Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

virus infected, computer reboots auto, cant open many programs even hi

Started by rich06 , Apr 05 2008 10:46 AM

  • This topic is locked This topic is locked

#16
kahdah
Posted 11 April 2008 - 08:31 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok try to reboot and see how it goes.
  • 0

Advertisements

#17
rich06
Posted 12 April 2008 - 05:04 PM

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
didtn work will try once again selecting all instead of yes

Edited by rich06, 12 April 2008 - 05:06 PM.

  • 0

#18
kahdah
Posted 12 April 2008 - 05:09 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Just what I was going to say.
That means that yes you want to overwrite the software key with a different version, which is what we want to do.
  • 0

#19
rich06
Posted 12 April 2008 - 08:27 PM

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
wow! im stoked cuz i just started up my computer again, w/o redoing those steps, and the same thing happend. But, i found this annoying "found new hardware wizard" which ALWAYS comes up, and i used that to open the desktop. sorry i felt accomplished. well now im off to try to run silent runners. since i tried hijack this b4 and it didnt work. ill be posting soon. Thanks
  • 0

#20
rich06
Posted 13 April 2008 - 03:52 PM

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
"Silent Runners.vbs", revision 56, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"NVIEW" = "rundll32.exe nview.dll,nViewLoadHook" [MS]
"IB3tRScml" = "mdm_32.exe" [file not found]
"Ares Galaxy FasterDownload" = ""C:\Program Files\Ares Galaxy Supercharger\Supercharger.exe" -tray" [file not found]
"Weather" = "C:\Program Files\AWS\WeatherBug\Weather.exe 1" [file not found]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"" [file not found]
"ares" = ""C:\Program Files\Ares Lite Edition\Ares.exe" -h" [file not found]
"Microsoft Plus V7.1" = "C:\WINDOWS\igfxunit32.exe" [file not found]
"Microsoft Keyboard Enhance V2.0" = "C:\WINDOWS\iasrecst.exe" [file not found]
"Intel Audio Studio V2.0" = "C:\WINDOWS\fmideploy.exe" [file not found]
"Audio Studio V2.8" = "C:\WINDOWS\flsmontr.exe" [file not found]
"IntelliMouse Explorer V2.3" = "C:\WINDOWS\netpefr32.exe" [file not found]
"MyWebSearch Email Plugin" = "C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe" [file not found]
"Legacy VGA Drivers V1.0" = "C:\WINDOWS\certproc32.exe" [file not found]
"Agfmr" = ""C:\Program Files\*icrosoft.NET\*ti2evxx.exe"" (unwritable string) [null data]
"Spoolsv" = "C:\WINDOWS\System32\spoolvs.exe" [file not found]
"Windows Defender" = "C:\DOCUME~1\Owner\LOCALS~1\Temp\wdc38.exe" [MS]
"Windows Defender Adds" = "C:\DOCUME~1\Owner\LOCALS~1\Temp\wda39.exe" [MS]
"Windows Defender Monitor" = "C:\WINDOWS\wdm3A.exe" [MS]
"Windows Defender Updater" = "C:\WINDOWS\wdu3B.exe" [MS]
"msiconf.exe" = "msiconf.exe" [file not found]
"mssdbsrv" = "C:\WINDOWS\system32\msupdtck.exe" [null data]
"WinUpdater" = ""C:\Program Files\winvi\update.exe" /background" [null data]
"WebSUpdater" = ""C:\Program Files\winvi\wupda.exe" /background" [null data]
"SVCHOST.EXE" = "C:\WINDOWS\System32\drivers\svchost.exe" [null data]
"MSI Configuration" = "msiconf.exe" [file not found]
"QdrPack14" = ""C:\Program Files\QdrPack\QdrPack14.exe"" [null data]
"Microsoft Windows Adapter 5.1.3214" = "C:\Documents and Settings\Owner\Application Data\lpxlu.exe" [null data]
"autoload" = "C:\Documents and Settings\Owner\cftmon.exe" [null data]
"ntuser" = "C:\WINDOWS\system32\drivers\spools.exe" [null data]
"BMbf8865d9" = "Rundll32.exe "C:\WINDOWS\System32\xkynjreg.dll",s" [MS]
"IESet" = "IExplorer.dll .dbt" [null data]
"QdrModule15" = ""C:\Program Files\QdrModule\QdrModule15.exe"" [null data]
"jdgf894jrghoiiskd" = "C:\DOCUME~1\Owner\LOCALS~1\Temp\winlogan.exe" [null data]
"lhkxxngt" = "C:\WINDOWS\system32\dwngpmrs.exe" [null data]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ {++}
"rare" = "C:\Program Files\Video ActiveX Access\imsmain.exe" [file not found]
"user32.dll" = "C:\Program Files\Video ActiveX Access\iesmn.exe" [file not found]
"1ffrMhoSRg" = "C:\Documents and Settings\All Users\Application Data\xyxopira\navsbgve.exe" [null data]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"hpsysdrv" = "c:\windows\system\hpsysdrv.exe" [file not found]
"tgcmd" = ""C:\Program Files\support.com\bin\tgcmd.exe" /server" [file not found]
"Microsoft Updat3" = "mswkst32.exe" [file not found]
"Symantec NetDriver Monitor" = ""C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer" [file not found]
"ccApp" = ""c:\Program Files\Common Files\Symantec Shared\ccApp.exe"" [file not found]
"Ulead Quick-Drop" = ""C:\Documents and Settings\Owner\Desktop\Ulead Quick-Drop 1.0\Quick-Drop.exe" WINDOWCALL" [file not found]
"USIUDF_Eject_Monitor" = ""C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe"" [file not found]
"HP Software Update" = "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [file not found]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask .exe" -atboottime" ["Apple Computer, Inc."]
"iTunesHelper" = ""C:\Program Files\iTunes\iTunesHelper.exe"" ["Apple Computer, Inc."]
"WT GameChannel" = "C:\Program Files\WildTangent\Apps\GameChannel.exe" [file not found]
"TkBellExe" = ""C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot" [file not found]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"" [file not found]
"StorageGuard" = ""C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r" [file not found]
"Share-to-Web Namespace Daemon" = ""c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe"" [file not found]
"Reminder" = ""C:\Windows\Creator\Remind_XP.exe"" [file not found]
"Recguard" = "C:\WINDOWS\SMINST\RECGUARD.EXE" [file not found]
"nwiz" = ""nwiz.exe" /installquiet /keeploaded /nodetect" ["NVIDIA Corporation"]
"NvCplDaemon" = ""RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup" [MS]
"NeroFilterCheck" = "C:\WINDOWS\System32\NeroCheck.exe" [file not found]
"MW1HelperStartUp" = "C:\PROGRA~1\MAGICW~1\MW1HEL~1.EXE /partner MW1" [file not found]
"ccRegVfy" = ""c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"" [file not found]
"CamMonitor" = ""c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe"" [file not found]
"AlcxMonitor" = "ALCXMNTR.EXE" ["Realtek Semiconductor Corp."]
"outlook" = "C:\Program Files\outlook\outlook.exe /auto" [file not found]
"KBD" = "C:\HP\KBD\KBD.EXE" [file not found]
"My Web Search Bar" = "rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S" [MS]
"MyWebSearch Email Plugin" = "C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe" [file not found]
"lsass" = "C:\WINDOWS\lsass .exe" [file not found]
"bcbb5645" = "rundll32.exe "C:\WINDOWS\System32\krpoaari.dll",b" [MS]
"avp" = "C:\WINDOWS\avp .exe" [file not found]
"smgr" = "mgrs.exe" [file not found]
"Printer" = "C:\WINDOWS\System32\printer.exe" [null data]
"Mustafx" = "mustafx.exe" [null data]
"mustafx2" = "mustafx2.exe" [null data]
"KernelFaultCheck" = "C:\WINDOWS\system32\dumprep 0 -k"
"olcpgjax" = "regsvr32 /u "C:\Documents and Settings\All Users\Application Data\olcpgjax.dll"" [MS]
"ctfmona" = "C:\WINDOWS\System32\ctfmona.exe" [null data]

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\
>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default) = "Outlook Express"
\StubPath = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE" [MS]
{8b15971b-5355-4c82-8c07-7e181ea07608}\(Default) = "Fax"
\StubPath = "rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser" [MS]
{94de52c8-2d59-4f1b-883e-79663d2d9a8c}\(Default) = "Fax Provider"
\StubPath = "rundll32.exe C:\WINDOWS\System32\Setup\FxsOcm.dll,XP_UninstallProvider" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{00A6FAF1-072E-44cf-8957-5838F569A31D}\(Default) = "MyWebSearch Search Assistant BHO"
-> {HKLM...CLSID} = "MyWebSearch Search Assistant BHO"
\InProcServer32\(Default) = "C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL" ["MyWebSearch.com"]
{07B18EA1-A523-4961-B6BB-170DE4475CCA}\(Default) = "mwsBar BHO"
-> {HKLM...CLSID} = "mwsBar BHO"
\InProcServer32\(Default) = "C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL" ["MyWebSearch.com"]
{09911CFB-81BD-46E3-9A11-832BB988B9CD}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\WindowsUpdate\hokemoq83122.dll" [file not found]
{1414A102-D7DB-0060-B960-051DBB421857}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\cfgadmsh.dll" [null data]
{175d4f44-896a-48ab-afab-f9c84c905c2c}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\System32\felviyv.dll" [file not found]
{20ce4232-1338-40ee-8c32-fe991702bf0a}\(Default) = "{a0fb2071-99ef-23c8-ee04-83312324ec02}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\System32\qrnesams.dll" [file not found]
{41C2A05E-B7CF-4644-A49F-BD83EB041B28}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\System32\gebyw.dll" [file not found]
{44C0170E-4016-4FF6-855A-6E4739EFD177}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\WindowsUpdate\hokemoq4444.dll" [file not found]
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}\(Default) = (no title provided)
-> {HKLM...CLSID} = "PCTools Site Guard"
\InProcServer32\(Default) = "C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll" [null data]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
{8F9E2BE3-766D-4831-BB0E-766D5B819995}\(Default) = (no title provided)
-> {HKLM...CLSID} = "BndBlock4 BHO Class"
\InProcServer32\(Default) = "C:\Program Files\QdrDrive\QdrDrive9.dll" [null data]
{938F8B60-678D-680D-8B28-30E67688589C}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\System32\robaf.dll" [file not found]
{B56A7D7D-6927-48C8-A975-17DF180C71AC}\(Default) = (no title provided)
-> {HKLM...CLSID} = "PCTools Browser Monitor"
\InProcServer32\(Default) = "C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll" ["GuideWorks Pty. Ltd."]
{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\System32\yaywwvs.dll" [file not found]
{CDE8EAB9-CEF3-4885-B12F-26960A25C800}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Video ActiveX Access\iesplg.dll" [file not found]
{F10587E9-0E47-4CBE-84AE-7DD20B8684BB}\(Default) = "e404 helper"
-> {HKLM...CLSID} = "e404mgr Class"
\InProcServer32\(Default) = "C:\Program Files\Helper\ifastseek.dll" [file not found]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{A4DF5659-0801-4A60-9607-1C48695EFDA9}" = "Share-to-Web Upload Folder"
-> {HKLM...CLSID} = "Share-to-Web Upload Folder"
\InProcServer32\(Default) = "c:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL" ["Hewlett-Packard"]
"{7F67036B-66F1-411A-AD85-759FB9C5B0DB}" = "SampleView"
-> {HKLM...CLSID} = "SampleView"
\InProcServer32\(Default) = "C:\WINDOWS\System32\ShellvRTF.dll" ["XSS"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]
"{CCFE56EE-C7DE-44EE-A160-4553A5A912C9}" = "OmniPass Shell Extension"
-> {HKLM...CLSID} = "OmniPass Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Softex\OmniPass\opshelle.dll" ["Softex Incorporated"]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\Office\OLKFSTUB.DLL" [MS]
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"
-> {HKLM...CLSID} = "iTunes"
\InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]
"{DBD8E168-244D-448C-9922-25508950D1DC}" = "Ulead UDF Driver"
-> {HKLM...CLSID} = "USIShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ulead Systems\DVD\USIShex.dll" ["Ulead Systems, Inc."]
"{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler"
-> {HKLM...CLSID} = "NeroDigitalIconHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
"{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler"
-> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
"{7C9D5882-CB4A-4090-96C8-430BFE8B795B}" = "Webroot Spy Sweeper Context Menu Integration"
-> {HKLM...CLSID} = "Webroot Spy Sweeper Context Menu Integration"
\InProcServer32\(Default) = "C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll" ["Webroot Software, Inc."]
"{2F25CF20-C569-11D1-B94C-00608CB45480}" = "TextPad"
-> {HKLM...CLSID} = "TextPad"
\InProcServer32\(Default) = "C:\Program Files\TextPad 4\System\shellext.dll" ["Helios Software Solutions"]
"{acb4a560-3606-11d3-aef4-00104bd0f92d}" = "KodakShellExtension"
-> {HKLM...CLSID} = "KodakShellExtension"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Kodak\ifscore\KodakShX.dll" ["Eastman Kodak Company"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\
<<!>> "{8aa7a4d2-73c7-4fca-bef7-7923e38a3b1c}" = "farrandly"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\System32\tczij.dll" [file not found]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}" = "*W" (unwritable string)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\System32\yaywwvs.dll" [file not found]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"encaTrpwR" = "{BCBB56EB-1611-FC41-390D-22C6A7F3AE47}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\osl.dll" [null data]

HKLM\SOFTWA RE\Microsoft\Windows NT\CurrentVersion\Winlogon\
<<!>> "Shell" = "Explorer.exe C:\WINDOWS\shell.exe" [MS]

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\
<<!>> "Authentication Packages" = "msv1_0"|"C:\WINDOWS\System32\gebyw"
  • 0

#21
kahdah
Posted 13 April 2008 - 04:11 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Wow you have a very infected machine.
You have backdoor infections that have the capability to steal passwords to bank or of any kind.
So I suggest never to use any banking or financial transactions on this computer.
Also I recommend that from a non infected computer change any bank transactions or financial passwords that may have been used on this computer.
I am going to try to clean this up in a few steps at a time.
So let's get started. :)
========================
Download ComboFix from one of the locations below please then try to run it from it's current location.(instead of saving it choose Run)

Link 1
Link 2
Link 3

Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.
When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
  • 0

#22
rich06
Posted 13 April 2008 - 04:40 PM

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
im trying to run combo fix but, along with hijack this which i downloaded a bit back from download.com, wont run. It downloads but when i double click, nothing, or right click run, or file run. combofix.exe
  • 0

#23
kahdah
Posted 13 April 2008 - 04:43 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
When you were asked to save it you were supposed to choose run instead of save.

Try to do it again please.
If that will not work then try to rename it Kahdah.exe when you are asked to download it.
  • 0

#24
rich06
Posted 13 April 2008 - 04:53 PM

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
when i click the link firefox gives me only option save to disk... not an open with or anything. so cant rename it either..
  • 0

#25
kahdah
Posted 13 April 2008 - 04:57 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
When the download completes it usually will open up with the download complete box and will ask you o open or remove it.
Try it that way.
  • 0

Advertisements

#26
rich06
Posted 13 April 2008 - 05:20 PM

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
ok i saved to disk. than in download complete box tried to open from there. "had to change firefox settings which were on auto delete. but didnt open. it said. "would u like to open this file. may cuz damage to computer. but anyway it didnt work. ill try to run hijack this the same way and will post tomoro. Thanks again.
  • 0

#27
kahdah
Posted 13 April 2008 - 05:24 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Try to do this instead.
Try to also run it from within Firefox as you have no desktop.
=========================================
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
  • 0

#28
rich06
Posted 15 April 2008 - 05:31 PM

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Im beyond frustrated. my computer decides to reboot after being logged on for about a minute, EVERY time! BTW when i can get on for more than one minute my desktop does display, i might have confused you when saying it wont display. all is great until it reboots. THe computer ran in safe mode, if that helps at all, but cant get on to the internet in safe mode to download anything, and i dont think it lets you download in safe mode anyway. any advice, or should i throw it out the window?!
  • 0

#29
kahdah
Posted 15 April 2008 - 05:36 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok you will be able to get online in Safe Mode when you boot into safe mode choose Safe Mode with Networking.
I originally thought I read you saying it couldn't get into safe mode.

ANy way try to get into safe mode with networking and download combofix and then run it from there please.
Let me know if you have any issues.
  • 0

#30
rich06
Posted 15 April 2008 - 07:33 PM

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
WOW!!!!! 696 files infected! a record for you? were still not done! heres the logfile


Malwarebytes' Anti-Malware 1.11
Database version: 635

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 158161
Time elapsed: 1 hour(s), 25 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 80
Files Infected: 613

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\program files\mozilla firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> Unloaded module successfully.

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mustafx (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mustafx2 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\MalwareAlarm (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iDlo01 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\VirusHeal 3.7 (Rogue.VirusHeal) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\PopSwatr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\PopSwatr\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirusPro (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirusPro\Quarantine (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Helper (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\dbar (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\dbar\Cache (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi\dsktp (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi\temp (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi\temp\_updates (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nGpxx01 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\QdrDrive (Adware.AdBand) -> Quarantined and deleted successfully.
C:\Program Files\ISM (Adware.ISM) -> Quarantined and deleted successfully.
C:\Program Files\QdrModule (Adware.ISM) -> Quarantined and deleted successfully.
C:\Program Files\QdrPack (Adware.ISM) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Start Menu\Programs\MalwareAlarm (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\NI.UGA6P_0001_N122M0611 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\NetMon (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Anti Virus Pro spyware remover (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\BrowserObjects (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\StartMenuAllUsers (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\StartMenuCurrentUser (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun\RunOnce (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun\RunOnceEx (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun\RunOnce (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun\RunOnceEx (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro\BrowserObjects (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\StartMenuAllUsers (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\StartMenuCurrentUser (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun\RunOnce (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun\RunOnceEx (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun\RunOnce (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun\RunOnceEx (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro\BrowserObjects (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\StartMenuAllUsers (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\StartMenuCurrentUser (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun\RunOnce (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKCURun\RunOnceEx (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun\RunOnce (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Del Swoll\Application Data\Anti-Virus-Pro.com\AntiVirusPro\Autorun\HKLMRun\RunOnceEx (Rogue.AntiVirusPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\ultra (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Deskbar_{7FCB2BC4-D17B-48bc-9D0E-205CEB98CE90} (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Deskbar_{7FCB2BC4-D17B-48bc-9D0E-205CEB98CE90}\Cache (Adware.SoftMate) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\mozilla firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\WINDOWS\system32\agloseol.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\loesolga.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdktyfpq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qpfytkdb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dvpaodeb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bedoapvd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bedoapvd.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mustafx.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mustafx2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\acpuw.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\gavurjjf.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\gjtxc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\lilsesn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\mtaxh.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\xbgme.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\hyturoxg.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\yhczuhcb.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\nynz.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Local Settings\Temp\csrssc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\ftpdll.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\S8RX3464\notepad[1].exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\ftpdll.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\p4ck.exe (Spyware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\msvcrit.dll (Spyware.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\nvsvc1024.dll (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Desktop\New Folder\CursorManiaSetup2.2.60.11-2.ZCfox000.exe (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\!update.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\.tt3E1D.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\106.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\1207310969.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\3201486151.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\3793.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\A113-tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\csrssc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\DNR1A.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\DNRC.tmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\hnooegrs.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\ismtpa11.exe (Adware.ISM) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\ismtpa15.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\ismupd24.exe (Adware.ISM) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\loader.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\mshtml3.exe (Adware.Purityscan) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\rcv54E.tmp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\rsyncini.exe (Trojan.Shutdowner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\snapsnet.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\soft.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\wavvsnet.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\win32.exe (Worm.Zhelatin) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\winlogan.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\xtnsht.exe (Worm.Socks) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\yazzsnet.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\ICD2.tmp\PerformanceOptimizerPre_Installer.exe (Rogue.PerformanceOptimizer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsc13.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsc13.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsc19.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsc19.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsc30.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsc30.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsc30.tmp\ns43.tmp (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsd2D5.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsd2D5.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsdE.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsdE.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nse25.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nseE0.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nseE0.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsf26.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsf26.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsf43.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsf43.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsg26.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsg26.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsg34.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsg34.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsg39.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsg39.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsh42.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsj2A.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsj2A.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsk14.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsk14.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsk1A.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsk1E.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsk1E.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsk2B.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsk2B.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsl2A.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsl2A.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nslD.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nslF3.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nslF3.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsn14.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsn14.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsp18.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsp18.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsp2B.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsp2B.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsq2C.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsq2C.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nss10.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nss10.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nss23C.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nss23C.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nss23C.tmp\ns240.tmp (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nss2C.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nss2C.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nss2C.tmp\ns40.tmp (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nss40.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nss40.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsu34.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsv32.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsv32.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsw27.tmp\Dialer.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsw27.tmp\InetLoad.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\nsw27.tmp\ns2F.tmp (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\LSBR9MUO\!update-4495[1].0000 (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WZ4OF0FS\!update-4495[1].0000 (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WZ4OF0FS\!update-4495[2].0000 (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WZ4OF0FS\ex_264[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0473956.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0473957.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0473958.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0473959.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474012.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474014.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474021.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474022.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474025.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474026.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474027.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474028.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474031.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474088.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474089.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474095.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474096.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474099.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474100.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474101.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474102.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474105.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474161.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474162.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474168.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474169.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474171.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474172.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474173.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474174.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474175.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474179.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0474180.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0475171.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0475172.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\found.001\dir0000.chk\A0475173.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\cezfawfa\hwcaffaz.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Yazzle1281OinAdmin.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\dbar\deskbar.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\ISM\Uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\mwsoemon .exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\QdrDrive\QdrDrive9.dll (Adware.SearchAid) -> Quarantined and deleted successfully.
C:\Program Files\QdrDrive\qdrloader.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\QdrModule\QdrModule13.exe (Adware.SearchAid) -> Quarantined and deleted successfully.
C:\Program Files\QdrPack\QdrPack13.exe (Adware.SearchAid) -> Quarantined and deleted successfully.
C:\Program Files\QdrPack\QdrPack14.exe (Adware.SearchAid) -> Quarantined and deleted successfully.
C:\Program Files\winvi\wupda.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\Program Files\winvi\temp\_updates\removeWDCDS.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0000097.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0000098.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0000099.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0000100.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0000101.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0000224.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0000225.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001097.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001098.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001099.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001100.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001101.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001108.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001109.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001116.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001117.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001118.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001119.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001120.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001133.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001134.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001138.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001139.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001140.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001141.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001142.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001150.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001151.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001159.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001160.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001161.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001162.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP1\A0001163.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483422.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483423.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483424.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483425.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483431.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483432.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483433.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483434.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483439.vbs (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483449.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483453.exe (Adware.ISMonitor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483454.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483457.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483458.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483459.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483466.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483467.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483468.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0483469.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0484466.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0484467.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0484468.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP365\A0484469.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0484525.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0484526.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0484527.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0484531.dll (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0484591.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488594.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488595.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488596.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488597.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488770.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488771.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488772.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488776.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488777.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488778.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488779.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}(2)\RP366\A0488784.sys (Trojan.Obfuscated) -> Quarantined and deleted successfully.
C:\WINDOWS\murka.dat (Trojan.Proxy) -> Quarantined and deleted successfully.
C:\WINDOWS\mustafx.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\mustafx2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\zalpqbj.sys (Backdoor.Rustock) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\PerformanceOptimizerPre_Installer.exe (Rogue.PerformanceOptimizer) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\UGA6P_0001_N122M0611NetInstaller.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\UGA6P_0001_N122M2210NetInstaller.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adsnqhgnihor.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ahcjmpkfihcjel.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ahkfatgridgf.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\alonmp.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\alt.exe.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\atkbipsbmtobih.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\badgfqdsnmd.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\badgjelsn.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\badoral.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bapgf.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bedsbahkbetgb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cfatofqdknmhsj.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cfmlobelojedcj.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cfqhgfalkratsr.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cfqpsjqpcj.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cjmdsrqpgfqdsn.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cnatsbipgrepcb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cnehknmtob.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cnitcbmtgfqd.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\crihsfelcbedgf.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cripsbmhofalgb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cryper.dll (Spyware.Delf) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctfmonb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dcrqdsjap.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dgfalkbqponad.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dorapgbqt.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dsnmp.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dwngpmrs.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ehkralkrmt.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\etcjmpcrmpon.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\etgbapsnel.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fapobqt.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fehknqtsj.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fepsn.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fihgjepgn.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fmlgbelsbil.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fmlkb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fmtsjadsnih.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ftpdll.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gfatcfehkfit.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gfelsbmlkbadsj.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gfipcfalsnehkb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gfipgnitgnidgb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjetcnipgfelgn.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjidcnadsrip.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnadgb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnilkr.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnmtsfmtonqhgr.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hcjal.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hcrepsf.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgfmlgjmponed.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hkbepkfqlkbqp.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hkbilsb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hkrmdsr.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hkrqp.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\horehgjqt.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\horml.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\icasServ.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ilkbqhob.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ipgfipcj.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\itgfidcrmpof.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jepkjqtonil.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jfiehayd.dll (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jilgn.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jmtkb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jqdobed.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kbihgnmdgbehcf.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kjilsjmpgjat.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kjqhofidcfeh.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\knihkbmdsjmd.bmp (

Edited by rich06, 15 April 2008 - 07:36 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP