Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PC running slow. Possible rootkit.


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Process Explorer?
  • 0

Advertisements


#17
CopperJohnny

CopperJohnny

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Ron,

Here are the results from Process Explorer -

-----------------------------------------------------------------------------------------------------------------

Process PID CPU Private Bytes Working Set Description Company Name Verified Signer
explorer.exe 1968 23,764 K 16,596 K Windows Explorer Microsoft Corporation (Verified) Microsoft Windows Component Publisher
CALMAIN.exe 1728 1,000 K 404 K Canon Camera Access Library 8 Canon Inc. (Unable to verify) Canon Inc.
svchost.exe 1556 2,680 K 2,008 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
procexp.exe 1488 7.69 11,692 K 16,152 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
wmiprvse.exe 1376 2,728 K 4,832 K WMI Microsoft Corporation (Verified) Microsoft Windows Component Publisher
IntuitUpdateService.exe 1320 27,824 K 6,216 K Intuit Update Service Intuit Inc. (Verified) Intuit, Inc.
svchost.exe 1308 2,956 K 496 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1260 1,320 K 292 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
spoolsv.exe 1148 3,572 K 1,080 K Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1064 1,688 K 1,640 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 984 2,344 K 332 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 932 1.54 11,264 K 9,488 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 848 1,700 K 1,412 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
firefox.exe 800 123,936 K 131,416 K Firefox Mozilla Corporation (Verified) Mozilla Corporation
svchost.exe 760 1,292 K 1,168 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
lsass.exe 608 3,664 K 808 K LSA Shell (Export Version) Microsoft Corporation (Verified) Microsoft Windows Component Publisher
services.exe 596 1,708 K 1,308 K Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Component Publisher
winlogon.exe 552 1.54 5,732 K 2,300 K Windows NT Logon Application Microsoft Corporation (Verified) Microsoft Windows Component Publisher
csrss.exe 524 1.54 1,524 K 1,820 K Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Component Publisher
ltmsg.exe 484 472 K 232 K ltmsg Agere Systems (Verified) Microsoft Windows Hardware Compatibility Publisher
ContentTransferWMDetector.exe 476 2,032 K 904 K Content Transfer Walkman Detector Sony Corporation (Verified) Sony Corporation
smss.exe 460 168 K 48 K Windows NT Session Manager Microsoft Corporation (Verified) Microsoft Windows Component Publisher
shwicon2k.exe 424 668 K 292 K Alcor Micro, Corp. (Unable to verify) Alcor Micro, Corp.
hphmon05.exe 404 820 K 1,048 K HPHmon05 Hewlett-Packard (Unable to verify) Hewlett-Packard
hpsysdrv.exe 380 392 K 212 K hpsysdrv Hewlett-Packard Company (Unable to verify) Hewlett-Packard Company
System 4 0 K 44 K
System Idle Process 0 87.69 0 K 16 K
Interrupts n/a < 0.01 0 K 0 K Hardware Interrupts and DPCs

----------------------------------------------------------------------------------------------------------------
  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

What issues are you having?
  • 0

#19
CopperJohnny

CopperJohnny

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Farbar Service Scanner Version: 06-08-2012
Ran by Owner (administrator) on 30-08-2012 at 22:28:05
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled. The default start type is Auto.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Disabled. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000800000009000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****
  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Download, Save and right click and Run As Admin servicesrepair.exe from ESET: http://kb.eset.com/l...vicesRepair.exe

Reboot when it finishes and then run the farbar service scanner as before.
  • 0

#21
CopperJohnny

CopperJohnny

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
2nd run of Farber -

Farbar Service Scanner Version: 06-08-2012
Ran by Owner (administrator) on 30-08-2012 at 22:54:57
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice service is OK.

sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\system32\DRIVERS\sr.sys".


System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000800000009000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****
  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Download and Save the attached fixsr.reg and then right click on it and Merge. Then reboot and run Farbar Service Scanner again and post the log.
  • 0

#23
CopperJohnny

CopperJohnny

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Farbar scan results after running fixsr -

------------------------------------------------------------------------------------------------------------Farbar Service Scanner Version: 06-08-2012
Ran by Owner (administrator) on 31-08-2012 at 09:46:52
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000800000009000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****
  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
OK. Looks like System Restore should now work. Also Windows updates should work too. What problems are you still seeing?
  • 0

#25
CopperJohnny

CopperJohnny

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
My biggest concern now is not being able to run ComboFix to ensure that I have eliminated all of the crap that I had in my system.
  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Replace Comodo with the free Avast!
http://www.avast.com...ivirus-download

Download, Save, and right click and Run As Administrator.

Once you have it installed and it has updated:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find?
Look in C:\ProgramData\Avast Software\Avast\report\aswboot.txt for a text copy of the report that you can copy and paste.

This is a really good scan but it takes a long time so I suggest you let it run overnight.
  • 0

#27
CopperJohnny

CopperJohnny

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Hi Ron,

Ran the AVAT BootScan and it found 38 infected files.
When I go into program files/avast software/avast/ there is no report...
  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Can you do a screen shot of the report?
http://graphicssoft....nscreenshot.htm Save the file as a .jpg or the forum won't allow it.
  • 0

#29
CopperJohnny

CopperJohnny

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Hi Ron,

I was finally able to find the report log -

------------------------------------------------------------------------------------------------------------

08/31/2012 20:16
Scan of all local drives


File C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\TDM\TDMInstall.exe|>Wise0010.bin Error 42145 {Installer archive is corrupted.}
File C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\TDM\TDMInstall.exe|>Wise0013.bin Error 42145 {Installer archive is corrupted.}
File C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\TDM\TDMInstall.exe|>Wise0016.bin Error 42145 {Installer archive is corrupted.}
File C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\TDM\TDMInstall.exe|>Wise0020.bin Error 42145 {Installer archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05HD019_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05EV100_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05HB025_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05NG002_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05NF002_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05NE002_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05MK004_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05hl025_d1.mt62|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05hk034_d1.mt61|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05LK010_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05LJ011_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05LG003_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05LF003_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05HX021_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05HP103_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05HO103_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05HN004_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05HM004_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05ll005_d1.mt63|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05lm006_d1.mt64|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_05HG018_D0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27LF004_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27HX022_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27HP103_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27HO103_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27HN005_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27HM005_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41mp002_a1.mt611|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nl003_a0.mt612|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27HG019_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27HD019_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27HB025_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27EV100_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nm003_a0.mt613|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27LG004_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27LJ011_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27LK010_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41mj013_a1.mt69|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41mj016_a0.mt610|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27MK004_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27NE002_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27NF002_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27NG002_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27NH010_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27NI010_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27NJ007_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27NK008_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27XP001_B0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27lm006_b1.mt68|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41NP001_A0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41NQ001_A0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41NR001_A0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41NS001_A0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41NX001_A0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41NY001_A0.MT6|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_29nk012_a0.mt61|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27yn001_b1.mt61|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27no003_b0.mt62|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27ll005_b1.mt67|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27hl026_b1.mt66|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27hk034_b1.mt65|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_29no003_a0.mt62|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nn003_a0.mt614|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41np002_a0.mt615|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41np101_a0.mt616|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nq003_a0.mt617|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nq102_a0.mt618|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nr004_a0.mt619|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nr101_a0.mt620|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41ns002_a0.mt621|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41ns101_a0.mt622|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nu002_a1.mt623|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nu102_a0.mt624|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nw002_a1.mt625|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nw102_a0.mt626|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nx002_a0.mt627|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41nx104_a0.mt628|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41ny002_a0.mt629|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41ny103_a0.mt630|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41pa004_a0.mt631|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41pb003_a0.mt632|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41pc003_a0.mt633|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41pd004_a0.mt634|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41ph003_a0.mt635|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41pi003_a0.mt636|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_41pj003_a0.mt637|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi|>Data1.cab|>_27yi001_b0.mt62|>MTUNEDATA.MT6 Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\n_ahscju.dat is infected by Win32:SpyBot-EWK [Trj], Moved to chest
File C:\WINDOWS\n_aiihws.txt is infected by Win32:Trojano-CYX [Trj], Moved to chest
File C:\WINDOWS\n_bufvxt.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_cvmxck.dat is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_czvhcr.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_eblcjo.txt is infected by Win32:Agent-CN [Trj], Moved to chest
File C:\WINDOWS\n_eutddi.dat is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_hfprzh.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_idwvtl.dat is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_ilktij.txt is infected by Win32:Trojano-AIV [Trj], Moved to chest
File C:\WINDOWS\n_ltuftz.txt is infected by Win32:Agent-CF [Trj], Moved to chest
File C:\WINDOWS\n_ltuxik.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_mfudlk.dat is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_mjyxyt.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_ndhjql.dat is infected by Win32:Trojano-AHS [Trj], Moved to chest
File C:\WINDOWS\n_oirvdw.dat is infected by Win32:Agent-CG [Trj], Moved to chest
File C:\WINDOWS\n_ooogrt.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_ouxief.dat is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_pmsvkf.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_pxksru.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_qajybh.dat is infected by Win32:Trojano-AOY [Trj], Moved to chest
File C:\WINDOWS\n_qhcmwn.txt is infected by Win32:Agent-BY [Trj], Moved to chest
File C:\WINDOWS\n_qnxvsn.dat is infected by Win32:Agent-NH [Trj], Moved to chest
File C:\WINDOWS\n_qpxfvb.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_qqlgjv.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_rgxadg.dat is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_sndrko.txt is infected by Win32:Trojano-DJP [Trj], Moved to chest
File C:\WINDOWS\n_sxzknk.dat is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_txqrvf.dat is infected by Win32:Trojano-DQZ [Trj], Moved to chest
File C:\WINDOWS\n_uoxyzt.dat is infected by Win32:Agent-CN [Trj], Moved to chest
File C:\WINDOWS\n_vegoyp.dat is infected by Win32:Agent-CM [Trj], Moved to chest
File C:\WINDOWS\n_vvhfmp.txt is infected by Win32:Trojano-ATN [Trj], Moved to chest
File C:\WINDOWS\n_xhpysx.dat is infected by Win32:Agent-BR [Trj], Moved to chest
File C:\WINDOWS\n_xtehuw.txt is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_yhrlli.dat is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_ykokpo.dat is infected by Win32:Agent-AMOY [Trj], Moved to chest
File C:\WINDOWS\n_yndyvp.dat is infected by Win32:Trojano-HG [Trj], Moved to chest
Number of searched folders: 12736
Number of tested files: 1032015
Number of infected files: 38
  • 0

#30
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Quite a collection of malware you had there.

I would manually delete the two files that it says are corrupt:

C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\TDM\TDMInstall.exe
C:\WINDOWS\Downloaded Installations\{0DAE287E-2ED0-4B7E-AFBF-C438C8DB0908}\Tuning Mode for Harley-Davidson Delphi v453.msi

Can you try a new Combofix download. Rename it to paul.exe

Before you run it:


Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then uncheck Enable AutoSandbox. OK

Right click on the Avast Ball and select Avast! Shields Control and Disable Until Computer is Restarted

It wouldn't hurt to run the boot time scan again. I've seen infections that took three runs before the scan came up clean.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP