-4951-466B-B93E-1C4AC00E869C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{994A40D3-C924-4F7E-9BB8-3B87B480DBE9}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{99F29D2D-AA95-4751-B4F3-1970FE5F7FEB}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9A3BA603-4E45-42AC-961D-E0F7508302E5}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9A4276D3-783E-4047-BF4B-E48C9F1D3487}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9AD66AFC-E306-4991-BEA8-E661A8D218F2}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9B3C630E-9D3D-48F5-BCEC-93E77F3EB416}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9B5B0B13-6BA9-4CC6-9CB5-E335B7575C82}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9C0858F6-5351-46C6-9DB1-C4275D7B9D2D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9C2EE702-927F-41F5-8A65-BCDAA4F925C2}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9C433FF7-373F-4A1F-84C1-CACA2B0CF800}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9CAC8236-F474-4C39-BD6B-EE104FAA8E82}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9CFEFF33-8DBA-44CA-BE2B-0D062E4A3646}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9D374D1C-BE47-49C5-8CDA-561EA0553ABE}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9DB0416E-6B15-4BD7-AD80-9238ED7C4F2C}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9DECC4C0-3B2D-4B83-ABD0-78BC60425D07}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9E2336AC-D061-4379-A015-2EB7B086CB19}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9E9E80F4-F154-4268-8506-59A2A34AA13A}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9EEAF30C-4AED-4CD9-9426-DCF204FA3686}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9F755576-D308-45CF-A890-604FB63CF46F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A02B0737-570A-408E-9A82-341ADA271379}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A09BA0F0-EAFB-4BBD-956E-C6F106310EBA}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A0F9FAE5-D828-4EA5-AEFF-08E94656FD49}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A119C999-172A-45AF-B73E-6CA195558D55}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A11F99B7-B08F-4995-A1EC-293A07B37BC0}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A14161AF-B2CC-4E6F-A895-2F4DBE100FB5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A17A98D0-468D-48FB-947C-45844897D9F4}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A1C3C351-8D8B-4119-9466-DBD81273DBB5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A232614B-190C-40F9-9C70-B1B73D8C0B8C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A28E6A6D-151F-4314-9DF3-C7B337098566}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A29B5E96-D573-4C86-8A38-8EEA966326A8}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A2BC224B-383D-4DE2-A490-DC8A83B2009E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A31F6E25-EC14-4F28-A027-3604F497CF38}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A3250FAE-BC1C-4647-9AF9-AD699B0E8505}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A32F557E-60CC-43E6-9A5B-11B447F6CF68}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A34D1920-B895-4D17-9B9C-794FF43E1B52}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A41CA795-3E58-4E78-8377-CE501A243E73}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A4A3F1FC-E83F-46C7-88D9-895D566B1517}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A4BE68A1-002D-4A13-8C22-3BBD1CC94F77}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A4E9E46F-330A-4917-9213-A3CD3BF7F833}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A5146131-30EE-416C-8AE3-B0B25E4D4562}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A53A1674-4601-4F94-B2C7-5CD52760E1E2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A556DCBF-B5E0-48EE-BBB0-9EEA451969D9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A56889AD-4677-4CCE-8B29-32EA5FE026CF}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A6169526-5387-4ECE-9E03-404ADCE06165}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A6517837-ED0B-42EC-88EB-528E7C6CC08A}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A68AF866-0B77-471F-9570-D8A562FDA633}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A72D6FA9-F950-4FD0-B222-FB0675343CBF}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A83035C1-C144-4DCB-AFE0-090B6FB26881}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A83BA616-B7EA-41F9-9E13-D922BC9E24BD}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A859C38F-B707-48AC-AE42-24C2218BD363}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A86E159D-2D9E-4D10-8351-5DC5C1A57C8F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A8AD5CE3-CF3C-4D8B-8D9A-FE7D31B1F193}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A9244409-0AB1-465A-A33B-55637247DCD4}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A9441770-D4EF-48DF-9FE3-6C42CF015EB0}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AA2D9DD6-52C9-4526-A77B-938434169462}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AA33AE77-55BA-40B8-8F93-AE48A85BB0C9}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AA5C1619-1B7D-41FF-805A-B4CBD66A0FFB}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AAC1B2E0-C352-418F-AC3F-F5E754C4E965}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AAE2EFF2-E6B0-49D4-8C7B-500B25EF3CD8}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AC10FECD-88B0-4ABB-8D7A-028315F8777D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AC1BE877-A483-4CB7-A8A9-9DCCCA486CFD}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AC359AF7-4522-42C0-A520-8029E6E08BF1}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AC6A0E5C-B865-44FA-AEE5-BEDEAFFDDC07}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AC97ADCB-C9A3-46E3-9DDE-A579465D341C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{ACBDFDCA-D312-4EAB-A446-81AE393D5A46}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{ADEE0043-CE8D-4363-A8CA-E55D0148C662}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AE005C18-35E8-4E32-815E-CA53A29CE902}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AE3D02A7-9252-496C-8617-6870365CF64C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AE9FE68E-DAFD-48A7-9FA4-670615E3A758}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AEDBB070-85E5-40C7-92EB-4F0BC06A3530}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AEFC01E7-9960-49E0-9BD2-A4DD91A9C433}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AF1CD246-B940-471C-9162-67DE194C5160}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AF412EFF-B156-43F7-B190-BEF973A8D290}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AF829AE3-F2B9-4F93-A34D-0A8AE5B89BA1}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B008B2C6-C2DF-493A-8899-6D4A2A186C04}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B138CBA4-1513-4758-BCA8-A18D2EE38433}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B1B5736E-0783-4F4B-8FDC-309BB2C2EE14}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B23D0E1F-7569-4CC0-A826-17B03AA0CA0D}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B2AD2547-FC41-46F9-B947-611539CDB4EE}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B33CCD49-FFBD-4268-8367-3702A8EA5C2A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B3F2280B-7A93-41A2-9C9C-7951501D8183}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B408AF34-DB83-4553-9DC8-F439012532A8}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B4A3A722-2392-4DB1-BE3B-528F4C97FC31}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B5B986B9-411F-4A83-86E0-F80C391DED07}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B5C956B9-AEA7-4831-A19F-9770ED1DCD45}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B682ACD6-B2A1-415B-A58E-7B8C906813E6}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B684AE2E-388F-4827-819E-E82716ACB1FB}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B6920E01-0E23-4A4F-9235-C31D58EFFEC9}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B6B38303-2E67-402D-AE47-868C60FC7EEE}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B6C525BB-EB3F-49B3-957A-785920506786}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B6CF145A-0C0F-4BE0-940A-1FDBE3E0F398}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B6D4937C-72D5-4FB7-82C0-46E4AC9FEC8C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B75DA7F8-4FF2-4753-A99C-76178D4984F3}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B797D5D7-13BD-400F-AF20-D630F040713C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B7ED5123-57A9-4496-8C2F-2497AB38D52C}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B84C213D-EA1D-4DAA-8CCE-3464298A62EA}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B857A43F-4B7B-43DB-A56D-F4C1468448C9}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B85CF1B3-8B88-4B30-BDE0-FEC4BFC2A6E7}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B863042C-422F-4E21-8C69-A8D95D8D7C0A}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B8A59136-2D8E-4DE4-9241-DDD40C4E9148}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B8AF563B-ECF0-42BA-90FA-8975C269F225}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B8B6DF3C-477F-4AF1-AC19-55347D515E1B}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B9694810-BEE5-4EDB-9D8E-37957B0919CB}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B9B79E1A-EEFA-498C-9771-397E52650B69}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BA57122D-C496-4F77-9CD9-2EC5B05446C2}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BA6B5921-10F5-4F8A-97BC-EE2B82B109E2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BA81E5AC-2465-4A25-9A59-4B6D64475087}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BA93A772-96AC-4BC4-9D62-40030600F2EF}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BAD3A6B9-662C-4614-9BF3-5CA293C17E79}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BADF71CF-0CDA-4249-9639-84D241BAF14D}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BB1C0A9C-0C20-4FBD-95E6-596361404242}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BB853883-B08B-4FF0-8397-7DB153D27CE8}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BB99D2BF-46F0-4D56-8FC2-29B55F7787DB}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BBE2AE66-405E-4491-9BFA-269940E405A5}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BBE5AA22-F19B-49B1-8715-145B91825CBD}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BC83A555-B465-4D29-8CB1-929DC8930AC2}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BCCCFEF3-5BD7-458C-A66F-2A848BA4D13E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BCF5BBFC-032A-4490-B15E-791F27A2581B}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BCF89071-1CEB-484B-9394-1F9B6E393A0B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BD069BDA-BABB-42C0-9E45-B2245C4B95D5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BD3E33B9-CEBD-4BF5-A55C-8062D61E59A0}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BDDB4962-66F9-4164-98F8-3ED44F8F2D3C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BE9B1964-9DFB-44C3-9ECD-8B4744A3AAB4}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BF3F8110-CAEB-49B3-B206-E486D3CD0C7B}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BF4482C2-3263-4F18-A89D-B037102E0F41}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BFE5E831-B5F6-4965-9527-859F78C8C14A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C02083D6-6134-47B0-B62D-F2C76AADFC3A}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C022453C-E1F3-48E1-99C5-1311AFF1E4E5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C0C3278A-1994-4793-A7AF-DADFA77E7520}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C0C3DBEB-6B46-48F2-8441-FE6323DFFDEA}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C1112C85-88B1-4186-B567-CD3578FE8DD8}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C1230AF7-5A81-4B12-BAF2-CB756BC673A2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C14A1671-7D82-40A8-926A-BAFAB26038B9}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C14C24AA-E984-472E-99FC-F95D6840A3D9}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C1CD5932-6DD6-4B72-B9A2-D15A61A72F2B}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C23BFE3A-46EE-4701-884B-869AF1ED23E7}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C26F5AF9-6CB0-4C89-B351-AFE91E6E6FAA}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C29C35D4-BFBF-40A8-925A-0728E4789C89}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C3464C00-3497-472D-8927-EF8C33031E15}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C41F2550-0B64-47FE-9547-863677B6F672}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C4326B14-D5DD-40A7-A661-C4FD43D1C89C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C49FBF0D-C57B-4704-82D6-4CF44A746A6B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C4CFB19B-E8BA-49CD-B69F-A74C29725359}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C52D8BC1-043D-4A22-9C48-6BF2D1E87B18}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C5501156-950F-4B56-95C4-9AAE37D87981}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C55BD2A4-6D19-4AB1-ADB0-E1EF2267BB11}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C5B33E08-E9C0-4B19-AE54-4ABB67291FC2}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C62CF2A7-90D8-4B3F-B005-99809C75F579}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C631959D-098C-4A40-9602-A9E198C37CC8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C674BBE7-3194-4C09-B2BF-9A8264A0D173}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C69D3334-6D11-4AEB-B7EC-45ADA3B630D8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C6DD882D-856E-4E61-A271-6DAB5C8D9FD6}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C6E5C774-2C97-412B-BFC3-C180086F1705}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C76C6BE8-C020-49FE-AE15-E2D388B4E955}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C8057749-493B-4C87-AE2C-1342A2A9D395}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C81CA9A8-AC0B-409F-9696-C9DF7705747E}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C8494717-7CE7-4B90-B2F8-ACE962A7F43F}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C8679A99-5565-4527-B813-D0DBA0F59C9C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C90C2B56-68F0-4B43-AC85-AF9D1307C386}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C9BE45C1-8317-4CB1-B037-F34FEAD0A85C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C9D386F1-8CCD-4E22-93DF-81924D469EBE}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CA25089C-309A-4D4E-A1FB-CD0664BD7BA7}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CAA3027D-E814-41D7-BE23-4E006A367D38}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CAB6B9AE-858D-4B67-BEC3-62357975901C}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CAFD3AD5-2E66-4413-ADFC-E67156520DC4}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CB181E95-E841-4799-A3DF-6DBE932AF4C4}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CB891DE6-88C0-4F7B-8C39-738F369F8249}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CB93E146-31C8-4074-BF8C-AE9EF8780B5E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CBEF61F1-B07F-485B-8756-162A806B157C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CC1D089D-24E5-4323-BD5E-0B2AFB271963}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CC7745DC-40C3-496F-98B9-C3CA4107B7C5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CC7809C9-0D65-46ED-B028-A68E733A95D8}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CC7CDC8C-E52A-4CAC-8C28-D8A03D547992}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CD0051A7-8BFF-4047-9011-17825D8DDAB9}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CD4F2680-40D1-4C22-AF2B-F8F323B3CB4B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CD9962BF-9A36-44EA-B4B3-7FB626C7B9BA}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CE0D3CB6-CA9F-4BE7-8626-1CBC7FCA6FA1}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CE0F0CA1-220A-405D-A2AD-C89C83316D0B}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CE386288-BCCF-4884-93F9-A13F4A4B600D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CE4EAF12-8296-4446-B2E8-654F586E6230}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CED763E9-0E37-4174-B66F-D56EEE8E5A94}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CEE69F66-C836-4706-B0CF-FF28C60E2645}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CF2372AE-853B-41E2-82FE-9A895795E9D1}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CFAD3F05-745A-4E40-82A1-D51B90C472AE}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D0070A5B-EF65-4920-889F-49415D99368D}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D0080466-5F38-425F-80E4-5A30E9CFBB31}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D02BBF9B-9379-4503-BD42-852C18FB60A9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D0591913-DCE6-4C65-B946-FF9D2DE15F72}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D08B0274-E77A-49D1-86E2-C51D2B7CB001}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D09682B8-57F2-4754-9DA6-67B48D27668C}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D09AD5BA-5279-4182-96E5-333DA38CDD38}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D1B7B612-66EC-4417-A2DA-8A4CCE12710D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D1C6F91E-0BFA-4A05-9266-E4645920BFA2}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D1F72B69-93AA-4945-A14D-9CC2DBF2D906}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D20E2119-8511-4D3D-89C5-99A802DC42DA}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D2482FAE-01F1-47F6-A302-1B72EE03FC50}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D263BFD0-D764-49D0-8625-46E90C042A4E}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D29932C5-5CFF-4BCB-A14F-75EF5B6CEC9B}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D2BE8EC9-F416-4CCE-BD29-328C64A3C4C1}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D2F40F37-E254-47DF-B70D-5B735177A040}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D3010AE2-ED0F-4D59-AC98-7D9A59CC36A9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D3713FBF-12B6-49B7-AEEC-9940E89D9A1E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D38A70E9-0583-4BA0-904A-414727EE50C8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D3BEE952-6C7B-4E84-BE8E-E78E68127C48}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D3CDA4C1-DB80-476A-BC22-354A7F01A386}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D402A3C9-82CD-4690-8C00-B7C6A21F1FEA}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D40D98B5-CD37-48F4-B5F4-11A7DB80DEE6}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D418E946-E0D4-4A3C-8E48-EBA1D49A0C1F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D4347701-8443-46F4-8A70-A60D03DAADCD}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D46F638B-2DDD-4068-9CC9-0D95FEBC42E3}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D4A07F93-D66A-4D24-AC32-FF6D39D040EE}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D5384D54-360C-42D5-8EF5-309E084DBF3D}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D5F6161E-A3DF-416B-BC55-46DD3FA51420}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D5FAD5E8-3833-4BB4-8AA8-DB3FBC27513F}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D668817B-42FA-4280-A00B-C737C325E083}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D6E8232A-E5EA-4663-83A3-42E2CA75B35E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D6F47157-115E-4BF2-B905-AE0992306EC4}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D70DF7C5-8DB7-4971-B689-CE163F6B53D1}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D76C0728-8308-44E5-8ABE-272F4251ABDD}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D78F23CA-7588-4B68-AF1E-C182FAF08380}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D7AE6FF5-4802-45DB-97D1-02BAFA93BB1F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D7B52CC6-1A1F-41B9-9628-E38DE831735C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D7F69073-27AB-4423-A372-C534D1B22EB5}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D8455E27-A773-4047-B8E3-0810AC7F86E1}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D8660492-A18F-48EB-A425-FD9303D917E7}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D89C4407-64D6-4CE9-939C-6CB36BB5C63F}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D8E23417-E09D-40F5-8695-70218D2969A1}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D8F2433C-688F-4A2D-B024-6EB260B9CE48}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D967EEC1-1995-4E98-B6BC-DE50D31ADAD1}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D9727A2E-5BC5-48F4-836A-2AC63DE9A53A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D9A94EB6-815D-40FD-AD38-48E31FF74FFD}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DA10B4AE-421C-4099-8294-8CE8EDBFF5A9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DA338A2B-3500-4B90-88F3-B3583FED99A6}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DA37B383-9360-4440-8D63-88FBBFC50EE2}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DA6EC4A6-0F90-4102-9A31-4976A80A2FD9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DAFD6BCE-3A98-4D70-B429-EBA5FF08145F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DB93D01F-932F-4BDB-89A6-BC8C9D2C1273}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DC143ACD-0D37-451F-AFD9-37E11FFB36F6}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DC27DD9A-4779-4D11-87C9-D9803891B03C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DC65B7F6-3EFB-417C-884D-B9E0F8F09BCA}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DC75168D-E4CA-4B12-9CAF-CCBCBF7747AF}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DC986D4F-131C-49B0-831F-4CF295EFF03B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DCDB4CC1-F811-460B-9919-DB0B23790389}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DD3B9541-7681-4AD3-9DB7-DDC3E1DA80C7}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DD683969-6299-4CD6-802D-541A6B306508}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DD688D3D-8A83-478D-9D84-3C7DD3784D61}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DE550B2E-9DBE-4930-905F-F40B4F3BD2DD}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DE675CB1-4E10-4EE5-AF38-46F2823A3595}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DE95D94D-470F-496B-A25A-3E5B8C2022F8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DF4F7649-0671-47FB-AE78-2C1A20ADA92A}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DF629DB4-BE92-4B38-B195-056ED92F5494}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DFA776B9-594C-42FF-BB22-F5E976D47A0F}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{E007BA04-5E86-484F-864A-086A34BEA4BD}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{E009F5F8-9A1F-4502-B3B3-5FC7585A999C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{E0592056-5ECF-4090-B980-DD2E3B1C396E}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{E13F958E-B72C-45A4-A2C2-6F8CC5F44CCD}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{E159C6CD-8128-4BC3-AA78-3DD5B9F74790}.exe -> Trojan.Puper.bx : Clean
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 1:01:00 PM, 8/27/2006
+ Report-Checksum: AF1EA23F
+ Scan result:
HKLM\SOFTWARE\Classes\Media-Codec.Chl -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\Media-Codec.Chl\CLSID -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj\CLSID -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj\CurVer -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj.1 -> Adware.CoolWebSearch : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\cam.VAN\Cookies\cam@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP841\A1870675.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP845\A1876741.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP850\A1877882.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP850\A1877892.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880949.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880952.exe -> Downloader.Agent.uj : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880955.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880956.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880957.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880958.exe -> Downloader.Agent.uj : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880960.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880963.exe -> Trojan.Small.gq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880964.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880965.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880966.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880967.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880968.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880969.exe -> Trojan.Small.gq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880970.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880971.exe -> Trojan.Puper.bx : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880972.exe -> Downloader.Agent.uj : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880973.exe -> Trojan.Small.gq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880974.exe -> Adware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP853\A1880975.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\yazfj.exe -> Trojan.DNSChanger.ef : Cleaned with backup
C:\WINDOWS\SYSTEM32\{018E735E-52FE-457D-B732-5C7784CF8962}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{12C26808-CDB2-4273-9FD8-5AEB4493AE2E}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{1C6524D8-231C-47D0-B36C-FCCB93EAD282}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{1F6808BB-8B70-401B-BBDC-9256A7905272}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{39ABAADB-7714-4A96-846E-A6BB6FFAEE80}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{39BC2CE8-38B1-469D-B810-29C2ACD3FE35}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{39DBE0DF-82B9-42DB-A1EB-0D91B1028288}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{3C56AD23-8067-4D81-A59D-83E764B111F0}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{3EB28F59-7168-4624-AC1D-978299C9E689}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{3EFF3B1E-A27D-4A04-94A7-DA3C962645D8}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{42997659-970D-4462-B034-8F6239FA8A57}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{4BD10F2A-1BBB-4683-8D86-422359A411E5}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{52928881-7A67-48A2-BD8C-4E2E52BB66F1}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{53EF551A-E6A3-4A6B-8A60-615132E2F91F}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{54641394-6960-4185-A460-F3F253973202}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{5C148BDB-357D-43DE-A01D-BFA0A10A236E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{5F1F3529-AD2C-4C4F-9F7F-FC3268EE70C2}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{628E7E5C-7BF4-40D4-8A0E-90595C1F3AED}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6786AF22-BA3A-4A7E-88EF-E1C485EAF705}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6842F2AA-4550-4B6F-BB98-8085150ECB52}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{68553E5E-A7A1-412D-BFDC-0FC64DC48B16}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{68798E7D-0B90-4853-949D-AD59B892017E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{687CF64B-74AF-4D35-8E76-5CF2D2868C87}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{68B6AA09-73CE-405E-B76C-29AE06D4E1E5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{68CDCBEA-ABDE-4C64-9823-B8C17C082FE4}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6915C9E9-785B-420F-919B-409A96041D4F}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6936BFCD-64DE-41C3-A586-B1F92CB3B63A}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{69A820EC-A526-442B-9769-4E8853104C83}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{69F3322F-9B0B-4B30-95A8-D46A0D1C7461}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6A06B334-A8C5-4ED5-ACF0-D6C68F14B166}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6A2E5CA4-C3E2-4692-9FF6-84A2728D5E83}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6A32A253-4B83-44E8-8F18-FE7260269DCF}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6B0E2885-B06B-4938-8AA9-B8776093050C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6B23D082-E7C0-449A-85DA-CCA591833FF7}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6B3D575A-3006-4DE5-B70F-10E28CD96A2E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6BC931D0-2487-4BDF-A99B-8317B0917539}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6C1774E3-784D-4E85-9535-E474E263D70C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6CA28158-A7DE-400C-BF9A-FF7BF74DAFFA}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6CA336CE-278C-4F56-B9FC-BD30C9608318}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6D176248-FD09-4284-A69A-5C5CB4A2CCD2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6D6D697B-020C-4949-A1D3-23C0532677BE}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6DB21FCE-C4A7-4BA8-80CB-C2F8BA5815FF}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6E420800-BE20-4285-8E2D-A596381C765A}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6E96C793-96EF-41F6-8E84-3C9284A5A19C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6EDD1063-D087-405D-8E43-90FC88C00522}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6F0E01D7-BC91-4C0D-B838-8BC631E469D8}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6F3A4106-E017-41FC-A4FB-4BCBF8AA1A0A}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6F492CDD-E702-4E54-8AEE-112AFFEBA3AC}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6F7CC322-F0C0-485B-B8C8-C7A24DD6DDCE}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6F975467-E568-43E1-8B7A-94BC54ECEC1B}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{6FBC52AF-5ACC-43F1-87ED-37ED4CA8E0AD}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{704821CE-6DAC-46DB-B99E-56235E52D5E3}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{70E92700-B7EC-4AC0-9F01-CD00CAF50A6B}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{710B7EFE-1046-4630-9A87-6FEEBE4FA06B}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{711E7389-27D6-44B7-B373-77803556461B}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7163BB24-2993-434E-A0FF-A8AD5C2725C4}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{71C49628-931B-4194-8726-7946C01E76F3}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{71F9444F-8DE2-468F-BE7A-B2F9FDD65C56}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{722B4509-1B76-4905-9EC5-2579FD6A2E4D}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7231E33F-96E3-4A84-9F7E-E85708699689}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{726AA803-00FB-4B7D-89FD-44CB737E590D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{72CAE1F0-FB6A-49B6-9910-201446B6E6FF}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{72F26744-E711-4965-85E2-EE852CA2CC08}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{734258C6-7A02-40A0-ADE7-EA54A845091D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{73E864D8-7E89-435A-BE5C-3D81E166441F}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{74004A8C-365C-4FC6-AD35-CB6184102B4A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{743C8A7D-932A-47A3-8D98-458044BF0E83}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{747FA1F0-6331-4C3D-AE49-A4A3060D94C8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{749B2F63-2AA5-46FE-93BA-728DF76AB594}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{74A3E6E1-F165-4196-AFB0-01B378E60B98}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{74AD242F-3923-4D1E-9A84-8DCF0AA0EEEE}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{74CA5CF8-30EA-4C3A-9191-D504BC1FF57F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{74EFCC07-B5DF-41EC-8CF7-0C7C6CB116E4}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{759B5017-9CFA-4A49-BBAB-4CDB7CC91F02}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{75A2CF45-81E0-4564-886D-440AE292CF2E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{767353F3-9E68-475D-981A-BEF384600EBF}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{76B0FF73-DAFE-45FE-83EB-CD93E94A6F51}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{76ECFEF7-2432-4703-B867-BF259B8F5651}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{772FBC52-5DD0-483A-9B87-F459EF696686}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{77627312-D436-4CA5-9BA3-3514EA9E3953}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{77915AF2-F38E-491D-98A9-6D217F9DB263}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{77F25245-77F4-4F1E-A5C3-A9DD6F5CE9DC}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{78053A23-C579-4E5E-99DC-54C3FE279703}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{78260F31-480D-44FC-9FCC-BFB83DF59BD3}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{797C22D2-60A7-4409-ABBA-7D2E4A1A1427}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{79A48E4B-C9D0-4A77-BF88-3087FC09D024}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{79C15EAA-3E0B-44F5-905C-323BE390A6BA}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{79D62BB4-BD8D-4C26-80A2-1AE79D643F68}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7A7076D6-7059-4409-A259-34E58358BCA5}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7A7279E6-BF4E-40D0-85B4-9146679543A5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7AD68FE8-00F1-48C1-8DF5-91E774F0439F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7B0FC25F-1585-45B6-B03A-C8E6EB162EC1}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7B17966C-ABB7-4DD2-96F8-0A2D9453E6C7}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7B66E10F-0A64-4A31-8D98-1E5EE90F6613}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7B6B0143-2CE2-472C-B29A-CE84FF705805}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7BBD5701-FD38-4D7A-9B93-95909CAC801F}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7C7F79BB-26AB-449A-93F9-A9A74A4EF453}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7CE481CB-5EB3-41AF-9A31-E115770419BF}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7D667CB1-E5CE-4E68-865E-B2C6426B0A5D}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7DB02F7B-E5AA-42DB-A633-9060177610B6}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7DBAEC20-C043-4DDF-87F9-704602AC677A}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7E20A594-10FA-463D-8C76-7B17A9AD479B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7EAED3E9-CD51-49FA-9460-220A1F9B689E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7F328BFB-E8E5-4EF8-BAB3-5D70D02C869D}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{7FCC02F1-3CA5-4C90-B480-5B2E4F8E5C20}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8020A388-92F4-4260-B58F-A788E8921790}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8043FCE1-91DB-4B63-8BCA-A61452E51DD9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{80478D94-325E-4935-9DD5-E9A156D4E277}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{80B74489-6F6A-4015-967F-B801358EAA38}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{80B7EFCA-B40A-4D93-A347-887F97A2BF12}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{81CFC8C7-B02F-407F-A69F-568E6DFF2740}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{82152951-C177-4B37-9B70-EE20A852F344}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{821A9261-F431-46C4-9F05-31FA22CA30D1}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{82223ED5-B1CD-4A0E-92B9-7F5AF6219957}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{825148D2-D896-4171-8C86-B9F1BFDD0345}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{827765A0-87A3-48B2-BF15-8DA1EBF6282A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{828FC4B3-1475-4BE6-BC39-0CA56E7DB30B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{82BC0F9A-C7D3-49DA-AC1F-DC94DBD4610F}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{82F770BC-B61C-440B-9E40-5A11CE644A56}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{83425D44-5868-4F6B-9C26-329FEBB210CD}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8360114B-1325-448C-A210-B61C1C1347E2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8372CD08-B634-495C-9FBD-77BCE4ED3916}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{837E7E6F-EE25-4872-9534-046F95AE41B6}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{839DB9ED-BA0D-4766-BB26-B4F3DC6FEB5D}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{83E16694-C6F3-4B7D-84F9-3CC21DE74C80}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{843E8F2C-F061-47C8-A96D-14F71CA1139C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{84900C4D-029F-4581-8E63-A941BEFDB14E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8496DB08-B601-479B-BC03-01EAF6222679}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{84ECA3ED-A733-4A92-8712-110376C11F3F}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{84F4C2B1-3656-4A01-B6B1-D7673DA85D61}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{85D7C1DB-18D3-4E1E-9387-B58AD24640A5}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{85DF2EF4-1704-4703-A52F-0E224D0D4BC5}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{868D1329-23DD-4625-BEB4-4C3472A5409D}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{86EB26E0-F613-417C-B2A4-83FA448A7320}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{86EFCC84-3A39-4D49-94C3-5DF8CE7E6B3C}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{87062ACC-024C-4F98-BD79-A11B933F4478}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{87164A75-3E70-42DC-8F4B-7AE453C0D300}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{878B0272-A8D8-4296-9671-4C1AF933E72D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{87B16D19-103C-43A1-976E-ACBBDBCCA931}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{87EBE8E1-B55F-44E7-B223-7645FC69CEB0}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8878DC10-3DC1-420B-B06E-BE22FABE23D2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{88B8DCD8-16A0-4C1F-8BDA-DC26141DE66E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{896FBCCC-9DF4-49B7-807E-310C2AC3D4BC}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{899F759A-EF76-4D93-9984-07329490D937}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{89BDDB2B-B5D1-4EAB-ABC7-1A5E03296EBF}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{89FD712B-0A6F-462B-AA55-74F87EE7DE52}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8A175EB8-A48C-4011-9A15-401F4C4D75B7}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8A40CE3B-5CD1-45F9-90B2-CB7C6DBC5940}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8A440582-AC6B-4722-9019-E8B736E67049}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8A516002-864E-43F6-A1D6-BEAAD7D86A53}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8A82C5E9-F418-41D9-B241-B354907C0630}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8B11DA19-D355-475A-90C2-9DCE54BF18A8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8BEAC8B1-5DF4-43A2-BE91-1CCE5B37BC35}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8C0478AA-5AF1-4DD7-A1DF-E9CA372DE5B5}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8C0CB7C8-69F4-47CB-A04D-F8969B418BAC}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8CA50352-02CD-4A61-BEF8-9EFE91E694EF}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8CAFFCC1-E952-4226-9C05-A093D071BDA4}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8CEC78FA-7104-4B95-9C1F-F55C74D742D9}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8D162BF6-E260-4FE0-97DB-80C0F6D6E2C2}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8D4E625D-269A-4587-8160-52B491AE950E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8DCE8782-F012-4DC0-8A84-E6F693E59AFD}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8DF7F9F3-6A0B-4668-8780-3D7D659A61C8}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8E727A47-BECE-49C9-8E15-BF3DF25526E8}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8EFCB7A5-6604-4BE1-AF88-CF4674510AF8}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8F2991E4-3B97-40C8-B198-4C6A9301B7C7}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8F44669B-1CDB-4FC7-8BF6-D8AECB8D24CC}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8F834FC8-C818-40CF-87A5-50A6E93A12F9}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{8FD16615-9B5F-4D41-A72C-84BA46A65DB8}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{901FADFA-5A12-467A-A502-2E5EFB500E31}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{90243A7C-E6FA-4FBD-9786-D26F1B405A52}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{904D8314-74A2-4216-BC94-68ACBA054EDD}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9078834E-F939-4F14-BC20-0F206F1BFC1A}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{907C2347-DC9F-487B-819F-3D0E8137CCFD}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{907DCCEC-8644-403B-B818-6EF2CF029E0D}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{91516F77-36E7-4EEF-B8FD-A47BD2812E1E}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{92302EA0-8820-4D35-829A-3456DB0C6807}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{93018CBD-C5A0-469B-9E0A-BE7A408494D7}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9320A51C-3F77-45CF-A3DB-2CD219F3419E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{93218CF6-B776-47AF-85CB-8753DABC0071}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9358FD55-2D08-441D-99FB-458D4C1C5F7D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{93964CF8-4D65-440A-91D6-49C99EC04B11}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{93E5DF4C-DA47-4A55-8168-682EAA2F22D7}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{93E8F88B-4382-42B0-979B-23FDF9DD8A8A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{943A84EE-7A0B-4E2E-BC2C-22E02DD95361}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9461755F-0B0E-4395-823D-795818C46787}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9467F031-6A9E-4148-A57E-C2BC59711C8E}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{95341F39-0432-4A8E-900E-833BCB5C05D9}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{957FD45C-4927-4284-BFCC-0577A2A5D862}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{95CF6F3B-8A0D-4638-824A-05458C00C0EE}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{95F8047D-A66A-43F5-A9B5-5F9BC96A82B6}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{96148E24-3453-4290-8157-A0D025AA6877}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{967594EE-29AF-4457-911B-CFEF648F9B00}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{96A887A9-BEDA-4D95-9D39-6245CBE4E68B}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{96E0F380-31E9-41B3-8C0E-103F3D8B9F60}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{978307F8-DBC6-4FE6-B913-E3BB84F694E4}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{97C27BE4-15B0-4E76-AB33-66D1E0B79AC0}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{97E0C2E7-874A-43D2-9C0B-AC5FFBFD986C}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{97E5678B-D5DF-4337-B031-A0A54D6C0E15}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{98352A9F-C3F5-45F0-A9FC-04A5D92105C2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{983E6766-CA09-4684-9930-5270F965CA3F}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{986CE891-B921-4DBA-A5EE-943C0599C208}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9900DA68-1FEC-4B77-9573-BB02A95BB164}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{99072F42-4951-466B-B93E-1C4AC00E869C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{994A40D3-C924-4F7E-9BB8-3B87B480DBE9}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{99F29D2D-AA95-4751-B4F3-1970FE5F7FEB}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9A3BA603-4E45-42AC-961D-E0F7508302E5}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9A4276D3-783E-4047-BF4B-E48C9F1D3487}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9AD66AFC-E306-4991-BEA8-E661A8D218F2}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9B3C630E-9D3D-48F5-BCEC-93E77F3EB416}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9B5B0B13-6BA9-4CC6-9CB5-E335B7575C82}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9C0858F6-5351-46C6-9DB1-C4275D7B9D2D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9C2EE702-927F-41F5-8A65-BCDAA4F925C2}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9C433FF7-373F-4A1F-84C1-CACA2B0CF800}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9CAC8236-F474-4C39-BD6B-EE104FAA8E82}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9CFEFF33-8DBA-44CA-BE2B-0D062E4A3646}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9D374D1C-BE47-49C5-8CDA-561EA0553ABE}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9DB0416E-6B15-4BD7-AD80-9238ED7C4F2C}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9DECC4C0-3B2D-4B83-ABD0-78BC60425D07}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9E2336AC-D061-4379-A015-2EB7B086CB19}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9E9E80F4-F154-4268-8506-59A2A34AA13A}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9EEAF30C-4AED-4CD9-9426-DCF204FA3686}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{9F755576-D308-45CF-A890-604FB63CF46F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A02B0737-570A-408E-9A82-341ADA271379}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A09BA0F0-EAFB-4BBD-956E-C6F106310EBA}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A0F9FAE5-D828-4EA5-AEFF-08E94656FD49}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A119C999-172A-45AF-B73E-6CA195558D55}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A11F99B7-B08F-4995-A1EC-293A07B37BC0}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A14161AF-B2CC-4E6F-A895-2F4DBE100FB5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A17A98D0-468D-48FB-947C-45844897D9F4}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A1C3C351-8D8B-4119-9466-DBD81273DBB5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A232614B-190C-40F9-9C70-B1B73D8C0B8C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A28E6A6D-151F-4314-9DF3-C7B337098566}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A29B5E96-D573-4C86-8A38-8EEA966326A8}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A2BC224B-383D-4DE2-A490-DC8A83B2009E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A31F6E25-EC14-4F28-A027-3604F497CF38}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A3250FAE-BC1C-4647-9AF9-AD699B0E8505}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A32F557E-60CC-43E6-9A5B-11B447F6CF68}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A34D1920-B895-4D17-9B9C-794FF43E1B52}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A41CA795-3E58-4E78-8377-CE501A243E73}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A4A3F1FC-E83F-46C7-88D9-895D566B1517}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A4BE68A1-002D-4A13-8C22-3BBD1CC94F77}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A4E9E46F-330A-4917-9213-A3CD3BF7F833}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A5146131-30EE-416C-8AE3-B0B25E4D4562}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A53A1674-4601-4F94-B2C7-5CD52760E1E2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A556DCBF-B5E0-48EE-BBB0-9EEA451969D9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A56889AD-4677-4CCE-8B29-32EA5FE026CF}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A6169526-5387-4ECE-9E03-404ADCE06165}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A6517837-ED0B-42EC-88EB-528E7C6CC08A}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A68AF866-0B77-471F-9570-D8A562FDA633}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A72D6FA9-F950-4FD0-B222-FB0675343CBF}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A83035C1-C144-4DCB-AFE0-090B6FB26881}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A83BA616-B7EA-41F9-9E13-D922BC9E24BD}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A859C38F-B707-48AC-AE42-24C2218BD363}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A86E159D-2D9E-4D10-8351-5DC5C1A57C8F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A8AD5CE3-CF3C-4D8B-8D9A-FE7D31B1F193}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A9244409-0AB1-465A-A33B-55637247DCD4}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{A9441770-D4EF-48DF-9FE3-6C42CF015EB0}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AA2D9DD6-52C9-4526-A77B-938434169462}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AA33AE77-55BA-40B8-8F93-AE48A85BB0C9}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AA5C1619-1B7D-41FF-805A-B4CBD66A0FFB}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AAC1B2E0-C352-418F-AC3F-F5E754C4E965}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AAE2EFF2-E6B0-49D4-8C7B-500B25EF3CD8}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AC10FECD-88B0-4ABB-8D7A-028315F8777D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AC1BE877-A483-4CB7-A8A9-9DCCCA486CFD}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AC359AF7-4522-42C0-A520-8029E6E08BF1}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AC6A0E5C-B865-44FA-AEE5-BEDEAFFDDC07}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AC97ADCB-C9A3-46E3-9DDE-A579465D341C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{ACBDFDCA-D312-4EAB-A446-81AE393D5A46}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{ADEE0043-CE8D-4363-A8CA-E55D0148C662}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AE005C18-35E8-4E32-815E-CA53A29CE902}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AE3D02A7-9252-496C-8617-6870365CF64C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AE9FE68E-DAFD-48A7-9FA4-670615E3A758}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AEDBB070-85E5-40C7-92EB-4F0BC06A3530}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AEFC01E7-9960-49E0-9BD2-A4DD91A9C433}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AF1CD246-B940-471C-9162-67DE194C5160}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AF412EFF-B156-43F7-B190-BEF973A8D290}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{AF829AE3-F2B9-4F93-A34D-0A8AE5B89BA1}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B008B2C6-C2DF-493A-8899-6D4A2A186C04}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B138CBA4-1513-4758-BCA8-A18D2EE38433}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B1B5736E-0783-4F4B-8FDC-309BB2C2EE14}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B23D0E1F-7569-4CC0-A826-17B03AA0CA0D}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B2AD2547-FC41-46F9-B947-611539CDB4EE}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B33CCD49-FFBD-4268-8367-3702A8EA5C2A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B3F2280B-7A93-41A2-9C9C-7951501D8183}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B408AF34-DB83-4553-9DC8-F439012532A8}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B4A3A722-2392-4DB1-BE3B-528F4C97FC31}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B5B986B9-411F-4A83-86E0-F80C391DED07}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B5C956B9-AEA7-4831-A19F-9770ED1DCD45}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B682ACD6-B2A1-415B-A58E-7B8C906813E6}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B684AE2E-388F-4827-819E-E82716ACB1FB}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B6920E01-0E23-4A4F-9235-C31D58EFFEC9}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B6B38303-2E67-402D-AE47-868C60FC7EEE}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B6C525BB-EB3F-49B3-957A-785920506786}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B6CF145A-0C0F-4BE0-940A-1FDBE3E0F398}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B6D4937C-72D5-4FB7-82C0-46E4AC9FEC8C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B75DA7F8-4FF2-4753-A99C-76178D4984F3}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B797D5D7-13BD-400F-AF20-D630F040713C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B7ED5123-57A9-4496-8C2F-2497AB38D52C}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B84C213D-EA1D-4DAA-8CCE-3464298A62EA}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B857A43F-4B7B-43DB-A56D-F4C1468448C9}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B85CF1B3-8B88-4B30-BDE0-FEC4BFC2A6E7}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B863042C-422F-4E21-8C69-A8D95D8D7C0A}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B8A59136-2D8E-4DE4-9241-DDD40C4E9148}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B8AF563B-ECF0-42BA-90FA-8975C269F225}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B8B6DF3C-477F-4AF1-AC19-55347D515E1B}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B9694810-BEE5-4EDB-9D8E-37957B0919CB}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{B9B79E1A-EEFA-498C-9771-397E52650B69}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BA57122D-C496-4F77-9CD9-2EC5B05446C2}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BA6B5921-10F5-4F8A-97BC-EE2B82B109E2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BA81E5AC-2465-4A25-9A59-4B6D64475087}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BA93A772-96AC-4BC4-9D62-40030600F2EF}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BAD3A6B9-662C-4614-9BF3-5CA293C17E79}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BADF71CF-0CDA-4249-9639-84D241BAF14D}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BB1C0A9C-0C20-4FBD-95E6-596361404242}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BB853883-B08B-4FF0-8397-7DB153D27CE8}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BB99D2BF-46F0-4D56-8FC2-29B55F7787DB}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BBE2AE66-405E-4491-9BFA-269940E405A5}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BBE5AA22-F19B-49B1-8715-145B91825CBD}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BC83A555-B465-4D29-8CB1-929DC8930AC2}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BCCCFEF3-5BD7-458C-A66F-2A848BA4D13E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BCF5BBFC-032A-4490-B15E-791F27A2581B}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BCF89071-1CEB-484B-9394-1F9B6E393A0B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BD069BDA-BABB-42C0-9E45-B2245C4B95D5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BD3E33B9-CEBD-4BF5-A55C-8062D61E59A0}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BDDB4962-66F9-4164-98F8-3ED44F8F2D3C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BE9B1964-9DFB-44C3-9ECD-8B4744A3AAB4}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BF3F8110-CAEB-49B3-B206-E486D3CD0C7B}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BF4482C2-3263-4F18-A89D-B037102E0F41}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{BFE5E831-B5F6-4965-9527-859F78C8C14A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C02083D6-6134-47B0-B62D-F2C76AADFC3A}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C022453C-E1F3-48E1-99C5-1311AFF1E4E5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C0C3278A-1994-4793-A7AF-DADFA77E7520}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C0C3DBEB-6B46-48F2-8441-FE6323DFFDEA}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C1112C85-88B1-4186-B567-CD3578FE8DD8}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C1230AF7-5A81-4B12-BAF2-CB756BC673A2}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C14A1671-7D82-40A8-926A-BAFAB26038B9}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C14C24AA-E984-472E-99FC-F95D6840A3D9}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C1CD5932-6DD6-4B72-B9A2-D15A61A72F2B}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C23BFE3A-46EE-4701-884B-869AF1ED23E7}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C26F5AF9-6CB0-4C89-B351-AFE91E6E6FAA}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C29C35D4-BFBF-40A8-925A-0728E4789C89}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C3464C00-3497-472D-8927-EF8C33031E15}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C41F2550-0B64-47FE-9547-863677B6F672}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C4326B14-D5DD-40A7-A661-C4FD43D1C89C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C49FBF0D-C57B-4704-82D6-4CF44A746A6B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C4CFB19B-E8BA-49CD-B69F-A74C29725359}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C52D8BC1-043D-4A22-9C48-6BF2D1E87B18}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C5501156-950F-4B56-95C4-9AAE37D87981}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C55BD2A4-6D19-4AB1-ADB0-E1EF2267BB11}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C5B33E08-E9C0-4B19-AE54-4ABB67291FC2}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C62CF2A7-90D8-4B3F-B005-99809C75F579}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C631959D-098C-4A40-9602-A9E198C37CC8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C674BBE7-3194-4C09-B2BF-9A8264A0D173}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C69D3334-6D11-4AEB-B7EC-45ADA3B630D8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C6DD882D-856E-4E61-A271-6DAB5C8D9FD6}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C6E5C774-2C97-412B-BFC3-C180086F1705}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C76C6BE8-C020-49FE-AE15-E2D388B4E955}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C8057749-493B-4C87-AE2C-1342A2A9D395}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C81CA9A8-AC0B-409F-9696-C9DF7705747E}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C8494717-7CE7-4B90-B2F8-ACE962A7F43F}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C8679A99-5565-4527-B813-D0DBA0F59C9C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C90C2B56-68F0-4B43-AC85-AF9D1307C386}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C9BE45C1-8317-4CB1-B037-F34FEAD0A85C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{C9D386F1-8CCD-4E22-93DF-81924D469EBE}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CA25089C-309A-4D4E-A1FB-CD0664BD7BA7}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CAA3027D-E814-41D7-BE23-4E006A367D38}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CAB6B9AE-858D-4B67-BEC3-62357975901C}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CAFD3AD5-2E66-4413-ADFC-E67156520DC4}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CB181E95-E841-4799-A3DF-6DBE932AF4C4}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CB891DE6-88C0-4F7B-8C39-738F369F8249}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CB93E146-31C8-4074-BF8C-AE9EF8780B5E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CBEF61F1-B07F-485B-8756-162A806B157C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CC1D089D-24E5-4323-BD5E-0B2AFB271963}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CC7745DC-40C3-496F-98B9-C3CA4107B7C5}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CC7809C9-0D65-46ED-B028-A68E733A95D8}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CC7CDC8C-E52A-4CAC-8C28-D8A03D547992}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CD0051A7-8BFF-4047-9011-17825D8DDAB9}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CD4F2680-40D1-4C22-AF2B-F8F323B3CB4B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CD9962BF-9A36-44EA-B4B3-7FB626C7B9BA}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CE0D3CB6-CA9F-4BE7-8626-1CBC7FCA6FA1}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CE0F0CA1-220A-405D-A2AD-C89C83316D0B}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CE386288-BCCF-4884-93F9-A13F4A4B600D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CE4EAF12-8296-4446-B2E8-654F586E6230}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CED763E9-0E37-4174-B66F-D56EEE8E5A94}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CEE69F66-C836-4706-B0CF-FF28C60E2645}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CF2372AE-853B-41E2-82FE-9A895795E9D1}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{CFAD3F05-745A-4E40-82A1-D51B90C472AE}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D0070A5B-EF65-4920-889F-49415D99368D}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D0080466-5F38-425F-80E4-5A30E9CFBB31}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D02BBF9B-9379-4503-BD42-852C18FB60A9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D0591913-DCE6-4C65-B946-FF9D2DE15F72}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D08B0274-E77A-49D1-86E2-C51D2B7CB001}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D09682B8-57F2-4754-9DA6-67B48D27668C}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D09AD5BA-5279-4182-96E5-333DA38CDD38}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D1B7B612-66EC-4417-A2DA-8A4CCE12710D}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D1C6F91E-0BFA-4A05-9266-E4645920BFA2}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D1F72B69-93AA-4945-A14D-9CC2DBF2D906}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D20E2119-8511-4D3D-89C5-99A802DC42DA}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D2482FAE-01F1-47F6-A302-1B72EE03FC50}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D263BFD0-D764-49D0-8625-46E90C042A4E}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D29932C5-5CFF-4BCB-A14F-75EF5B6CEC9B}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D2BE8EC9-F416-4CCE-BD29-328C64A3C4C1}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D2F40F37-E254-47DF-B70D-5B735177A040}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D3010AE2-ED0F-4D59-AC98-7D9A59CC36A9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D3713FBF-12B6-49B7-AEEC-9940E89D9A1E}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D38A70E9-0583-4BA0-904A-414727EE50C8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D3BEE952-6C7B-4E84-BE8E-E78E68127C48}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D3CDA4C1-DB80-476A-BC22-354A7F01A386}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D402A3C9-82CD-4690-8C00-B7C6A21F1FEA}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D40D98B5-CD37-48F4-B5F4-11A7DB80DEE6}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D418E946-E0D4-4A3C-8E48-EBA1D49A0C1F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D4347701-8443-46F4-8A70-A60D03DAADCD}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D46F638B-2DDD-4068-9CC9-0D95FEBC42E3}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D4A07F93-D66A-4D24-AC32-FF6D39D040EE}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D5384D54-360C-42D5-8EF5-309E084DBF3D}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D5F6161E-A3DF-416B-BC55-46DD3FA51420}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D5FAD5E8-3833-4BB4-8AA8-DB3FBC27513F}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D668817B-42FA-4280-A00B-C737C325E083}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D6E8232A-E5EA-4663-83A3-42E2CA75B35E}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D6F47157-115E-4BF2-B905-AE0992306EC4}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D70DF7C5-8DB7-4971-B689-CE163F6B53D1}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D76C0728-8308-44E5-8ABE-272F4251ABDD}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D78F23CA-7588-4B68-AF1E-C182FAF08380}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D7AE6FF5-4802-45DB-97D1-02BAFA93BB1F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D7B52CC6-1A1F-41B9-9628-E38DE831735C}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D7F69073-27AB-4423-A372-C534D1B22EB5}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D8455E27-A773-4047-B8E3-0810AC7F86E1}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D8660492-A18F-48EB-A425-FD9303D917E7}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D89C4407-64D6-4CE9-939C-6CB36BB5C63F}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D8E23417-E09D-40F5-8695-70218D2969A1}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D8F2433C-688F-4A2D-B024-6EB260B9CE48}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D967EEC1-1995-4E98-B6BC-DE50D31ADAD1}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D9727A2E-5BC5-48F4-836A-2AC63DE9A53A}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{D9A94EB6-815D-40FD-AD38-48E31FF74FFD}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DA10B4AE-421C-4099-8294-8CE8EDBFF5A9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DA338A2B-3500-4B90-88F3-B3583FED99A6}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DA37B383-9360-4440-8D63-88FBBFC50EE2}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DA6EC4A6-0F90-4102-9A31-4976A80A2FD9}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DAFD6BCE-3A98-4D70-B429-EBA5FF08145F}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DB93D01F-932F-4BDB-89A6-BC8C9D2C1273}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DC143ACD-0D37-451F-AFD9-37E11FFB36F6}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DC27DD9A-4779-4D11-87C9-D9803891B03C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DC65B7F6-3EFB-417C-884D-B9E0F8F09BCA}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DC75168D-E4CA-4B12-9CAF-CCBCBF7747AF}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DC986D4F-131C-49B0-831F-4CF295EFF03B}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DCDB4CC1-F811-460B-9919-DB0B23790389}.exe -> Adware.FindSpy : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DD3B9541-7681-4AD3-9DB7-DDC3E1DA80C7}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DD683969-6299-4CD6-802D-541A6B306508}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DD688D3D-8A83-478D-9D84-3C7DD3784D61}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DE550B2E-9DBE-4930-905F-F40B4F3BD2DD}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DE675CB1-4E10-4EE5-AF38-46F2823A3595}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DE95D94D-470F-496B-A25A-3E5B8C2022F8}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DF4F7649-0671-47FB-AE78-2C1A20ADA92A}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DF629DB4-BE92-4B38-B195-056ED92F5494}.exe -> Trojan.Small.gq : Cleaned with backup
C:\WINDOWS\SYSTEM32\{DFA776B9-594C-42FF-BB22-F5E976D47A0F}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{E007BA04-5E86-484F-864A-086A34BEA4BD}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{E009F5F8-9A1F-4502-B3B3-5FC7585A999C}.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\SYSTEM32\{E0592056-5ECF-4090-B980-DD2E3B1C396E}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{E13F958E-B72C-45A4-A2C2-6F8CC5F44CCD}.exe -> Trojan.Puper.bx : Cleaned with backup
C:\WINDOWS\SYSTEM32\{E159C6CD-8128-4BC3-AA78-3DD5B9F74790}.exe -> Trojan.Puper.bx : Clean
#23
Posted 27 August 2006 - 01:29 PM
Logfile of HijackThis v1.99.1
Scan saved at 1:16:29 PM, on 8/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WinTask\Bin\SchedSrv.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Backup\hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: WTBho Class - {348FE907-249E-4C65-A838-F34A193FE1D1} - C:\Program Files\WinTask\Bin\TaskBHO.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [WTIndicator] C:\Program Files\WinTask\Bin\SchedInd.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\cameron\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Steam] "c:\mpa2\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1156407549093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{85B9DE2B-71C3-45D2-9A57-3035368C8553}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{92800F17-238B-4085-B07B-6177E9391EE3}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\..\{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: WTScheduler - Unknown owner - C:\Program Files\WinTask\Bin\SchedSrv.exe
Scan saved at 1:16:29 PM, on 8/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WinTask\Bin\SchedSrv.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Backup\hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: WTBho Class - {348FE907-249E-4C65-A838-F34A193FE1D1} - C:\Program Files\WinTask\Bin\TaskBHO.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [WTIndicator] C:\Program Files\WinTask\Bin\SchedInd.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\cameron\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Steam] "c:\mpa2\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1156407549093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{85B9DE2B-71C3-45D2-9A57-3035368C8553}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{92800F17-238B-4085-B07B-6177E9391EE3}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\..\{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: WTScheduler - Unknown owner - C:\Program Files\WinTask\Bin\SchedSrv.exe
#24
Posted 27 August 2006 - 09:10 PM
You will want to print out a copy of these instructions to follow while you complete this procedure, as you will not be able to access the internet later in the fix.
Double-click ATF-Cleaner.exe to run the program.Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
Open HiJack This and scan. When it finishes, put an X in the box next to these following item(s)
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\cameron\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{85B9DE2B-71C3-45D2-9A57-3035368C8553}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{92800F17-238B-4085-B07B-6177E9391EE3}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\..\{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
Close all open windows except for HiJack This and click fix checked.
Reboot your PC.
If you would please, rescan with HijackThis and post a fresh log in this same topic, and let us know how your system's working.
-Ryan
Double-click ATF-Cleaner.exe to run the program.Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
Open HiJack This and scan. When it finishes, put an X in the box next to these following item(s)
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\cameron\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{85B9DE2B-71C3-45D2-9A57-3035368C8553}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{92800F17-238B-4085-B07B-6177E9391EE3}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\..\{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
Close all open windows except for HiJack This and click fix checked.
Reboot your PC.
If you would please, rescan with HijackThis and post a fresh log in this same topic, and let us know how your system's working.
-Ryan
#25
Posted 29 August 2006 - 06:21 PM
Heres the HiJackThis Scan....and its not running that much better..pretty much the same
Logfile of HijackThis v1.99.1
Scan saved at 6:44:15 PM, on 8/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\taskmgr.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WinTask\Bin\SchedSrv.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Backup\hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\mcafee.com\agent\mcupdate.exe
C:\WINDOWS\system32\wuauclt.exe
c:\program files\mcafee.com\vso\mcvsmap.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: WTBho Class - {348FE907-249E-4C65-A838-F34A193FE1D1} - C:\Program Files\WinTask\Bin\TaskBHO.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [WTIndicator] C:\Program Files\WinTask\Bin\SchedInd.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\cameron\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Steam] "c:\mpa2\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1156407549093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: WTScheduler - Unknown owner - C:\Program Files\WinTask\Bin\SchedSrv.exe
Logfile of HijackThis v1.99.1
Scan saved at 6:44:15 PM, on 8/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\taskmgr.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WinTask\Bin\SchedSrv.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Backup\hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\mcafee.com\agent\mcupdate.exe
C:\WINDOWS\system32\wuauclt.exe
c:\program files\mcafee.com\vso\mcvsmap.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: WTBho Class - {348FE907-249E-4C65-A838-F34A193FE1D1} - C:\Program Files\WinTask\Bin\TaskBHO.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [WTIndicator] C:\Program Files\WinTask\Bin\SchedInd.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\cameron\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Steam] "c:\mpa2\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1156407549093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: WTScheduler - Unknown owner - C:\Program Files\WinTask\Bin\SchedSrv.exe
Edited by Jessivea, 29 August 2006 - 06:47 PM.
#26
Posted 29 August 2006 - 07:12 PM
Please go HERE to run Panda's ActiveScan. You will need to use Internet Explorer to run it.
-Ryan
- Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
- When download is complete, click on My Computer to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
-Ryan
#27
Posted 08 September 2006 - 10:03 PM
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users