Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

hclean32.exe [CLOSED]


  • This topic is locked This topic is locked

#1
shawnd

shawnd

    New Member

  • Member
  • Pip
  • 1 posts
Hi,

Got a popup from Norton last week saying that a hclean32.exe trojan file had been found on my system and quarantined. Since then the message has popped up whenever I turn on the computer. The computer has been running really slowly all week. Tried running some things like Spyware and Trend Micro and Panda's online scans to see if they would find anything, but each time I tried to use the programs they either froze up or an error message popped up and they shut themselves down.

Tried using the tools listed on this site (CleanUp!, Ad-aware SE, CWShredder, Ewido Security Suite ... said it found 200 infections!, TrojanHunter) and removed a bunch of stuff including a sketchy toolbar that showed up a week ago. Restarted my comp and haven't got the pop up from Norton yet, but things are still running a little slow. Was wondering if someone could please look over my logs and let me know if there are still any sketchy files that need to be removed.

Thank you very much for your help. I really appreciate it.

Shawn


Here is my HijackThis Log:

Logfile of HijackThis v1.99.1
Scan saved at 10:23:09 PM, on 9/19/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\HijackThis1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.hotmail.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.hotmail.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - (no file)
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [UnSpyPC] "C:\Program Files\UnSpyPC\UnSpyPC.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {1E9EC64D-8981-40E8-A829-00BC351BFBBE} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {1E9EC64D-8981-40E8-A829-00BC351BFBBE} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {74EE703B-7DD1-437B-BF72-96E3C06ADE06} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {74EE703B-7DD1-437B-BF72-96E3C06ADE06} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AFBF4166-39EF-420F-BAA5-B3133F096416} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AFBF4166-39EF-420F-BAA5-B3133F096416} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {E244E70C-52BF-4C9D-8772-62ED64D2F4FF} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {E244E70C-52BF-4C9D-8772-62ED64D2F4FF} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {F73FC69B-1964-4CA2-BA4E-BB3DE45E3701} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F73FC69B-1964-4CA2-BA4E-BB3DE45E3701} - (no file) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - https://www.plaxo.co...laxoInstall.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.co...UC/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifes...ll/pinstall.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1125310554817
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/s...nfo/webscan.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivi...n/ravonline.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} - http://www.freedom.n...cabs/cssweb.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.app.../ITDetector.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A04FF7D-8507-44A7-9100-04D8C6B6756A}: NameServer = 69.50.177.203,85.255.112.24
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B4C4FA9-CE60-4048-B26C-801A63896DD4}: NameServer = 69.50.177.203 85.255.112.24
O17 - HKLM\System\CCS\Services\Tcpip\..\{D0458F67-A1FB-4E2D-8A65-E3FAAD474DEA}: NameServer = 69.50.177.203,85.255.112.24
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A04FF7D-8507-44A7-9100-04D8C6B6756A}: NameServer = 69.50.177.203,85.255.112.24
O17 - HKLM\System\CS2\Services\Tcpip\..\{1A04FF7D-8507-44A7-9100-04D8C6B6756A}: NameServer = 69.50.177.203,85.255.112.24
O20 - Winlogon Notify: iexplore - ErR\i.dll (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Here is my ewido security suite log:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 6:43:46 PM, 9/19/2005
+ Report-Checksum: 3A883DE6

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{08BEC6AA-49FC-4379-3587-4B21E286C19E} -> Spyware.SBSoft : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7F6828CA-9E42-462C-BC60-418C8144012C} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{491BE5B7-A7F8-40EC-AAD4-CBA11FDFD814} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{09CA52B3-703C-4B17-9690-C13F736E3DCD} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{29358AA6-679D-44EA-8A51-59A3C6E6F811} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{8EA362BD-39CB-40F5-9226-73CD40999095} -> Spyware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08BEC6AA-49FC-4379-3587-4B21E286C19E} -> Spyware.SBSoft : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6828CA-9E42-462C-BC60-418C8144012C} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Windows ServeAd -> Spyware.BlazeFind : Cleaned with backup
[1672] C:\WINDOWS\System32\umsjc.dll -> Spyware.SBSoft : Error during cleaning
[3840] C:\WINDOWS\System32\umsjc.dll -> Spyware.SBSoft : Error during cleaning
[1176] c:\windows\system\bhomod00.dll -> TrojanDownloader.Agent.mk : Error during cleaning
C:\!Submit\2.00.00.dll -> Spyware.Ihbo : Cleaned with backup
C:\Documents and Settings\User\Application Data\Mercora\MercoraClient\Data\MyPictures.dat -> Spyware.Grokster : Cleaned with backup
C:\Documents and Settings\User\Cookies\user@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\53DA0B42-166C-4067-A1D9-A3F1B7\1BA0CB85-6B48-414A-AE9C-579295 -> Spyware.Ihbo : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP123\A0078505.exe -> Trojan.DNSChanger.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP123\A0078506.exe -> Trojan.DNSChanger.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP123\A0078507.EXE -> Dialer.Generic : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP126\A0081664.exe -> Trojan.DNSChanger.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP126\A0081665.exe -> Trojan.DNSChanger.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0081679.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0081680.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0082654.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0082661.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0082662.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0082663.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0082684.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0082685.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0082689.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083687.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083702.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083703.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083704.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083705.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083706.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083712.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083715.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083716.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083717.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083719.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083729.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083734.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083735.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0083736.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0084729.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0084738.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0085735.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0085750.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0085751.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0085757.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0085760.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0085761.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP127\A0085767.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0085774.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0085775.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0085776.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086767.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086773.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086775.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086776.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086777.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086781.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086796.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086797.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086806.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086807.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086815.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086872.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086873.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP128\A0086874.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0086884.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0086898.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0086927.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0086928.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0086929.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0086930.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0086931.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0086932.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0086955.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0086956.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0087895.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0087908.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0087915.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0087934.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0088933.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0088939.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0088954.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0088969.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0088974.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0088975.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP129\A0088976.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0089015.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0089016.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0089018.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0089019.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0089969.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0089994.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0089999.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0090996.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0091001.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0091002.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0091003.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0091996.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0092001.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP130\A0092002.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP131\A0092999.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP131\A0093008.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP131\A0093009.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP131\A0093010.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0093034.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0093035.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0093999.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0094002.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0094003.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0094004.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0094009.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0094011.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0094012.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0094013.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095009.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095051.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095052.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095059.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095060.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095062.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095067.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095068.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095069.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095074.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095126.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP133\A0095127.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0096071.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0096080.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097077.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097091.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097092.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097093.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097116.exe -> Trojan.DNSChanger.x : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097119.exe -> Trojan.DNSChanger.x : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097138.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097139.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097150.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097156.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097157.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097158.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097167.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097173.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097233.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097234.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097236.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097247.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097249.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0097250.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0098239.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0098316.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0098317.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0098340.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0098341.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP134\A0098342.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP135\A0098351.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP135\A0098364.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP135\A0098365.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP135\A0099348.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP135\A0099353.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP135\A0099354.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP135\A0099355.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP135\A0099357.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP135\A0099358.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0099390.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0099396.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0099405.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0099407.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0099408.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0099409.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0099459.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0099460.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0100402.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0101402.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0102402.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0103402.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0103411.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0103458.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0103459.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP136\A0103460.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103498.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103515.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103516.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103539.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103553.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103558.exe -> Trojan.Qhost.qr : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103559.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103560.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103577.exe -> Spyware.FindSpy : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103578.exe -> Spyware.Msnagent : Cleaned with backup
C:\System Volume Information\_restore{F63E46F3-8A08-4702-94A0-7D1E4378BB25}\RP137\A0103611.exe -> TrojanDropper.Vidro.u : Cleaned with backup
C:\WINDOWS\system\__delete_on_reboot__bhomod00.dll -> TrojanDownloader.Agent.mk : Cleaned with backup
C:\WINDOWS\system32\tvldy.exe -> Trojan.DNSChanger.x : Cleaned with backup
C:\WINDOWS\system32\zyfla.exe -> Trojan.DNSChanger.x : Cleaned with backup
C:\WINDOWS\system32\__delete_on_reboot__umsjc.dll -> Spyware.SBSoft : Cleaned with backup


::Report End

Thanks!
  • 0

Advertisements


#2
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Hi Shawn and welcome to GTG.

Please read the first link in my signature and follow the steps outlined there. You must install XP SP1a (hold off on SP2 until your computer is clean). Without SP1a, you are wide open to re-infection. When you are ready, post a new HijackThis log here.
  • 0

#3
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP