Hi jack this Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:22:51 PM, on 5/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {DAAA1D78-B172-4340-BB43-348DF64C9CFC} - C:\WINDOWS\system32\dx3.dll
O2 - BHO: {24cc33c6-610b-f209-d7e4-f8188f3a65cd} - {dc56a3f8-818f-4e7d-902f-b0166c33cc42} - C:\WINDOWS\system32\uistohhl.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [p2p networking] p2pnetworking.exe
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\CfgWiz.exe" /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [MSI Configuration] msiconf.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &Search - ?p=ZUxdm059YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab40641.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/...dy.cab32846.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.a...83/mcinsctl.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab32846.cab
O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} (ZPA_DMNO Object) - http://zone.msn.com/...no.cab41096.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.a...,20/mcgdmgr.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.to...31.5/ttinst.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/...xy.cab41227.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: byvtu - C:\WINDOWS\System32\byvtu.dll (file missing)
O20 - Winlogon Notify: ssqonmk - ssqonmk.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 11970 bytes
Uninstall List:
Ad-Aware 2007
Adobe Acrobat 5.0
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Shockwave Player
AppCore
Apple Mobile Device Support
Apple Software Update
AV
BCM V.92 56K Modem
BroadJump Client Foundation
CA Yahoo! Anti-Spy (remove only)
ccCommon
ccCommon
Connection Keep Alive
Dell Digital Jukebox Driver
Dell Media Experience
Dell Solution Center
Dell Support
Dell Wireless WLAN Utility
Disney's Lilo & Stitch Pinball
Disney's Toontown Online
DVDSentry
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
HijackThis 2.0.2
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Intel® Extreme Graphics 2 Driver
Internet Explorer Default Page
Internet Worm Protection
iTunes
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Java 2 Runtime Environment, SE v1.4.2_03
Java 6 Update 2
Java 6 Update 5
JumpStart Advanced Language Club
JumpStart Advanced Preschool
JumpStart Art for Fun
Learn2 Player (Uninstall Only)
Lexmark Supplies Monitor
Lexmark Z25-Z35
LiveUpdate 3.1 (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Broadband Networking
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Small Business Edition 2003
Modem Helper
Monopoly - SpongeBob SquarePants Edition
Mozilla Firefox (2.0.0.14)
MSN Music Assistant
MSRedist
MUSICMATCH® Jukebox
Norton AntiVirus
Norton AntiVirus (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton Cleanup
Norton GoBack 4.1
Norton Protection Center
Norton Protection Center
Norton SystemWorks
Norton SystemWorks 2006
Norton SystemWorks 2006 (Symantec Corporation)
Norton Utilities
NSW_DRM_COLLECTION
Panda ActiveScan 2.0
Pop-Up Stopper Free Edition
PowerDVD
QuickSet
QuickTime
Reading 4 Kids
RealPlayer Basic
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SPBBC 32bit
Spybot - Search & Destroy 1.4
SpywareBlaster 4.0
SUPERAntiSpyware Free Edition
Symantec
Symantec Real Time Storage Protection Component
SymNet
Synaptics Pointing Device Driver
Talking Math 4 Kids
Uniblue RegistryBooster 2
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Viewpoint Media Player
WeatherBug
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
Yahoo! Toolbar
Yahoo! Toolbar
Anti Spyware Scan Log:
SUPERAntiSpyware Scan Log
Generated 05/19/2008 at 05:16 PM
Application Version : 3.6.1000
Core Rules Database Version : 3463
Trace Rules Database Version: 1454
Scan type : Complete Scan
Total Scan Time : 01:49:01
Memory items scanned : 489
Memory threats detected : 2
Registry items scanned : 6763
Registry threats detected : 20
File items scanned : 44854
File threats detected : 239
Trojan.Downloader-CREW
C:\WINDOWS\SYSTEM32\WURUNXML.DLL
C:\WINDOWS\SYSTEM32\WURUNXML.DLL
HKLM\Software\Classes\CLSID\{5EAB6ADE-32B5-45EB-83DB-CAADF832F06c}
HKCR\CLSID\{5EAB6ADE-32B5-45EB-83DB-CAADF832F06C}
HKCR\CLSID\{5EAB6ADE-32B5-45EB-83DB-CAADF832F06C}\InprocServer32
HKCR\CLSID\{5EAB6ADE-32B5-45EB-83DB-CAADF832F06C}\InprocServer32#ThreadingModel
HKLM\Software\Classes\CLSID\{7C2AFD67-AEF8-45AC-B5C1-D5D278806E6e}
HKCR\CLSID\{7C2AFD67-AEF8-45AC-B5C1-D5D278806E6E}
HKCR\CLSID\{7C2AFD67-AEF8-45AC-B5C1-D5D278806E6E}\InprocServer32
HKCR\CLSID\{7C2AFD67-AEF8-45AC-B5C1-D5D278806E6E}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5EAB6ADE-32B5-45EB-83DB-CAADF832F06c}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C2AFD67-AEF8-45AC-B5C1-D5D278806E6e}
C:\WINDOWS\SYSTEM32\KPOEGHHL.DLL
C:\WINDOWS\SYSTEM32\MOHNYKYW.DLL
C:\WINDOWS\SYSTEM32\NXRWRVGP.DLL
C:\WINDOWS\SYSTEM32\SEAPADAE.DLL
C:\WINDOWS\SYSTEM32\TWSPEXPB.DLL
C:\WINDOWS\SYSTEM32\UCBHEXQL.DLL
Worm.Rbot Variant
C:\WINDOWS\SYSTEM32\P2PNETWORKING.EXE
C:\WINDOWS\SYSTEM32\P2PNETWORKING.EXE
[p2p networking] C:\WINDOWS\SYSTEM32\P2PNETWORKING.EXE
C:\PROGRAM FILES\UY.EXE
C:\RECYCLER\NPROTECT\02068557.EXE
C:\RECYCLER\NPROTECT\02073089.EXE
C:\RECYCLER\NPROTECT\02073092.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP563\A1728439.EXE
Trojan.NetMon/DNSChange
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#DeviceDesc
RootKit.TnCore/Trace
C:\WINDOWS\system32\drivers\core.cache.dsk
Trojan.Unknown Origin
C:\DOCUMENTS AND SETTINGS\ANGELO GAMBA\MY DOCUMENTS\LIMEWIRE\SAVED\THE KING OF KONG (2007)\VIDEO.EXE
C:\PROGRAM FILES\TRACK_03.EXE
C:\PROGRAM FILES\VIDEO.EXE
C:\RECYCLER\NPROTECT\02069132.EXE
C:\RECYCLER\NPROTECT\02069133.EXE
C:\RECYCLER\NPROTECT\02071917.EXE
C:\RECYCLER\NPROTECT\02071918.EXE
C:\RECYCLER\NPROTECT\02072507.EXE
C:\RECYCLER\NPROTECT\02072508.EXE
C:\RECYCLER\NPROTECT\02073091.EXE
C:\RECYCLER\NPROTECT\02073113.DLL
C:\RECYCLER\NPROTECT\02073114.VBS
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP554\A1714461.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP554\A1714462.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP554\A1714463.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP554\A1714464.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP554\A1714465.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP554\A1714466.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP554\A1714467.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP554\A1714468.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP554\A1714469.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP554\A1714470.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP555\A1715478.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP555\A1715479.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP556\A1716478.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP556\A1716479.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP557\A1717549.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP557\A1717550.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP557\A1718480.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP557\A1718481.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP557\A1718498.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP557\A1718499.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP557\A1719498.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP557\A1719499.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP558\A1719580.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP558\A1719581.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP558\A1720567.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP558\A1720568.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP558\A1721565.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP558\A1721566.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP559\A1722032.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP559\A1722033.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP559\A1723032.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP559\A1723033.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP559\A1723058.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP559\A1723059.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP559\A1723184.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP559\A1723185.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1724181.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1724182.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1724270.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1724271.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1725270.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1725271.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1725591.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1725592.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1726270.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1726271.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1727272.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP561\A1727273.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP563\A1728421.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP563\A1728422.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP564\A1729270.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP564\A1729271.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP564\A1730270.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP564\A1730271.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP564\A1730272.EXE
C:\WINDOWS\SYSTEM32\BETVMXVT.EXE
C:\WINDOWS\SYSTEM32\GRWEYDKQ.EXE
C:\WINDOWS\SYSTEM32\LWCCVECG.EXE
C:\WINDOWS\SYSTEM32\NPALCYAL.EXE
C:\WINDOWS\SYSTEM32\NRJXCUVV.EXE
C:\WINDOWS\SYSTEM32\VSJLENPC.EXE
C:\WINDOWS\SYSTEM32\YYQSVFYP.EXE
Browser Hijacker.AwesomeHomepage
C:\PROGRAM FILES\WINUPDATER\UPDATE.EXE
Adware.DeeWoo/ThinkAdz
C:\RECYCLER\NPROTECT\02073094.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP563\A1728441.EXE
Adware.Vundo Variant
C:\SYSTEM VOLUME INFORMATION\_RESTORE{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP507\A1702617.DLL
Trojan.WinSoftware/WinFixer
C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.1\UWFX5RS_0001_0808NETINSTALLER.EXE
C:\WINDOWS\DOWNLOADED PROGRAM FILES\UWA5PNETINSTALLER.EXE
Trojan.Downloader-Gen/DDC
C:\WINDOWS\SYSTEM32\AAYBPCUV.EXE
C:\WINDOWS\SYSTEM32\BAYXOYXO.EXE
C:\WINDOWS\SYSTEM32\BDCPFRDG.EXE
C:\WINDOWS\SYSTEM32\BEGLPPVB.EXE
C:\WINDOWS\SYSTEM32\BLRBURBO.EXE
C:\WINDOWS\SYSTEM32\CANRBFGV.EXE
C:\WINDOWS\SYSTEM32\CDBTXLDV.EXE
C:\WINDOWS\SYSTEM32\CHEPSOAU.EXE
C:\WINDOWS\SYSTEM32\CKUBIRQE.EXE
C:\WINDOWS\SYSTEM32\CMOHTQOO.EXE
C:\WINDOWS\SYSTEM32\CRGDWUFC.EXE
C:\WINDOWS\SYSTEM32\CRLKUORC.EXE
C:\WINDOWS\SYSTEM32\CVFGLDFR.EXE
C:\WINDOWS\SYSTEM32\CXULRCWT.EXE
C:\WINDOWS\SYSTEM32\DEKOBNWV.EXE
C:\WINDOWS\SYSTEM32\DMUREOKG.EXE
C:\WINDOWS\SYSTEM32\DOGFGWSA.EXE
C:\WINDOWS\SYSTEM32\DPTGBFVF.EXE
C:\WINDOWS\SYSTEM32\EFVDCRUG.EXE
C:\WINDOWS\SYSTEM32\EINYPCYS.EXE
C:\WINDOWS\SYSTEM32\EKHIDHGL.EXE
C:\WINDOWS\SYSTEM32\EQUJOOFQ.EXE
C:\WINDOWS\SYSTEM32\EUDCOVRA.EXE
C:\WINDOWS\SYSTEM32\EYKBDXPN.EXE
C:\WINDOWS\SYSTEM32\EYOGSMOO.EXE
C:\WINDOWS\SYSTEM32\FBJRQKUC.EXE
C:\WINDOWS\SYSTEM32\FBXRMWEP.EXE
C:\WINDOWS\SYSTEM32\FFJNKGTF.EXE
C:\WINDOWS\SYSTEM32\FJQJNVFB.EXE
C:\WINDOWS\SYSTEM32\FMFVSBFQ.EXE
C:\WINDOWS\SYSTEM32\FSNVDCPY.EXE
C:\WINDOWS\SYSTEM32\FTLXHNWD.EXE
C:\WINDOWS\SYSTEM32\GDOEWFTR.EXE
C:\WINDOWS\SYSTEM32\GFMYNEKD.EXE
C:\WINDOWS\SYSTEM32\GNNUSUYL.EXE
C:\WINDOWS\SYSTEM32\GVCERGBU.EXE
C:\WINDOWS\SYSTEM32\HFEQMKUE.EXE
C:\WINDOWS\SYSTEM32\HHXMFOBO.EXE
C:\WINDOWS\SYSTEM32\HJPVWFGY.EXE
C:\WINDOWS\SYSTEM32\HYWAWCND.EXE
C:\WINDOWS\SYSTEM32\ICWTJKHS.EXE
C:\WINDOWS\SYSTEM32\IFANCLEJ.EXE
C:\WINDOWS\SYSTEM32\IGKBXPSO.EXE
C:\WINDOWS\SYSTEM32\IIQXMNKJ.EXE
C:\WINDOWS\SYSTEM32\INMYNRGB.EXE
C:\WINDOWS\SYSTEM32\IOKQVVFG.EXE
C:\WINDOWS\SYSTEM32\IQDAPRHA.EXE
C:\WINDOWS\SYSTEM32\IQGMEUNN.EXE
C:\WINDOWS\SYSTEM32\IRTGCFDW.EXE
C:\WINDOWS\SYSTEM32\ISHFMQDN.EXE
C:\WINDOWS\SYSTEM32\JDDMBAKY.EXE
C:\WINDOWS\SYSTEM32\JDMTWWUM.EXE
C:\WINDOWS\SYSTEM32\JEDOCAOS.EXE
C:\WINDOWS\SYSTEM32\JHGTATCA.EXE
C:\WINDOWS\SYSTEM32\JHYUTQCL.EXE
C:\WINDOWS\SYSTEM32\JNUYSGXR.EXE
C:\WINDOWS\SYSTEM32\JPXTYSWG.EXE
C:\WINDOWS\SYSTEM32\JYDBBHFB.EXE
C:\WINDOWS\SYSTEM32\KHJTUILB.EXE
C:\WINDOWS\SYSTEM32\KTVASKHO.EXE
C:\WINDOWS\SYSTEM32\KUMSEIBJ.EXE
C:\WINDOWS\SYSTEM32\LEQCYQVT.EXE
C:\WINDOWS\SYSTEM32\LJHHLWTQ.EXE
C:\WINDOWS\SYSTEM32\LKWJIWMP.EXE
C:\WINDOWS\SYSTEM32\LLDQKFHX.EXE
C:\WINDOWS\SYSTEM32\LNOWPKXV.EXE
C:\WINDOWS\SYSTEM32\MJTDJJIJ.EXE
C:\WINDOWS\SYSTEM32\MRMFXIBQ.EXE
C:\WINDOWS\SYSTEM32\NGJUKEXR.EXE
C:\WINDOWS\SYSTEM32\NHQRKJRY.EXE
C:\WINDOWS\SYSTEM32\NNQMWQNY.EXE
C:\WINDOWS\SYSTEM32\NTSAEKUM.EXE
C:\WINDOWS\SYSTEM32\NYPRCGKS.EXE
C:\WINDOWS\SYSTEM32\ODYLAUFS.EXE
C:\WINDOWS\SYSTEM32\OGQBVHGW.EXE
C:\WINDOWS\SYSTEM32\OOICDVWV.EXE
C:\WINDOWS\SYSTEM32\OPQNCKNS.EXE
C:\WINDOWS\SYSTEM32\PPLODGXN.EXE
C:\WINDOWS\SYSTEM32\PRUCJSNW.EXE
C:\WINDOWS\SYSTEM32\PRYGMFUV.EXE
C:\WINDOWS\SYSTEM32\PYEBOYKP.EXE
C:\WINDOWS\SYSTEM32\PYVVMPHE.EXE
C:\WINDOWS\SYSTEM32\QFWFRRHT.EXE
C:\WINDOWS\SYSTEM32\QGGEXRLO.EXE
C:\WINDOWS\SYSTEM32\QHFRAUOO.EXE
C:\WINDOWS\SYSTEM32\QPIDVDOK.EXE
C:\WINDOWS\SYSTEM32\QQSUHPYO.EXE
C:\WINDOWS\SYSTEM32\QRQCBBAW.EXE
C:\WINDOWS\SYSTEM32\QWNQXNKM.EXE
C:\WINDOWS\SYSTEM32\QYEOFJBA.EXE
C:\WINDOWS\SYSTEM32\RGGDCCQV.EXE
C:\WINDOWS\SYSTEM32\RJWUWQOB.EXE
C:\WINDOWS\SYSTEM32\RJYYSVYJ.EXE
C:\WINDOWS\SYSTEM32\RNPCNUWI.EXE
C:\WINDOWS\SYSTEM32\RQNAOXQY.EXE
C:\WINDOWS\SYSTEM32\RTMKRWQC.EXE
C:\WINDOWS\SYSTEM32\RUIASXPF.EXE
C:\WINDOWS\SYSTEM32\SDLJWKST.EXE
C:\WINDOWS\SYSTEM32\SNLQAKSE.EXE
C:\WINDOWS\SYSTEM32\SQHYCLPO.EXE
C:\WINDOWS\SYSTEM32\TCPNQRRT.EXE
C:\WINDOWS\SYSTEM32\TFSCOBQJ.EXE
C:\WINDOWS\SYSTEM32\TYUNIRKO.EXE
C:\WINDOWS\SYSTEM32\UEPEMIXV.EXE
C:\WINDOWS\SYSTEM32\UMGYLHTK.EXE
C:\WINDOWS\SYSTEM32\URFUKESM.EXE
C:\WINDOWS\SYSTEM32\USLRTPOQ.EXE
C:\WINDOWS\SYSTEM32\VADAALNP.EXE
C:\WINDOWS\SYSTEM32\VEWGJXPV.EXE
C:\WINDOWS\SYSTEM32\VNGQTEJX.EXE
C:\WINDOWS\SYSTEM32\WFUOWFGG.EXE
C:\WINDOWS\SYSTEM32\WULVFTBC.EXE
C:\WINDOWS\SYSTEM32\XERNOLDS.EXE
C:\WINDOWS\SYSTEM32\XGBEXHPG.EXE
C:\WINDOWS\SYSTEM32\XGOMHRSX.EXE
C:\WINDOWS\SYSTEM32\XTJUBLCG.EXE
C:\WINDOWS\SYSTEM32\XXOEUHWT.EXE
C:\WINDOWS\SYSTEM32\YGSQJVLV.EXE
C:\WINDOWS\SYSTEM32\YHDKKFTR.EXE
C:\WINDOWS\SYSTEM32\YHPLUUWS.EXE
C:\WINDOWS\SYSTEM32\YIRFQWEA.EXE
C:\WINDOWS\SYSTEM32\YWNIMHFD.EXE
C:\WINDOWS\SYSTEM32\YXIOKWYP.EXE
Trojan.Downloader-SpyTool
C:\WINDOWS\SYSTEM32\BFODLSIO.DLL
C:\WINDOWS\SYSTEM32\FPKKXOCO.DLL
C:\WINDOWS\SYSTEM32\NATMMXYV.DLL
C:\WINDOWS\SYSTEM32\OADOSVCS.DLL
C:\WINDOWS\SYSTEM32\PWABHUJS.DLL
C:\WINDOWS\SYSTEM32\TKTJWOYK.DLL
C:\WINDOWS\SYSTEM32\TQXGAXTF.DLL
Adware.Vundo/Traff-2
C:\WINDOWS\SYSTEM32\EMPJJOFD.EXE
C:\WINDOWS\SYSTEM32\FSPLWLHI.EXE
C:\WINDOWS\SYSTEM32\GNQWIQAA.EXE
C:\WINDOWS\SYSTEM32\GUIFDFSD.EXE
C:\WINDOWS\SYSTEM32\JMSELDQJ.EXE
C:\WINDOWS\SYSTEM32\LMFIAPMX.EXE
C:\WINDOWS\SYSTEM32\MHEQDJNO.EXE
C:\WINDOWS\SYSTEM32\PEJYVGUN.EXE
C:\WINDOWS\SYSTEM32\PRXSMACK.EXE
C:\WINDOWS\SYSTEM32\SGFSSCMQ.EXE
C:\WINDOWS\SYSTEM32\UEQYOUQJ.EXE
C:\WINDOWS\SYSTEM32\VLSCHOLD.EXE
C:\WINDOWS\SYSTEM32\YIEIXOEJ.EXE
Adware.Vundo Variant/Rel
C:\WINDOWS\SYSTEM32\UTVYB.INI
C:\WINDOWS\SYSTEM32\UTVYB.INI2