This topic is locked
I'm a newbie so I hope I make sense. I seemed to have picked up something from aim or something. I have run all the recommeded programs and everything seems to
run just fine. But three or four days later, my system seems to slow down again. I scanned with advast and malwarebytes and found a couple of infected files with each program. Could not run panda because it tried to infect me every time I tried to download it. Pop ups and redirected web pages have stopped. installed spyhunter to help protect system. ad aware was disabled by infection. SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 04/27/2008 at 07:21 PM
Application Version : 4.0.1154
Core Rules Database Version : 3448
Trace Rules Database Version: 1439
Scan type : Complete Scan
Total Scan Time : 01:20:03
Memory items scanned : 633
Memory threats detected : 0
Registry items scanned : 6116
Registry threats detected : 0
File items scanned : 94274
File threats detected : 31
Adware.Tracking Cookie
C:\Documents and Settings\Rodney\Cookies\rodney@statcounter[2].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@fastclick[1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@trafficmp[2].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][2].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@apmebf[1].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][2].txt
C:\Documents and Settings\Rodney\Cookies\rodney@atwola[1].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][1].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@tribalfusion[2].txt
C:\Documents and Settings\Rodney\Cookies\rodney@media6degrees[2].txt
C:\Documents and Settings\Rodney\Cookies\rodney@questionmarket[1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@casalemedia[2].txt
C:\Documents and Settings\Rodney\Cookies\rodney@atdmt[1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@realmedia[1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@bluestreak[1].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][1].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@doubleclick[1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@mediaplex[1].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][2].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@specificclick[2].txt
C:\Documents and Settings\Rodney\Cookies\[email protected][2].txt
C:\Documents and Settings\Rodney\Cookies\rodney@precisionclick[1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@247realmedia[1].txt
C:\Documents and Settings\Rodney\Cookies\rodney@advertising[1].txt
Adware.Vundo-Variant/Small-A
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP4\A0003383.DLL
Adware.Vundo Variant/Rel
C:\WINDOWS\SYSTEM32\MCRH.TMP
hijack this logfile:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:20:51 PM, on 4/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH
Jukebox\mmtask.exe
C:\Program Files\Common Files\Microsoft Shared\Works
Shared\WkUFind.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier
.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare
software\bin\EasyShare.exe
C:\Documents and Settings\Rodney\Local
Settings\Temp\temp.frF13F\MS_Update.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = 127.0.0.1
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32
\Userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-
768834316C61} - C:\Program Files\HP\Smart Web
Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-
58F732D338C0} - C:\Program Files\HP\Smart Web
Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7
-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-
001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05
\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-
8509-7D2660C9EC98} - C:\Program
Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-
8333-CF10577473F7} - c:\program
files\google\googletoolbar4.dll
O2 - BHO: (no name) - {AE44CD5B-6C39-4495-8120-
68E3E8B291AD} - C:\WINDOWS\system32\awtRkIXn.dll (file
missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-
4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-
009027A5CD4F} - c:\program
files\google\googletoolbar4.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-
9DAF-2561D68B2012} - C:\Program Files\Common
Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32
\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32
\hkcmd.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program
Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program
Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program
Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [mmtask] C:\Program
Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection]
C:\Program Files\Common Files\Microsoft Shared\Works
Shared\WkUFind.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program
Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4
\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell
Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32
\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32
\ctfmon.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1
\SsAAD.exe
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier
.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program
Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupport-] "C:\Program
Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program
Files\Dell Support Center\bin\sprtcmd.exe" /P
DellSupportCenter
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\1.2.908.5008
\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\1.2.908.5008
\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Global Startup: America Online 9.0 Tray Icon.lnk =
C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk =
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk =
C:\Program Files\Kodak\Kodak EasyShare
software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program
Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MS_Update.lnk = C:\Documents and
Settings\Rodney\Local
Settings\Temp\temp.frF13F\MS_Update.exe
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-
1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace -
{04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program
Files\VisualRoute\vrie.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5
-00401C608501} - C:\Program Files\Java\jre1.6.0_05
\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-
A538-10282ABF65E7} - C:\Program Files\HP\Smart Web
Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-
479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web
Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE
-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7
-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0
-818C-5D0987B47C4D} - C:\Program
Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E
-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: vzTCPConfig -
http://www.verizon.n...ludes/vzTCPConf
ig.CAB
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}
(SysProWmi Class) -
http://support.dell....iler/SysPro.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
(QuickTime Object) -
http://a1540.g.akama...205/qtinstall.i
nfo.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3}
(StagingUI Object) -
http://zone.msn.com/...gingUI.cab55579.
cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94}
(PCPitstop Utility) -
http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} -
http://www.symantec....sa/LSSupCtl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}
(ActiveScan 2.0 Installer Class) -
http://acs.pandasoft...abs/as2stubie.c
ab
O16 - DPF: {339234B4-4E14-4280-B8B4-8BAE5AF99063} (Chess
Object) -
http://zone.msn.com/...kqrp.cab55579.c
ab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN
Games – Buddy Invite) -
http://zone.msn.com/...dy.cab55579.cab
O16 - DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5}
(SupportSoft External Control) -
http://connect.comca...ast Activation%
20Controls.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3}
(ZonePAChat Object) -
http://zone.msn.com/...hat.cab55579.ca
b
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}
(Windows Live Safety Center Base Module) -
http://cdn.scan.onec.../download/scann
er/wlscbase370.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.micros...te/v6/V5Control
s/en/x86/client/muweb_site.cab?1154924112015
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6}
(Groove Control) -
http://www.nick.com/.../GrooveAX27.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303}
(ZPA_TexasHoldem Object) -
http://zone.msn.com/...txhe.cab55579.c
ab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539}
(Crucial cpcScan) -
http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN
Games - Installer) -
http://cdn2.zone.msn.../ZIntro.cab5557
9.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D}
(Toontown Installer ActiveX Control) -
http://download.toon...4.48/ttinst.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}
(ActiveDataInfo Class) -
http://www.symantec....sa/SymAData.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN
Games – Game Communicator) -
http://zone.msn.com/...oxy.cab55579.ca
b
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7}
(ActiveDataObj Class) - https://www-
secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell
PC Checkup Installer Control) -
http://pccheckup.del...ll/gtdownde.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941}
(Driver Agent ActiveX Control) -
http://driveragent.c...driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{16B077D7-2574-
4927-89C2-7D116C4E4710}: NameServer =
68.87.72.130,68.87.77.130
O17 - HKLM\System\CS1\Services\Tcpip\..\{16B077D7-2574-
4927-89C2-7D116C4E4710}: NameServer =
68.87.72.130,68.87.77.130
O17 - HKLM\System\CS2\Services\Tcpip\..\{16B077D7-2574-
4927-89C2-7D116C4E4710}: NameServer =
68.87.72.130,68.87.77.130
O20 - Winlogon Notify: !SASWinLogon - C:\Program
Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: yayxwtSi - yayxwtSi.dll (file
missing)
O23 - Service: AOL Connectivity Service (AOL ACS) -
America Online, Inc. - C:\PROGRA~1\COMMON~1
\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. -
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) -
ALWIL Software - C:\Program Files\Alwil Software\Avast4
\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software -
C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software -
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software -
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DSBrokerService - Unknown owner -
C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google -
C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation -
C:\Program Files\Common Files\Sony
Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation -
C:\Program Files\Common Files\Sony
Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP -
C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SupportSoft Sprocket Service
(dellsupportcenter) (sprtsvc_dellsupportcenter) -
SupportSoft, Inc. - C:\Program Files\Dell Support
Center\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony
Corporation - C:\Program Files\Common Files\Sony
Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony
Corporation - C:\Program Files\Common Files\Sony
Shared\AVLib\SSScsiSV.exe
O23 - Service: Viewpoint Manager Service - Viewpoint
Corporation - C:\Program
Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service
(WANMiniportService) - America Online, Inc. -
C:\WINDOWS\wanmpsvc.exe
--
End of file - 14157 bytes
hjt uninstall list:
3D Groove Playback Engine
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player Plugin
Adobe Reader 8.1.2
Adobe Shockwave Player
Adobe® Photoshop® Album Starter Edition 3.2
AIM 6
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20030807.3)
Apple Mobile Device Support
Apple Software Update
ArcSoft Software Suite
Audacity 1.2.4
avast! Antivirus
AxCrypt (Remove Only)
Broadcom Management Programs
Buggin' Out (remove only)
CardRd81
CCScore
Christmas Time 3D Screensaver 1.0
Comcast High-Speed Internet Install Wizard
CR2
Dell Digital Jukebox Driver
Dell Media Experience
Dell Solution Center
Dell Support Center
DellSupport
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
Funcade
Google Toolbar for Internet Explorer
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
HP Imaging Device Functions 7.0
HP Photosmart and Deskjet 7.0.A
HP Photosmart Essential
HP Smart Web Printing
HP Solution Center 7.0
HP Update
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics Driver
Internet Explorer Default Page
iPod for Windows 2006-03-23
ItsDeductible Express
iTunes
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Java 2 Runtime Environment, SE v1.4.2
Java™ 6 Update 2
Java™ 6 Update 3
Java™ 6 Update 5
kgcbase
Kids Next Door
Kodak EasyShare software
Learn2 Player (Uninstall Only)
Macromedia Flash Player
Madagascar ™ Demo
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Encarta Encyclopedia Standard 2004
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Picture It! Photo Premium 9
Microsoft Streets and Trips 2004
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Word 2002
Microsoft Works
Microsoft Works 2004 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Mighty Math Calculating Crew (Remove only)
Modem Event Monitor
Modem Helper
Modem On Hold
MP3 Player Utilities 3.10
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MUSICMATCH® Jukebox
MySpeed PC
netbrdg
OCR Software by I.R.I.S 7.0
Offroad Arena
OfotoXMI
OpenMG Secure Module 4.6.01
OpenOffice.org 2.0
Panda ActiveScan 2.0
PokerStars.net
Pro Media Director Version 1.1.1.1
QuickTime
ScanToWeb
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
SFR
SFR2
SHASTA
Shockwave
skin0001
SKINXSDK
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SonicStage 4.2
Spelling Dictionaries Support For Adobe Reader 8
SpyHunter
staticcr
SUPERAntiSpyware Free Edition
tooltips
TurboTax Basic 2004
Tweak UI
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
V CAST Music Manager
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar
VisualRoute
VPRINTOL
WebCyberCoach 3.2 Dell
WebIQ Client Software
WexTech AnswerWorks
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinZip
WIRELESS
malwarebytes log file:
Malwarebytes' Anti-Malware 1.11
Database version: 690
Scan type: Full Scan (C:\|)
Objects scanned: 137428
Time elapsed: 1 hour(s), 0 minute(s), 50 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\CurrentControlSet\services (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
first malwarebytes log file(04-21-2008):
Malwarebytes' Anti-Malware 1.11
Database version: 668
Scan type: Quick Scan
Objects scanned: 41389
Time elapsed: 12 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 39
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 5
Files Infected: 85
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\SYSTEM32\jhxnpxyg.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\Resources\AlrtRam.dll (Trojan.Clicker) -> Unloaded module successfully.
Registry Keys Infected:
HKEY_CLASSES_ROOT\cpbrkpie.coupon6ctrl.1 (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a85a5e6a-de2c-4f4e-99dc-f469df5a0eec} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e780f0b-bcd6-40cb-b2db-7af47ab4d4a4} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a138be8b-f051-4802-9a3f-a750a6d862d4} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\dpcproxy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e5330b7a-25c1-4e9a-9898-1192b57bb0eb} (Trojan.Clicker) -> Delete on reboot.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorertoolbar (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\mwc (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Delete on reboot.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VideoPlugin (Trojan.Fakealert) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{a98d0065-7326-41b5-b8d9-c5b692cdb82f} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\AlrtRam (Trojan.Clicker) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ZangoToolbar 4.8.3 (Adware.Zango) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\akl (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Application Data\PC-Cleaner (Rogue.PC-Cleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopvirii (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\SYSTEM32\jhxnpxyg.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\gyxpnxhj.ini (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\cpbrkpie.ocx (Adware.Coupons) -> Quarantined and deleted successfully.
C:\WINDOWS\Web\def.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\2_mslagent.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\mslagent.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\uninstall.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\uninstall.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\unsetup.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Application Data\PC-Cleaner\log.dat (Rogue.PC-Cleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Application Data\PC-Cleaner\settings.dat (Rogue.PC-Cleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopvirii\Trojan-Downloader.Win32.Agent.bl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopvirii\Trojan-Downloader.Win32.Agent.p.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopvirii\Trojan-Downloader.Win32.Agent.r.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopvirii\Trojan-Downloader.Win32.Agent.t.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopvirii\Trojan-Downloader.Win32.Agent.v.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\base64.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\FVProtect.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32akttzn.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32anticipator.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32awtoolb.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32bdn.com (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32bsva-egihsg52.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32dpcproxy.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32emesx.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32h@tkeysh@@k.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32hoproxy.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32hxiwlgpm.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32hxiwlgpm.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32medup012.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32medup020.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32msgp.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32msnbho.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32mssecu.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32msvchost.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32mtr2.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32mwin32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32netode.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32newsd32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32ps1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32psof1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32psoft1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32regc64.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32regm64.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32Rundl1.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32sncntr.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32ssurf022.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32ssvchost.com (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32ssvchost.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32sysreq.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32taack.dat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32taack.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32temp#01.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32thun.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32thun32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32VBIEWER.OCX (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32vbsys2.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32vcatchpi.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32winlogonpc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\System32WINWGPX.EXE (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\userconfig9x.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip1.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip2.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip3.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zipped.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\Resources\AlrtRam.dll (Trojan.Clicker) -> Delete on reboot.
C:\WINDOWS\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\apoxqwfv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopblackbird.jpg (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\DesktopEditorFKWP1.5.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\DesktopEditorFKWP2.0.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopfilemanagerclient.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopfkwp1.5.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopfkwp2.0.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\Desktopfwebd.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\DesktopFWebdEditor.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodney\DesktopTrojan.Win32.BlackBird.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
I hope this post is helpful. Thanks in advance, Rodfree.
Sign In
Create Account
