Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

No Desktop @ all, and Can't right click or bring up Task Manager [

Started by ksanmamaril , Oct 13 2007 03:51 AM

  • This topic is locked This topic is locked

#46
ksanmamaril
Posted 12 November 2007 - 07:10 PM

ksanmamaril

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Here are the Logs:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:07:11 PM, on 11/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\fixthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/itunes/download/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {D023390D-0F52-4437-B2FF-58561E3368A5} - C:\WINDOWS\system32\ksqsoelb.dll (file missing)
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://titanium.full...cweb/awswax.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com...ageUploader.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures06.ai...AIM.9.5.1.8.cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.ritea...PhotoOnline.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart...ploadClient.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://mainstreet.f...perSetupSP1.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Remote Procedure Call (RPC) Se (RPCSEO) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) - http://www.google.com/
O24 - Desktop Component 1: MySpace - http://www.myspace.com/

--
End of file - 9674 bytes

==========================================

here is the Drweb.csv

djqfhsn.dll;c:\windows\system32;Trojan.PWS.Tanspy.775;Deleted.;
coohlwms.sys;c:\windows\system32\drivers;Trojan.Sentinel;Deleted.;
djqfhsn.dll;C:\!KillBox;Trojan.PWS.Tanspy.775;Deleted.;
fbiugbyy.dll;C:\!KillBox;Adware.Crew;;
natimxl.dll;C:\!KillBox;Trojan.Virtumod;Deleted.;
rjlgcxcg.dll;C:\!KillBox;Trojan.Click.4739;Deleted.;
vcbyourp.dll;C:\!KillBox;Trojan.Virtumod;Deleted.;
BFU.exe;C:\BFU;Probably BACKDOOR.Trojan;;
setup.exe;C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp;Probably BACKDOOR.Trojan;;
inst.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.1;Probably BACKDOOR.Trojan;;
BFU.exe;C:\Documents and Settings\Kent\Desktop\bfu;Probably BACKDOOR.Trojan;;
KillWind.exe;C:\hp\bin;Tool.ProcessKill;;
aolsetup.exe;C:\Program Files\AIM6\services\softwareUpdate\ver2_13_13_7;Probably BACKDOOR.Trojan;;
setup.exe;C:\Program Files\AOL\Installers\ASP 2.0;Probably BACKDOOR.Trojan;;
setup.exe;C:\Program Files\Common Files\AOL\Backup\ACS\Current\Suite;Probably BACKDOOR.Trojan;;
backup-20071029-204534-560.dll;C:\Program Files\Trend Micro\HijackThis\backups;Trojan.PWS.Tanspy.775;Deleted.;
A0053565.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP145;Trojan.Virtumod;Deleted.;
A0053638.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP146;Trojan.Virtumod;Deleted.;
A0053709.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP146;Trojan.Virtumod;Deleted.;
A0053720.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP146;Trojan.Virtumod;Deleted.;
A0053739.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP146;Trojan.Virtumod;Deleted.;
A0053786.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP147;Trojan.Virtumod;Deleted.;
A0053823.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP147;Trojan.Virtumod;Deleted.;
A0053848.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP148;Trojan.Virtumod;Deleted.;
A0053875.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP148;Trojan.Virtumod;Deleted.;
A0053886.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP148;Trojan.Virtumod;Deleted.;
A0053897.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP148;Trojan.Virtumod;Deleted.;
A0053908.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP148;Trojan.Virtumod;Deleted.;
A0053938.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP148;Trojan.Virtumod;Deleted.;
A0053964.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP148;Trojan.Virtumod;Deleted.;
A0053980.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP148;Trojan.Virtumod;Deleted.;
A0054067.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP150;Trojan.Virtumod;Deleted.;
A0054120.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054121.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054142.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054153.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054164.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054204.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054215.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054226.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054237.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054248.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054295.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054296.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0054328.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0055328.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP151;Trojan.Virtumod;Deleted.;
A0055395.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP152;Trojan.Virtumod;Deleted.;
A0055406.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP152;Trojan.Virtumod;Deleted.;
A0055471.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP153;Trojan.Virtumod;Deleted.;
A0055472.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP153;Trojan.Virtumod;Deleted.;
A0062606.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP154;Trojan.Virtumod;Deleted.;
A0062607.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP154;Trojan.EzulaAd;Deleted.;
A0062616.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP154;Trojan.EzulaAd;Deleted.;
A0063629.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP155;Trojan.Click.4739;Deleted.;
A0066695.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP156;Trojan.Click.4739;Deleted.;
A0066726.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP157;Trojan.Click.4739;Deleted.;
A0066800.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP158;Trojan.Virtumod;Deleted.;
A0066825.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP158;Trojan.Click.4739;Deleted.;
A0066836.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP158;Trojan.Click.4739;Deleted.;
A0066867.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP158;Trojan.Click.4739;Deleted.;
A0067893.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.Click.4739;Deleted.;
A0067894.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.EzulaAd;Deleted.;
A0067898.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.Click.4739;Deleted.;
A0067899.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.EzulaAd;Deleted.;
A0067902.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.Click.4739;Deleted.;
A0067903.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.EzulaAd;Deleted.;
A0067906.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.EzulaAd;Deleted.;
A0067912.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.EzulaAd;Deleted.;
A0067916.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.EzulaAd;Deleted.;
A0067918.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.Click.4739;Deleted.;
A0067919.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.EzulaAd;Deleted.;
A0067966.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.Click.4739;Deleted.;
A0067978.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP159;Trojan.Click.4739;Deleted.;
A0068049.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP160;Trojan.Virtumod;Deleted.;
A0068076.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP160;Trojan.Click.4739;Deleted.;
A0068094.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP160;Trojan.Click.4739;Deleted.;
A0068108.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP160;Trojan.Click.4739;Deleted.;
A0068129.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP160;Trojan.Click.4739;Deleted.;
A0069129.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP160;Trojan.Click.4739;Deleted.;
A0069144.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.Click.4739;Deleted.;
A0069145.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.EzulaAd;Deleted.;
A0069152.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.EzulaAd;Deleted.;
A0069156.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.EzulaAd;Deleted.;
A0069159.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.Click.4739;Deleted.;
A0069160.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.EzulaAd;Deleted.;
A0069170.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.EzulaAd;Deleted.;
A0069173.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.EzulaAd;Deleted.;
A0069177.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.Click.4739;Deleted.;
A0069178.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.EzulaAd;Deleted.;
A0069181.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.EzulaAd;Deleted.;
A0069201.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP161;Trojan.Virtumod;Deleted.;
A0069512.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP163;Trojan.Click.4739;Deleted.;
A0069891.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP167;Trojan.Click.4739;Deleted.;
A0074897.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP172;Trojan.Sentinel;Deleted.;
A0074898.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP172;Trojan.Click.4739;Deleted.;
A0074899.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP172;Trojan.Sentinel;Deleted.;
A0074900.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP172;Trojan.Sentinel;Incurable.Moved.;
A0075897.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP172;Trojan.Sentinel;Deleted.;
A0075898.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP172;Trojan.Sentinel;Incurable.Moved.;
A0075899.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP172;Trojan.Click.4739;Deleted.;
A0075918.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173;Trojan.Sentinel;Deleted.;
A0075920.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173;Trojan.Click.4739;Deleted.;
A0075921.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173;Trojan.EzulaAd;Deleted.;
A0076072.dll\data001;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173\A0076072.dll;Trojan.Sentinel;;
A0076072.dll\data002;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173\A0076072.dll;Trojan.NtRootKit.394;;
A0076072.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173;Archive contains infected objects;Moved.;
A0076073.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173;Trojan.EzulaAd;Deleted.;
A0076476.dll\data001;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173\A0076476.dll;Trojan.Sentinel;;
A0076476.dll\data002;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173\A0076476.dll;Trojan.NtRootKit.394;;
A0076476.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173;Archive contains infected objects;Moved.;
A0076493.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173;Adware.Crew;;
A0076503.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173;Trojan.EzulaAd;Deleted.;
A0076633.sys;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP173;Trojan.NtRootKit.394;Deleted.;
A0077119.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP174;Trojan.Sentinel;Deleted.;
A0077120.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP174;Trojan.Click.4739;Deleted.;
A0077160.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP174;Trojan.Sentinel;Incurable.Moved.;
A0077167.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP174;Trojan.Sentinel;Deleted.;
A0077168.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP174;Trojan.Sentinel;Incurable.Moved.;
A0077169.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP174;Trojan.Click.4739;Deleted.;
A0077170.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP174;Trojan.Sentinel;Deleted.;
A0077171.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP174;Trojan.Sentinel;Incurable.Moved.;
A0077172.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP174;Trojan.Click.4739;Deleted.;
A0077216.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP175;Trojan.Click.4739;Deleted.;
A0077217.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP175;Trojan.Click.4739;Deleted.;
A0078230.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP176;Trojan.Click.4739;Deleted.;
A0078231.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP176;Trojan.EzulaAd;Deleted.;
A0078245.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP176;Adware.Crew;;
A0078246.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP176;Trojan.EzulaAd;Deleted.;
A0079267.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP177;Trojan.Click.4739;Deleted.;
A0079268.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP177;Trojan.EzulaAd;Deleted.;
A0079282.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP177;Adware.Crew;;
A0079283.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP177;Trojan.EzulaAd;Deleted.;
A0080307.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP178;Trojan.Click.4739;Deleted.;
A0080308.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP178;Trojan.EzulaAd;Deleted.;
A0080322.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP178;Adware.Crew;;
A0080323.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP178;Trojan.EzulaAd;Deleted.;
A0080351.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP180;Trojan.Click.4739;Deleted.;
A0080352.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP180;Trojan.EzulaAd;Deleted.;
A0080366.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP180;Adware.Crew;;
A0080367.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP180;Trojan.EzulaAd;Deleted.;
A0083567.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP181;Trojan.Click.4739;Deleted.;
A0083568.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP181;Trojan.Click.4739;Deleted.;
A0083569.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP181;Trojan.Click.4739;Deleted.;
A0083570.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP181;Trojan.Click.4739;Deleted.;
A0084586.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084587.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0084588.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084590.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084613.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084615.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084622.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084623.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084628.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084629.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084651.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084675.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084676.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084688.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084692.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0084693.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084695.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084735.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084736.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084775.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084776.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084789.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084790.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0084875.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0084877.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0088467.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088469.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Juan;Deleted.;
A0088471.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088472.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088475.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088477.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088480.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088482.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088483.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088484.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088485.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088487.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088488.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088490.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088491.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088492.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088495.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088496.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088497.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088500.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0088502.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088504.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088505.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088507.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088508.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088513.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088515.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088516.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088517.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088518.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088519.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088522.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088523.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088524.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088525.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088526.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088528.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088529.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088531.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088532.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088533.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088534.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088536.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Juan;Deleted.;
A0088540.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088541.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0088542.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088544.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088545.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088549.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088553.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088554.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.TopSearch;;
A0088555.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088558.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088560.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Juan;Deleted.;
A0088561.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088563.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod.214;Deleted.;
A0088564.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Juan;Deleted.;
A0088565.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088567.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088571.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088572.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0088574.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088576.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088577.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088579.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088581.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088582.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0088584.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088588.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088590.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088591.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088592.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088593.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088595.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088597.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0088599.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0088600.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088601.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088602.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.TopSearch;;
A0088604.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088606.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088608.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088610.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.TopSearch;;
A0088611.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088612.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088615.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088616.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088617.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088622.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088623.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088624.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088625.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088626.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088630.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0088631.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088632.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088634.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088637.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088638.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088640.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088641.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088644.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088649.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088651.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088654.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.TopSearch;;
A0088656.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088658.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088663.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088664.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088667.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088668.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088669.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Juan;Deleted.;
A0088670.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088671.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088672.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088676.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088678.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088679.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088680.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088681.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088686.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.TopSearch;;
A0088687.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088689.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088691.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088692.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088699.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088700.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088701.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088702.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088703.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088704.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088705.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088706.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088707.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088709.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088710.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088712.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088718.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088722.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088725.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088728.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088729.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088730.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088734.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088737.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088738.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Juan;Deleted.;
A0088740.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088742.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088743.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088744.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088748.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088750.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088751.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088752.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088755.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088756.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088757.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088759.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088760.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088761.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088763.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088765.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088767.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0088768.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088769.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088772.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088774.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088775.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088776.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088778.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088779.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088780.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088781.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088783.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088785.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088787.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088788.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088789.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088791.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088792.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088793.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088797.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088798.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0088800.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088804.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088806.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088813.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088814.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088815.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.TopSearch;;
A0088817.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088820.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088822.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088823.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088825.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088827.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0088828.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;BackDoor.Iterator;Deleted.;
A0088829.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088830.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088835.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088838.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088842.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088843.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088846.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088847.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088848.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088850.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0088852.dll;C:\System Volume Information\_restore{8F7A50
  • 0

Advertisements

#47
ksanmamaril
Posted 12 November 2007 - 07:12 PM

ksanmamaril

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
and here is the 2nd part to the Drweb.csv


A0091081.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091083.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091084.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091085.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091086.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091087.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091090.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091091.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091093.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091096.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091097.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091099.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091101.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091102.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091106.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091107.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091110.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091111.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091113.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091115.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091118.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091120.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091122.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091125.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091126.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091130.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091131.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091133.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091136.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091137.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091139.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091141.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091144.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091145.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091147.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091150.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091151.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091154.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091155.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091158.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091162.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091163.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091166.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091167.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091170.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091171.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091175.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091176.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091178.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091180.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091181.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091182.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091184.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091186.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091189.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091190.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091193.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091194.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091196.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091198.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091200.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091201.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091202.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091203.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091206.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091209.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091210.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091214.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091215.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091216.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Adware.Crew;;
A0091217.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091220.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091221.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091224.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091225.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091227.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091228.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091230.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091232.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091233.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091234.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091236.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091237.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091240.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091241.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091243.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091244.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091247.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091248.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091250.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091251.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091252.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091254.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0091255.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0091258.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0095163.exe;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.EzulaAd;Deleted.;
A0096271.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.PWS.Tanspy.775;Deleted.;
A0096272.sys;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Sentinel;Deleted.;
A0096273.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.PWS.Tanspy.775;Deleted.;
A0096274.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0096275.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Click.4739;Deleted.;
A0096276.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.Virtumod;Deleted.;
A0096277.dll;C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP182;Trojan.PWS.Tanspy.775;Deleted.;
acpbapku.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
addghyqy.dll.bad;C:\VundoFix Backups;Trojan.Juan;Deleted.;
aemodkgp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
agsuqaju.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
akgkvfhc.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
amsrrkux.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
atfaivgp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
avmceuwk.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
axcxluht.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bdatwtft.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bdaygvbr.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bgvilcak.dll.bad;C:\VundoFix Backups;Adware.Crew;;
bhbeqeve.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
biiigmbv.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bislqgaj.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bkwhtpkd.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bnmdyter.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
bpgexeqp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bqenigew.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bsaamgue.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
budliluf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bviimpqc.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bvpdvyjf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
caeefarm.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
cerfviqi.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
cjpyquvd.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
cladpptd.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
clmslsnr.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
cniaypgi.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
cosaqpkg.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
cpqfahbr.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
csiofdse.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
csnxnmio.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ctngmihf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ctttoqvh.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
deigwyfi.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
djqfhsng.dll.bad;C:\VundoFix Backups;Adware.Crew;;
dkihfkur.dll.bad;C:\VundoFix Backups;Adware.Crew;;
dlfoxmui.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
dlgkmfyu.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
dmnucham.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
dqcgclrc.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
dslerlhn.dll.bad;C:\VundoFix Backups;Trojan.Juan;Deleted.;
eiuqpbvn.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
enjcaheu.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
ensfydhq.dll.bad;C:\VundoFix Backups;Adware.Crew;;
eqymbldj.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
errakvnl.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
euldqxgw.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
fbcdbjiu.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
fbxkcgsq.exe.bad;C:\VundoFix Backups;Adware.TopSearch;;
fdbkfvsf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
fjrdxwdn.dll.bad;C:\VundoFix Backups;Adware.Crew;;
fkmbgflq.dll.bad;C:\VundoFix Backups;Trojan.Juan;Deleted.;
flhxnxvv.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
fnlvcfed.dll.bad;C:\VundoFix Backups;Trojan.Virtumod.214;Deleted.;
fnxeqfad.dll.bad;C:\VundoFix Backups;Trojan.Juan;Deleted.;
frovgrpt.dll.bad;C:\VundoFix Backups;Adware.Crew;;
fscbkeko.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
gaovwkrd.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
gciybsyl.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
gcsclypd.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
gfykahpq.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
giltdxgm.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
glfnmigi.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
gsfqkfri.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
gtcsqqpi.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
gwnonkhr.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
hhhhpibw.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
hnnaufrw.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
hohmspnl.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
horfxrsq.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
hoswuqbo.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
hsqtcjsu.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
hwehwrmj.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
icykanep.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
ieftyvus.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ieuovclp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ifaoflav.exe.bad;C:\VundoFix Backups;Adware.TopSearch;;
ifwhvaai.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
igllcygc.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
ihsohnrm.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ilrljsxg.exe.bad;C:\VundoFix Backups;Adware.TopSearch;;
infeynka.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
inwhrkro.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
itxuqlou.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
iwhmbtvt.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
iyhddkeb.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
jebtjkay.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
jejaoqkd.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
jghatdjp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
jhtrcyim.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
jkbtkdcj.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
jndvxvoj.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
jnrrdwly.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
jonodayg.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
jskmkgkp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
jylpavco.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
kahruqcg.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
kejusmxb.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
khcdnitx.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
kkdppeos.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
kowlooit.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
krsirhqk.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
lbhatnet.exe.bad;C:\VundoFix Backups;Adware.TopSearch;;
lbnanuxd.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
lcfuqsju.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
llpukrye.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
llrapgrn.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
loenbcym.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
lqdemhvy.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
lwtgtkut.dll.bad;C:\VundoFix Backups;Trojan.Juan;Deleted.;
lwtpgkcu.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
lwvwiomj.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
lxjfsemv.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
mbxpmepp.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
mcnbfwie.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
mdehluic.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
mdvuweqb.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
mexlftqh.dll.bad;C:\VundoFix Backups;Adware.Crew;;
mlwvxgac.exe.bad;C:\VundoFix Backups;Adware.TopSearch;;
mnpmghjf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
mqgjuqaf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
mrenjmhu.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
mrmukvki.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
natimxl.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
neprqfpa.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
nerhjtdv.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
nfcgnltx.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
nfmhdjdd.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ngywxsrf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
nhswhfet.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
nkxehunw.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
nnfglyax.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
nnotulia.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ntfrjcnr.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ntpaxikv.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
nwildrsa.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ojsqwgfd.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
onsembcl.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
oqufdnqj.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
oyyyghtp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
pbnrmcws.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
pdasvgwv.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
pjfehklg.dll.bad;C:\VundoFix Backups;Adware.Crew;;
pmyearkm.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
pqsqaccy.dll.bad;C:\VundoFix Backups;Trojan.Juan;Deleted.;
ptepukqn.dll.bad;C:\VundoFix Backups;Adware.Crew;;
pujagftb.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
pusuaeyf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
puuwpjxp.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
qaqaojth.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
qgxdfwex.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
qiboaomi.dll.bad;C:\VundoFix Backups;Adware.Crew;;
qlchibiu.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
qqeluyub.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
qqvdvulg.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
qrdduqju.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
qxdiaffo.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
qykyuovk.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
qyssfvik.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
rcfhebql.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
riamtgrl.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
rjlgcxcg.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
rljqurif.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
rmaftlih.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
rphaodfv.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
rpshynug.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
rqykbswc.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
rrnkbira.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
rxyfukxp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
sfmwgvgt.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
sopngvgm.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
spbhrfns.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
svlesekg.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
swbfidwt.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
swlnmtmk.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
swstvwfj.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
tbruskkw.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
tcaohwtw.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
tdhxfwqy.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
tebenhbf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
thvmnauc.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
tihcnhpr.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
tvjqnbnw.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
uhtcldmg.dll.bad;C:\VundoFix Backups;Adware.Crew;;
uidpemoi.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ulumgmcy.dll.bad;C:\VundoFix Backups;Adware.Crew;;
uncwivum.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
unyqmhuv.exe.bad;C:\VundoFix Backups;Adware.TopSearch;;
uppggnto.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
uxtkvtcn.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
vcbyourp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
vdlorraw.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
vlpshvmd.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
vqpbiuky.dll.bad;C:\VundoFix Backups;Adware.Crew;;
vsstxmjj.dll.bad;C:\VundoFix Backups;BackDoor.Iterator;Deleted.;
vtgblbqo.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
vthuwpoy.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
vwngrcvk.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
wcpjspel.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
wlqrwqwy.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
wmnvhedx.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
wobnvsiu.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
wpltompx.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
wqjdrccq.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
wsdjfoqo.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
wuwhkhor.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
wychgbyy.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
xbjkvsyf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
xbvyqhdo.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
xcrhlxxp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
xgcotudx.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
xgdtlljo.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
xgndiywd.dll.bad;C:\VundoFix Backups;Trojan.Juan;Deleted.;
xkgtonvg.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
xkocwcyo.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
xobsbgsp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
xpfsmgdt.dll.bad;C:\VundoFix Backups;Adware.Crew;;
xpsauhva.dll.bad;C:\VundoFix Backups;Adware.Crew;;
xtjlwaag.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
xtpomact.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
yalhpepw.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
yaygniqg.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
yjevgeym.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ykwmgygx.dll.bad;C:\VundoFix Backups;Trojan.Click.4739;Deleted.;
ylfgufse.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ylqxyhim.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ymmsiwow.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
yosxpviu.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ypnigrwj.dll.bad;C:\VundoFix Backups;Adware.Crew;;
ytucdovj.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
yuncybfb.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
yvbhuuko.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bardobc.dll;C:\WINDOWS\security\logs;Trojan.Virtumod;Deleted.;
aggnpcso.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
bgpijqld.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
cbhoggrb.dll;C:\WINDOWS\system32;Adware.Crew;;
cdmpmrvr.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
cgdojlpp.exe;C:\WINDOWS\system32;Adware.SearchColours;;
cmcfg3.dll;C:\WINDOWS\system32;Trojan.Sentinel;Incurable.Moved.;
crysjhje.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
d3dx9_3.dll;C:\WINDOWS\system32;Trojan.Sentinel;Deleted.;
dbbbcimw.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
djqfhsn.1;C:\WINDOWS\system32;Trojan.Sentinel;Incurable.Moved.;
eitijdtk.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
euohahjv.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
fktqqvoy.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
gfsdlhwf.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
hgqtddbn.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
hypmcrbj.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
ibsqvafn.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
ijrtvrwi.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
imawfhhs.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jllwirfq.dll;C:\WINDOWS\system32;Trojan.Juan;Deleted.;
jqpthdgg.dll;C:\WINDOWS\system32;Adware.Crew;;
krytgtyq.dll;C:\WINDOWS\system32;Trojan.Juan;Deleted.;
letwvdrh.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
megdcwro.dll;C:\WINDOWS\system32;Adware.Crew;;
nngelbrx.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
nwdxgpgq.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
olcrsxru.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
outkmpas.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
qvqgpkhy.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
rbulgqdh.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
rfoghupd.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
rgoinojc.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
rptwtvsn.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
rvgnykky.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
sxnmuonf.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
tadkajlf.dll;C:\WINDOWS\system32;Adware.Crew;;
tavebjot.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
tbotlros.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
tghfhtjf.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
ukokahnc.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
vpmyjuvt.exe;C:\WINDOWS\system32;Trojan.EzulaAd;Deleted.;
vsicckad.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
wvstnefn.exe;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jmwsmxkv.sys;C:\WINDOWS\system32\drivers;Trojan.Sentinel;Deleted.;
Process.exe;D:\FixO;Tool.Prockill;;


whats next? :)
  • 0

#48
kahdah
Posted 12 November 2007 - 08:23 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Please go to Start>Run type in Notepad.
Copy what is in the code box below into the open Notepad window.
Change the "Save As Type" to "All Files". Save it as fixservices.bat on your Desktop.
sc stop "xcqyangz"
sc delete "xcqyangz
Now double click on fixservices.bat and then try the following:
===================================
Let's see if we can fix the rest of your problems.
Firstly, visit: http://www.kellys-ko...s/nodesktop.reg

Save the file to your desktop as nodesktop.reg

Double click nodesktop.reg to run the file, and when asked to allow it to merge with your registry, click OK, then OK again when it is complete.

Now, reboot your computer and see if it has allowed you to get your icons and taskbar back.

If that fails, the nest option is to download xp_taskbar_desktop_fixall.vbs to your desktop.

Double click xp_taskbar_desktop_fixall.vbs to run the script, then Yes at the notice. Your desktop will disappear for a moment, then hopefully, return with all your icons.

Click OK to exit the script.

Let me know if this makes a difference and return your desktop and other things back to normal in Normal Mode.
Check anything else that was disabled as well.
==================================================
Post back with another Dss log and let me know how it goes.
  • 0

#49
ksanmamaril
Posted 17 November 2007 - 03:11 AM

ksanmamaril

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Ok thanks Kahdah, Well the desktop and taskbar are being shown but I was prompted by this message upon rebooting:
RUNDLL: Error Loading C:\windows\system32\apvsffxs.dll Could not be found
and
When I tried checking the start menu a lot of the program icons didn't show up, I uploaded a picture to show u the problem:

Posted Image

and lastly, the CD-ROM drive and DVD-RW drives don't seem to be working or reading media.

================================================================


well here are the DSS logs, thanks for helping me again!

Deckard's System Scanner v20071014.68
Run by Kent on 2007-11-17 00:50:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
42: 2007-11-17 08:50:18 UTC - RP186 - Deckard's System Scanner Restore Point
41: 2007-11-17 06:46:35 UTC - RP185 - System Checkpoint
40: 2007-11-16 06:22:27 UTC - RP184 - Software Distribution Service 3.0
39: 2007-11-16 06:14:12 UTC - RP183 - Restore Operation
38: 2007-10-13 01:05:24 UTC - RP182 - Restore Operation


-- First Restore Point --
1: 2007-09-05 10:28:40 UTC - RP145 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 80% (more than 75%).
Total Physical Memory: 504 MiB (512 MiB recommended).
System Drive C: has 2.58 GiB (less than 15%) free.


-- HijackThis (run as Kent.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:56:31 AM, on 11/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\IrfanView\i_view32.exe
C:\Documents and Settings\Kent\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kent.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/itunes/download/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2C61530D-E51E-47B2-ACF5-6456DA0A9D97} - (no file)
O2 - BHO: (no name) - {3E80EA04-3EBA-40E2-B1C1-58D119F6518a} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {54E6D360-DCF8-4E50-92C9-8792126D2864} - (no file)
O2 - BHO: (no name) - {6B8ADCEE-02B2-475A-803C-F3ADF8B773F8} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} - (no file)
O2 - BHO: (no name) - {D023390D-0F52-4437-B2FF-58561E3368A5} - (no file)
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\apvsffxs.dll",sitypnow
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://titanium.full...cweb/awswax.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com...ageUploader.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures06.ai...AIM.9.5.1.8.cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.ritea...PhotoOnline.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart...ploadClient.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://mainstreet.f...perSetupSP1.cab
O20 - Winlogon Notify: awvvu - C:\WINDOWS\
O20 - Winlogon Notify: natimxl - C:\WINDOWS\AppPatch\natimxl.dll (file missing)
O20 - Winlogon Notify: winabi32 - winabi32.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\ewptylnu.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Remote Procedure Call (RPC) MO (RPCSE) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - http://www.google.com/
O24 - Desktop Component 1: MySpace - http://www.myspace.com/

--
End of file - 11741 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20071029-204534-271 O2 - BHO: (no name) - {74F932E6-C714-4D49-83DA-C48F9FD61A76} - C:\WINDOWS\system32\fbiugbyy.dll (file missing)
backup-20071029-204534-282 O2 - BHO: (no name) - {54E6D360-DCF8-4E50-92C9-8792126D2864} - C:\WINDOWS\system32\ksqsoelb.dll (file missing)
backup-20071029-204534-361 O2 - BHO: (no name) - {A91DB785-7D93-42AE-AC4C-E6F0BD0CA45D} - C:\WINDOWS\AppPatch\natimxl.dll (file missing)
backup-20071029-204534-365 O2 - BHO: (no name) - {3E80EA04-3EBA-40E2-B1C1-58D119F6518a} - C:\WINDOWS\system32\ksqsoelb.dll (file missing)
backup-20071029-204534-457 O2 - BHO: (no name) - {6B8ADCEE-02B2-475A-803C-F3ADF8B773F8} - C:\WINDOWS\system32\ksqsoelb.dll (file missing)
backup-20071029-204534-560 O2 - BHO: (no name) - {D0329530-48D1-4AD6-AAB6-E90338C13212} - C:\WINDOWS\system32\djqfhsn.dll

-- File Associations -----------------------------------------------------------

.js - unable to read key
.js - unable to read key


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 Vax347b - c:\windows\system32\drivers\vax347b.sys
R0 Vax347s - c:\windows\system32\drivers\vax347s.sys
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R1 StyleXPHelper - c:\program files\tgtsoft\stylexp\stylexphelper.exe <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R3 AnyDVD - c:\windows\system32\drivers\anydvd.sys <Not Verified; SlySoft, Inc.; AnyDVD>
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin Discrete>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>

S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Diskeeper - "c:\program files\diskeeper corporation\diskeeper\dkservice.exe" <Not Verified; Diskeeper Corporation; Diskeeper ™ Disk Defragmenter>

S2 DomainService - c:\windows\system32\ewptylnu.exe /service (file missing)
S2 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>
S2 RPCSE (Remote Procedure Call (RPC) MO) - c:\program files\intel\intel.com (file missing)
S3 gusvc (Google Updater Service) - "c:\program files\google\common\google updater\googleupdaterservice.exe" (file missing)
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 TUWinStylerThemeSvc (TuneUp WinStyler Theme Service) - "c:\program files\tuneup utilities 2006\winstylerthemesvc.exe" <Not Verified; TuneUp Software GmbH; TuneUp Utilities>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-11-16 22:27:00 362 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2007-11-16 17:18:04 388 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
2007-09-24 16:43:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-10-17 and 2007-11-17 -----------------------------

2007-11-12 13:04:27 0 d-------- C:\Documents and Settings\Kent\DoctorWeb
2007-11-05 18:53:26 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-10-29 20:48:19 0 d-------- C:\BFU
2007-10-29 20:46:24 132428604 --a------ C:\registrybackup.reg
2007-10-21 21:46:25 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Grisoft
2007-10-19 22:22:50 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-10-17 11:50:20 0 d-------- C:\Documents and Settings\Kent\Application Data\Grisoft
2007-10-17 11:49:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft


-- Find3M Report ---------------------------------------------------------------

2007-11-17 00:56:15 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-11-15 00:26:35 708 --a------ C:\Documents and Settings\Kent\Application Data\wklnhst.dat
2007-11-10 00:03:08 0 d-------- C:\Documents and Settings\Kent\Application Data\Adobe
2007-10-25 22:05:06 0 d-------- C:\Program Files\Viewpoint
2007-10-22 01:12:50 548352 -r-hs---- C:\WINDOWS\serivce.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-17 21:14:53 0 d-------- C:\Program Files\PopsMedia Site Adviser
2007-10-13 13:22:03 0 d-------- C:\Documents and Settings\Kent\Application Data\Juniper Networks
2007-10-12 22:46:39 0 d-------- C:\Program Files\Google
2007-10-12 22:41:45 0 d-------- C:\Program Files\Trend Micro
2007-10-01 11:50:50 0 d-------- C:\Program Files\Intel
2007-09-25 15:33:05 0 d-------- C:\Program Files\Dartfish
2007-09-25 15:24:52 0 d-------- C:\Program Files\CoffeeCup Software
2007-09-24 10:44:50 0 d-------- C:\Documents and Settings\Kent\Application Data\LimeWire


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2C61530D-E51E-47B2-ACF5-6456DA0A9D97}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3E80EA04-3EBA-40E2-B1C1-58D119F6518a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54E6D360-DCF8-4E50-92C9-8792126D2864}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6B8ADCEE-02B2-475A-803C-F3ADF8B773F8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CF46BFB3-2ACC-441b-B82B-36B9562C7FF1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D023390D-0F52-4437-B2FF-58561E3368A5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [09/21/2005 09:24 AM C:\WINDOWS\SOUNDMAN.EXE]
"PS2"="C:\WINDOWS\system32\ps2.exe" [10/25/2004 03:17 PM]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [10/14/2004 08:54 PM]
"KBD"="C:\HP\KBD\KBD.EXE" [02/02/2005 04:44 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [04/17/2004 11:41 AM]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [05/07/1998 03:04 PM]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [06/07/2004 05:53 PM]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [06/07/2004 05:42 PM]
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [03/23/2005 03:34 PM]
"AlcxMonitor"="ALCXMNTR.EXE" [09/07/2004 07:47 PM C:\WINDOWS\ALCXMNTR.EXE]
"AlcWzrd"="ALCWZRD.EXE" [09/21/2005 02:32 PM C:\WINDOWS\ALCWZRD.EXE]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 05:43 PM C:\WINDOWS\ALCMTR.EXE]
"AGRSMMSG"="AGRSMMSG.exe" [06/29/2004 04:06 PM C:\WINDOWS\AGRSMMSG.exe]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [04/09/2007 04:23 AM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [01/13/2007 08:47 AM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [01/13/2007 08:47 AM]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [01/13/2007 08:46 AM]
"SearchIndexer"="C:\WINDOWS\system32\apvsffxs.dll" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 04:00 AM]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [01/30/2006 08:23 AM]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [09/25/2006 07:24 AM]
"@"="" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 08:24 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"wininet.dll"=

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoToolbarsOnTaskbar"=0 (0x0)
"NoSetTaskbar"=0 (0x0)
"NoSaveSettings"=0 (0x0)
"NoActiveDesktop"=0 (0x0)
"NoBandCustomize"=0 (0x0)
"NoMovingBands"=0 (0x0)
"NoCloseDragDropBands"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awvvu]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\natimxl]
C:\WINDOWS\AppPatch\natimxl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\fastload.dll 12/20/2001 09:34 PM 24576 C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winabi32]
winabi32.dll


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"AIM"=C:\Program Files\AIM\aim.exe -cnetwait.odl
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"Aim6"="C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
"LaunchList"=C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"THGuard"="C:\Program Files\TrojanHunter 4.5\THGuard.exe"
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"HostManager"=C:\Program Files\Common Files\AOL\1128563132\ee\AOLSoftware.exe
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
"WinampAgent"=C:\Program Files\Winamp\winampa.exe
"msci"=C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\2006621212256_mcinfo.exe /insfin
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"IPHSend"=C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
"DeadAIM"=rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
"DownloadAccelerator"="C:\Program Files\DAP\DAP.EXE" /STARTUP
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
"DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
"kav"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
"Symantec NetDriver Monitor"=C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
"Ulead Quick-Drop"="C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 5 Plus\Ulead DVD MovieFactory 5\Quick-Drop.exe" WINDOWCALL
"PrintDrive"=rundll32.exe "C:\WINDOWS\system32\svlesekg.dll",setvm
"GPLv3"=rundll32.exe "C:\WINDOWS\system32\acpbapku.dll",realset
"SecurityUpdate"=rundll32.exe C:\WINDOWS\system32\pjditur.dll,TurnOn2
"j6221430"=rundll32 C:\WINDOWS\system32\j6221430.dll sook
"SearchIndexer"=rundll32.exe "C:\WINDOWS\system32\icykanep.dll",sitypnow


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\P]
AutoRun\command- P:\LaunchU3.exe -a




-- End of Deckard's System Scanner: finished at 2007-11-17 00:57:42 ------------
  • 0

#50
ksanmamaril
Posted 17 November 2007 - 03:12 AM

ksanmamaril

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
and lastly here is the extra.txt


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 3.06GHz
Percentage of Memory in Use: 69%
Physical Memory (total/avail): 503.3 MiB / 151.57 MiB
Pagefile Memory (total/avail): 1227.95 MiB / 891.03 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1904.77 MiB

C: is Fixed (NTFS) - 142.96 GiB total, 2.58 GiB free.
D: is Fixed (FAT32) - 6.07 GiB total, 0.71 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is CDROM (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is Removable (No Media)
L: is CDROM (No Media)
M: is CDROM (No Media)
N: is CDROM (No Media)
O: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST3160023AS - 149.05 GiB - 2 partitions
\PARTITION0 - Unknown - 6.08 GiB - D:
\PARTITION1 (bootable) - Installable File System - 142.96 GiB - C:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
FirewallDisableNotify is set.

FW: BitDefender Internet Security v10 v7.2 (Softwin) Disabled
AV: BitDefender Internet Security v10 v7.2 (Softwin) Disabled Outdated
AV: Kaspersky Anti-Virus 6.0 v6.0.0.303 (Kaspersky Lab) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\\iTunes\\iTunes.exe"="%ProgramFiles%\\iTunes\\iTunes.exe:*:enabled:iTunes"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1128563132\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1128563132\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe:*:Enabled:BackWeb for Pavilion"
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\interMute\\SpySubtract\\SpySub.exe"="C:\\Program Files\\interMute\\SpySubtract\\SpySub.exe:*:Enabled:SpySubtract"
"C:\\Program Files\\interMute\\SpamSubtract\\SpamSub.exe"="C:\\Program Files\\interMute\\SpamSubtract\\SpamSub.exe:*:Enabled:SpamSubtract"
"C:\\Program Files\\Common Files\\AOL\\1128563132\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1128563132\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares"
"C:\\Documents and Settings\\HP_Owner\\Shared\\PC Games - Unreal Tournament\\Unreal Tournament\\System\\UnrealTournament.exe"="C:\\Documents and Settings\\HP_Owner\\Shared\\PC Games - Unreal Tournament\\Unreal Tournament\\System\\UnrealTournament.exe:*:Enabled:UnrealTournament"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Disabled:Internet Explorer"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kuntpunisher\\day of defeat source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kuntpunisher\\day of defeat source\\hl2.exe:*:Enabled:hl2"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\WINDOWS\\system32\\LEXPPS.EXE"="C:\\WINDOWS\\system32\\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\mzd3rch1c0\\counter-strike\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\mzd3rch1c0\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell"
"D:\\StubInstaller.exe"="D:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Limewire Shared\\LimeWire\\LimeWire.exe"="C:\\Limewire Shared\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Common Files\\AOL\\1128563132\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1128563132\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Games\\XTCS Counter-Strike 1.6 Final Release\\cstrike.exe"="C:\\Games\\XTCS Counter-Strike 1.6 Final Release\\cstrike.exe:*:Enabled:XTCS Counter-Strike 1.6 Final Release"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
"C:\\Program Files\\Opera\\Opera.exe"="C:\\Program Files\\Opera\\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\\WINDOWS\\system32\\ewptylnu.exe"="C:\\WINDOWS\\system32\\ewp"
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe:*:Enabled:Studio"
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe:*:Enabled:umi"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Kent\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=OSCARMAMARIL
ComSpec=C:\WINDOWS\system32\cmd.exe
DEFAULT_CA_NR=CA6
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Kent
LOGONSERVER=\\OSCARMAMARIL
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Diskeeper Corporation\Diskeeper\;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625;C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Kent\LOCALS~1\Temp
TMP=C:\DOCUME~1\Kent\LOCALS~1\Temp
USERDOMAIN=OSCARMAMARIL
USERNAME=Kent
USERPROFILE=C:\Documents and Settings\Kent
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

HP_Owner (admin)
Kent (admin)
Administrator (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
3GP Video Converter 3 --> C:\Program Files\ImTOO\3GP Video Converter 3\Uninstall.exe
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe InDesign CS2 --> msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
Adobe Photoshop CS --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Agere Systems PCI Soft Modem --> agrsmdel
AIM "You've Got Pictures" Picture Finder Plugin v9.5.1.8 --> C:\Program Files\Common Files\YGP\Plugins\AIM\9_5_1_8a\YGPInstallerAim.exe /u -d"AIM" -p"AIM" -len-US-AIM
AIM 6.0 --> C:\Program Files\AIM6\uninst.exe
AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
AOL Coach Version 1.0(Build:20040229.1 en) --> C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
Apple Software Update --> MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\Setup.exe" -l0x9 -uninst
AVI to MPEG Converter --> C:\PROGRA~1\AVITOM~1\UNWISE.EXE C:\PROGRA~1\AVITOM~1\INSTALL.LOG
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bejeweled 2 Deluxe --> C:\WINDOWS\iun6002ev.exe "C:\Program Files\Bejeweled 2 Deluxe\irunin.ini"
CC_ccProxyMSI --> MsiExec.exe /I{A398F2DC-D706-4bb2-AC38-5532CD229D08}
CC_ccStart --> MsiExec.exe /I{D6414CC7-F215-467F-88B1-546ED863F35B}
ccCommon --> MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
Citrix Presentation Server Client --> MsiExec.exe /I{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}
CloneDVD2 --> "C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Counter-Strike™ --> MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
DartViewer --> MsiExec.exe /X{BBF7D230-8F25-4041-90A9-73FD03BE8640}
dBpowerAMP AAC Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP AAC Codec.dat
dBpowerAMP FLAC Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP FLAC Codec.dat
dBpowerAMP Monkeys Audio Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Monkeys Audio Codec.dat
dBpowerAMP Mp3 (MPEG Suite 2000 CLI) --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Mp3 (MPEG Suite 2000 CLI).dat
dBpowerAMP Music Converter --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
dBpowerAMP Ogg Vorbis Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Ogg Vorbis Codec.dat
dBpowerAMP Shorten Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Shorten Codec.dat
dBpowerAMP Skin Designer --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Skin Designer.dat
dBpowerAMP Wavpack Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Wavpack Codec.dat
dBpowerAMP WMA V9 Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP WMA V9 Codec.dat
dBpowerAMP WMA V9.1 Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP WMA V9.1 Codec.dat
DeadAIM --> MsiExec.exe /I{25AF0BD1-DF07-4447-8E91-28E99617C556}
Diskeeper Professional Premier Edition --> MsiExec.exe /X{D6B79F07-62D1-46C9-A225-625ACC748144}
dMC Power Pack --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dMC Power Pack.dat
Download Accelerator Plus (DAP) --> C:\PROGRA~1\DAP\DAPREMOVE.EXE
DVDx 2.0 --> "C:\Program Files\DVDx\unins000.exe"
eMule Plus 1.2 --> "C:\Program Files\eMule\unins000.exe"
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EZ Label Xpress 3.0 Full --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3902CCB7-9D8D-4BCA-B9B1-20AA26432FBA}
Free Mp3 Wma Converter V 1.4.0 --> "C:\Program Files\Free Audio Pack\unins000.exe"
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Half-Life® 2 --> MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA}
Help and Support Additions --> C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
HP Deskjet Preloaded Printer Drivers --> MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Image Zone 4.2.3 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Plus 4.2.3 --> C:\Program Files\HP\Digital Imaging\{0D182A5E-AEE0-42ca-BD1D-4EEB2FFA256D}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP Multimedia Keyboard Software --> C:\HP\KBD\Install.exe /remove
HP Organize --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}\Setup.exe" UNINSTALL
HP Photosmart Cameras 4.0 --> C:\Program Files\HP\Digital Imaging\{4C04DF1B-6A39-4299-9DD1-1FA60000266E}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP PSC & OfficeJet 4.0 --> "C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update --> MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
HPIZ423 --> MsiExec.exe /X{561A9B4E-2E48-4149-B977-59C7AFF62B52}
Image Resizer Powertoy for Windows XP --> MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
ImTOO AVI MPEG Converter --> C:\Program Files\ImTOO\AVI MPEG Converter 3\Uninstall.exe
Intel® Graphics Media Accelerator Driver --> C:\WINDOWS\system32\igxpun.exe -uninstall
IntelliMover Data Transfer Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14589F05-C658-4594-9429-D437BA688686}\Setup.exe" -l0x9
InterVideo DiscLabel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3F058C0-A21C-452D-8D99-95B1A45F417D}\setup.exe" REMOVEALL
InterVideo WinDVD Creator --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iPod for Windows 2006-03-23 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB} /l1033
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
iTunes --> MsiExec.exe /I{AB90749C-7422-4580-8A7A-66CC5E9E5F98}
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Juniper Networks Cache Cleaner 5.3.0 --> "C:\Documents and Settings\Kent\Application Data\Juniper Networks\Cache Cleaner 5.3.0\uninstall.exe"
Kaspersky Anti-Virus 6.0 --> MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
Lexmark Z700-P700 Series --> C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBLUN5C.EXE -dLexmark Z700-P700 Series
LimeWire PRO 4.12.3 --> "C:\Program Files\LimeWire\uninstall.exe"
Lippincott's Review for NCLEX-PN 6e --> C:\PROGRA~1\LIPPIN~1\LRSNCL~1\UNWISE32.EXE C:\PROGRA~1\LIPPIN~1\LRSNCL~1\INSTALL.LOG
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
LiveUpdate 2.5 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
LiveUpdate BVRP Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -l0x9
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Magic ISO Maker v5.3 (build 0229) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
MC Web --> C:\WINDOWS\unvise32.exe C:\uninstal.log
Messenger Plus! 3 --> "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Microsoft ActiveSync 3.8 --> "C:\WINDOWS\ISUNINST.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll"
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Expression Web --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall WEBDESIGNER /dll ESETUP.DLL
Microsoft Expression Web --> MsiExec.exe /X{90120000-0026-0000-0000-0000000FF1CE}
Microsoft Expression Web MUI (English) --> MsiExec.exe /X{90120000-0026-0409-0000-0000000FF1CE}
Microsoft Office FrontPage 2003 --> MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Media Content --> MsiExec.exe /I{90300409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Professional --> MsiExec.exe /I{91110409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Web Components --> MsiExec.exe /I{90260409-6000-11D3-8CFE-0050048383C9}
Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
middle_man --> "C:\PROGRA~1\AIM\UninstallMM.exe"
Mihov Image Resizer (remove only) --> "C:\Program Files\Mihov Image Resizer\Uninstall.exe"
mobile PhoneTools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}\setup.exe" -l0x9
Move Networks Player for Firefox --> "C:\Program Files\Mozilla Firefox\plugins\unins000.exe"
Move Networks Player for Internet Explorer --> "C:\Documents and Settings\Kent\Application Data\Move Networks\ie_bin\unins000.exe"
Mozilla Firefox (2.0.0.6) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Mozilla Firefox (2.0.0.7) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSN Messenger 7.5 --> MsiExec.exe /I{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}
MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MSN Toolbar --> C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\mtbs.exe c
MSRedist --> MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Multiple Image Resizer .NET --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A46CD8B-9BBB-4F2D-810C-5C3DAA0E2B20}
muvee autoProducer 3.5 magicMoments - HPD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B103C8A7-D1CC-4B1A-BD41-883F652E097D}\setup.exe" -l0x9
Native Instruments Traktor DJ Studio 3 --> C:\PROGRA~1\NATIVE~1\TRAKTO~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\TRAKTO~1\INSTALL.LOG
Nero 7 Demo --> MsiExec.exe /I{38E0C491-5230-4373-B62E-F1A6E94B1033}
Norton Internet Security --> MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125}
Norton Internet Security --> MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
Norton Internet Security --> MsiExec.exe /I{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}
Norton Internet Security --> MsiExec.exe /I{91AA4B1F-B918-4e0b-A304-F8D4EC5D7726}
Norton Internet Security --> MsiExec.exe /I{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}
Norton Internet Security --> MsiExec.exe /I{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}
Norton Internet Security --> MsiExec.exe /I{FC2C0536-583C-46c0-844A-62CECAE01F22}
Norton Personal Firewall --> MsiExec.exe /I{3BD0196C-6553-460c-A0C4-90D8AE5D60D2}
Norton Personal Firewall (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\SymSetup\{3BD0196C-6553-460c-A0C4-90D8AE5D60D2}.exe /X
Norton Security Center --> MsiExec.exe /X{503AA035-41E2-4858-B31F-1E49AC66C309}
ObjectDock --> C:\PROGRA~1\Stardock\OBJECT~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\INSTALL.LOG
Opera 9.10 --> MsiExec.exe /X{750B9AD1-4C63-4143-94C5-6FB304199BAD}
Photosmart 320,370,7400,8100,8400 Series --> C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\setup\hpzscr01.exe -datfile hphscr01.dat
Pinnacle Instant DVD Recorder --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\setup.exe" -l0x9 UNINSTALL
PowerCDR Express --> MsiExec.exe /I{9B2B0EAD-2CC7-4589-B3AA-D23BAB724065}
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
Realtek High Definition Audio Driver --> RtlUpd.exe -r
Registry Mechanic 6.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sonic Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Sony Ericsson PC Suite 1.20.173 --> MsiExec.exe /I{C5ADA65A-7828-4D85-B071-ECC52B51F794}
Sony Ericsson Themes Creator 3.02 --> C:\Program Files\Sony Ericsson\Themes Creator\Uninstall.exe
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam™ --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Studio 11 --> C:\Program Files\InstallShield Installation Information\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}\Setup2.exe -runfromtemp -l0x0009 UNINSTALL -removeonly
StyleXP (remove only) --> "C:\Program Files\TGTSoft\StyleXP\StyleXP-uninstall.exe"
Super Granny from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\Uninstall.exe"
TablePCRT --> MsiExec.exe /X{C46A5F24-B91F-477C-B634-DB99A7D7792A}
Tradewinds from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\F5215F01-DFC0-475D-A910-6F1AF94E807E\Uninstall.exe"
TrojanHunter 4.5 --> "C:\Program Files\TrojanHunter 4.5\unins000.exe"
TuneUp Utilities 2006 --> MsiExec.exe /I{868D7896-99D4-4513-BC62-2B3AD3E24926}
Ulead DVD MovieFactory 5 Plus --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF164702-AF8B-4F2F-8038-74A4C536866B}\setup.exe" -l0x9
Updates from HP --> C:\WINDOWS\BWUnin-6.3.2.62.exe -AppId 309731
Veoh Player --> C:\Program Files\InstallShield Installation Information\{3D5A72E1-1467-4199-8CF6-12DA8D502A6B}\setup.exe -runfromtemp -l0x0409
ViaDuct 2000 --> C:\WINDOWS\IsUninst.exe -fC:\VIADCT32\Uninst.isu
Video GIF AVI ThumbCell Creater Free Version v1.2 --> "C:\Program Files\Video GIF AVI ThumbCell Creater\unins000.exe"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Virtual DJ - Atomix Productions --> C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
WindowBlinds --> C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\INSTALL.LOG
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Pack 1.0 -->
XviD 1.1 final uninstall --> "C:\Program Files\XviD\unins000.exe"
Yahoo! Desktop Login --> MsiExec.exe /I{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type5391 / Error
Event Submitted/Written: 11/16/2007 03:50:50 AM
Event ID/Source: 1024 / MsiInstaller
Event Description:
Product: Microsoft Office XP Web Components - Update '{27E6D16E-6ADE-40A2-AB0A-D0BD1F11C806}' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Event Record #/Type5390 / Error
Event Submitted/Written: 11/16/2007 03:50:48 AM
Event ID/Source: 11706 / MsiInstaller
Event Description:
Product: Microsoft Office XP Web Components -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.

Event Record #/Type5388 / Error
Event Submitted/Written: 11/15/2007 10:22:01 PM
Event ID/Source: 3001 / LoadPerf
Event Description:
The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 5252, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.

Event Record #/Type5387 / Warning
Event Submitted/Written: 11/15/2007 10:22:01 PM
Event ID/Source: 2006 / LoadPerf
Event Description:
LastCounter and LastHelp values of performance registry is corrupted and
needs to be updated. The first and second DWORDs in Data Section are the
original values while the third and forth DWORDs in Data Section are the
updated new values.

Event Record #/Type5386 / Error
Event Submitted/Written: 11/15/2007 10:21:57 PM
Event ID/Source: 3011 / LoadPerf
Event Description:
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The
Error code is the first DWORD in Data section.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type94556 / Error
Event Submitted/Written: 11/17/2007 00:45:32 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service upnphost with arguments ""
in order to run the server:
{204810B9-73B2-11D4-BF42-00B0D0118B56}

Event Record #/Type94554 / Error
Event Submitted/Written: 11/17/2007 00:45:29 AM
Event ID/Source: 30013 / ipnathlp
Event Description:
The DHCP allocator has disabled itself on IP address 192.168.1.104,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Event Record #/Type94553 / Error
Event Submitted/Written: 11/17/2007 00:45:29 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service upnphost with arguments ""
in order to run the server:
{204810B9-73B2-11D4-BF42-00B0D0118B56}

Event Record #/Type94543 / Error
Event Submitted/Written: 11/17/2007 00:45:24 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
ASPI32

Event Record #/Type94542 / Warning
Event Submitted/Written: 11/17/2007 00:44:26 AM / 11/17/2007 00:44:56 AM
Event ID/Source: 51 / Cdrom
Event Description:
An error was detected on device \Device\CdRom4 during a paging operation.



-- End of Deckard's System Scanner: finished at 2007-11-17 00:57:42 ------------




=============================================================================

thanks again, hopefully you can help me with the other problems :/
  • 0

#51
kahdah
Posted 17 November 2007 - 12:13 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
The error on startup is fine.
It is a dead malware registry entry set to boot with windows.

Please now uninstall whatever anti virus you do not use.
(Ie:Norton Bit defender)

Let's finish cleanup and then we will try to go at the other problems. :)
================================================
Please open up Notepad and copy all of the items in the code box below.
Change the "Save As Type" to "All Files". Save it as Cleanup.reg on your Desktop.
Windows Registry Editor 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C61530D-E51E-47B2-ACF5-6456DA0A9D97}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E80EA04-3EBA-40E2-B1C1-58D119F6518a}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54E6D360-DCF8-4E50-92C9-8792126D2864}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B8ADCEE-02B2-475A-803C-F3ADF8B773F8}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF46BFB3-2ACC-441b-B82B-36B9562C7FF1}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D023390D-0F52-4437-B2FF-58561E3368A5}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{2318C2B1-4965-11d4-9B18-009027A5CD4F}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SearchIndexer"=-

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awvvu] 

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\natimxl]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winabi32]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"msci"=-
"PrintDrive"=-
"GPLv3"=-
"SecurityUpdate"=-
"j6221430"=-
"SearchIndexer"=-

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DomainService]
Now double-click Cleanup.reg.
A window will come up asking if you want to let it merge with the registry.
Click yes.
Reboot for the changes to take place.
=========================================================
After that reg fix PLease go to Start > Run >Type in cmd.
Thne at the command prompt type in this ->chkdsk /r /f
type in Y at the run on reboot prompt.
Let chkdsk run it may take a long time.

Let me know how things are running after that and post back with a new Hijackthis log.
  • 0

#52
ksanmamaril
Posted 18 November 2007 - 08:47 PM

ksanmamaril

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Here is the New HiJackThis log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:46:31 PM, on 11/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\fixthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/itunes/download/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2C61530D-E51E-47B2-ACF5-6456DA0A9D97} - (no file)
O2 - BHO: (no name) - {3E80EA04-3EBA-40E2-B1C1-58D119F6518a} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {54E6D360-DCF8-4E50-92C9-8792126D2864} - (no file)
O2 - BHO: (no name) - {6B8ADCEE-02B2-475A-803C-F3ADF8B773F8} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} - (no file)
O2 - BHO: (no name) - {D023390D-0F52-4437-B2FF-58561E3368A5} - (no file)
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\apvsffxs.dll",sitypnow
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://titanium.full...cweb/awswax.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com...ageUploader.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures06.ai...AIM.9.5.1.8.cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.ritea...PhotoOnline.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart...ploadClient.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://mainstreet.f...perSetupSP1.cab
O20 - Winlogon Notify: awvvu - C:\WINDOWS\
O20 - Winlogon Notify: natimxl - C:\WINDOWS\AppPatch\natimxl.dll (file missing)
O20 - Winlogon Notify: winabi32 - winabi32.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\ewptylnu.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Remote Procedure Call (RPC) MO (RPCSE) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - http://www.google.com/
O24 - Desktop Component 1: MySpace - http://www.myspace.com/

--
End of file - 11463 bytes
  • 0

#53
kahdah
Posted 18 November 2007 - 09:01 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Please go to Start>Run type in Notepad.
Copy what is in the code box below into the open Notepad window.
Change the "Save As Type" to "All Files". Save it as del.bat on your Desktop.
sc stop "DomainService"

sc delete "DomainService"
Then please double click on del.bat a window will open and close quickly.This is normal.
=============================================
Please reopen Hijackthis and click on Do a system scan only.

Place a check next to these entries:

O2 - BHO: (no name) - {2C61530D-E51E-47B2-ACF5-6456DA0A9D97} - (no file)
O2 - BHO: (no name) - {3E80EA04-3EBA-40E2-B1C1-58D119F6518a} - (no file)
O2 - BHO: (no name) - {54E6D360-DCF8-4E50-92C9-8792126D2864} - (no file)
O2 - BHO: (no name) - {6B8ADCEE-02B2-475A-803C-F3ADF8B773F8} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} - (no file)
O2 - BHO: (no name) - {D023390D-0F52-4437-B2FF-58561E3368A5} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\apvsffxs.dll",sitypnow
O20 - Winlogon Notify: awvvu - C:\WINDOWS\
O20 - Winlogon Notify: natimxl - C:\WINDOWS\AppPatch\natimxl.dll (file missing)
O20 - Winlogon Notify: winabi32 - winabi32.dll (file missing)
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\ewptylnu.exe (file missing)

Now click on fix checked and then close Hijackthis.

===================================
Reboot post a new Hijackthis log and let me know how it is running?
  • 0

#54
ksanmamaril
Posted 19 November 2007 - 03:48 AM

ksanmamaril

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:44:31 AM, on 11/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\fixthis.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/itunes/download/
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://titanium.full...cweb/awswax.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com...ageUploader.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures06.ai...AIM.9.5.1.8.cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.ritea...PhotoOnline.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart...ploadClient.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://mainstreet.f...perSetupSP1.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Remote Procedure Call (RPC) MO (RPCSE) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - http://www.google.com/
O24 - Desktop Component 1: MySpace - http://www.myspace.com/

--
End of file - 10565 bytes


===========================================================================


Hey Kahdah here is the latest hijackthis.log,

everything seems like its going back to normal except for the Icons and Drives problems.

is there anything else i should do? does everything seem fine? let me know thanks :)
  • 0

#55
kahdah
Posted 19 November 2007 - 09:47 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Let's try some more things before we call it quits.

First let's get rid of all of the tools programs that I had you use.
Anything on the C:\ drive that relates to the tools we used.
Empty your recycle bin.
=====================================
After that please update your Java:
Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Ugrading Java:After that
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
==========================================
Then I will need you to reset your System Restore points, please note that you will need to log into your computer with an account which has full administrator access.
You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

(Windows XP)
1. Turn off System Restore.Click on *Start
Right-click *My Computer
Click *Properties
Click the *System Restore tab
Check *Turn off System Restore
Click *Apply, and then click *OK.
2. Reboot.

3. Turn ON System Restore.Click on *Start
Right-click *My Computer
Click *Properties
*UN-Check *Turn off System Restore*
Check *Turn on System Restore
Click *Apply, and then click *OK.

How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb;en-us;310405
=======================================
After that your log is clean. :)

Try this for the cddrives:
Go to Start Right click on My Computer and click on Manage then Device Manager
Locate your drives that do not work (only the cd dvd drive section)
Right click on the cd and the dvd drives (one at a time) and choose Uninstall.
Click yes at the prompt and then reboot. (May have to reboot once for each device.)
Reboot again if needed and each time you reboot it will find these cd and dvd drives and install them.
Let it install them and see if that helps them to work.
Let me know.


Also Do your programs work still even if the icons don't?
Are all of your icons broken or just the ones in the Start menu?
Can you see the cd and dvd drive icon under My Computer?
  • 0

Advertisements

#56
ksanmamaril
Posted 20 November 2007 - 04:01 AM

ksanmamaril

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
ok i did all that you did,

so far everything is up to par.

Um yeah the programs still work even though the icons don't.
And as for the icons, it only shows as broken on the startmenu.
For the drives. the CD-ROM drives started to work again,
but as for the DVD-RW, it still doesn't work. I tried uninstalling many times but still doesn't work.
And now when i go into my computer, The E: drive registers as a CD-ROM drive, not a CD/DVD-RW drive no more.
what do u think i should do?

thanks kahdah
  • 0

#57
kahdah
Posted 20 November 2007 - 08:37 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
You are welcome. :)
As I believe now that this is a windows issue I will hand you over to the XP forum where they will be able to assist you further.
Please post a topic about your remaining problems there.
XP Forum good luck. :)

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein ->Here

If you have any further problems please feel free to contact G2Go.:)
  • 0

#58
ksanmamaril
Posted 21 November 2007 - 01:08 AM

ksanmamaril

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
thanks kahdah for the help, i think i will go the xp forums for my further problems, thanks again :)
  • 0

#59
kahdah
Posted 21 November 2007 - 04:18 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
You are welcome. :)



Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If your the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP