Page 1 of 3 123 LastLast
Results 1 to 10 of 28

Thread: Firefox and IE problems (No online scanners are working)

  1. #1
    Junior Member
    Join Date
    May 2007
    Posts
    24

    Default Firefox and IE problems (No online scanners are working)

    Hello, as I said before I'm having a lot of trouble with both IE and Firefox. The problem is that IE has been completely disabled somehow. I can open it but I can use it. Therefore I CANNOT do ANY online scanners. Also, in Firefox it seems to be blocking frequented websites when I KNOW they work. Whenever I try to do an online virus scan using Firefox, it crashes no matter which ones I try.

    Please help me out... I understand you guys have a certain procedure and I have looked at it several times. I repeat I cannot use any online scanners.

    Here, once again is a logfile using Hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 7:01:34 PM, on 5/4/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\WINDOWS\system32\LVComsX.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hijackthis\hijackthis\Pimpjiggy.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gamefaqs.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Sympatico
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A8D1239C-552B-4819-A3FA-8CB87224A400} - C:\WINDOWS\system\bdsa.dll
    O2 - BHO: CNavExtBho Class - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\wgihblpi.dll
    O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
    O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
    O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\ilnsxety.dll",realset
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
    O4 - HKCU\..\Run: [Pinnacle Game Profiler] "C:\Program Files\KALiNKOsoft\Pinnacle Game Profiler\pinnacle.exe" -atboottime
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...tml?p=ZNfox000
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O15 - Trusted Zone: http://locator.cdn.imageservr.com
    O15 - Trusted Zone: http://locator1.cdn.imageservr.com
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_2.2.2.89.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.co...s/MsnPUpld.cab
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/...reeInstall.cab
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Zang...e46115b5703919
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6B41F12B-ADE9-454C-93F7-23CC545BA979}: NameServer = 85.255.113.122,85.255.112.169
    O17 - HKLM\System\CCS\Services\Tcpip\..\{964229AD-5E57-4501-B4D8-BFE698190100}: NameServer = 85.255.113.122,85.255.112.169
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D080EB38-E298-4FB6-8DE4-E98BF3E3DA02}: NameServer = 85.255.113.122,85.255.112.169
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.122 85.255.112.169
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: bdsa - C:\WINDOWS\system\bdsa.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello.

    I closed your other topic:
    http://forums.spybot.info/showthread...3929#post83929

    I am afraid you are delaying assistance by not following the procedures we have posted and pinned in this forum. For instance, we clearly ask members not to start new topics for the same PC problem.

    "BEFORE you POST" Mandatory Steps Before Requesting Assistance

    If you cannot run a scan, no problem, that can be addressed once a helper responds.

    But please do not post more HJT logs, comments or start new topics. Helpers look for zero replies.

    If you have waited four days for advice post here.

    Best wishes.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Security Expert-Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    3,934

    Default

    Hello The New Blueguy and sorry for the delay...

    You're infected...Let's begin the cleaning...

    At first you need to disable a few realtime protections. These may interfere with our cleaning process.
    We'll enable these when you're clean...

    Disable Spybot S&D Teatimer.
    • Run Spybot-S&D in Advanced Mode
    • If it is not already set to do this, go to the Mode menu select "Advanced Mode"
    • On the left hand side, click on Tools
    • Then click on the Resident icon in the list
    • Uncheck "Resident TeaTimer" and OK any prompts.
    • Restart your computer



    You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

    Please download FixWareout from one of these sites:
    http://downloads.subratam.org/Fixwareout.exe
    http://www.bleepingcomputer.com/file...Fixwareout.exe

    Save it to your desktop and run it. Click Next, then Install, then make sure "Run fixit" is checked and click Finish. The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

    At the end of the fix, you may need to restart your computer again.

    Please download VundoFix.exe to your desktop.
    • Double-click VundoFix.exe to run it.
    • Click the Scan for Vundo button.
    • Once it's done scanning, click the Remove Vundo button.
    • You will receive a prompt asking if you want to remove the files, click YES
    • Once you click yes, your desktop will go blank as it starts removing Vundo.
    • When completed, it will prompt that it will reboot your computer, click OK.
    • Please post the contents of C:\vundofix.txt and a new HiJackThis log along with the contents of the logfile C:\fixwareout\report.txt

    Note: It is possible that VundoFix encountered a file it could not remove.
    In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

    MalWare Removal University - You too could train to help others
    UNITE & ASAP member since 2006

  4. #4
    Junior Member
    Join Date
    May 2007
    Posts
    24

    Default

    Here is the Fixwareout report:



    Fixwareout Last edited 4/5/2007
    Post this report in the forums please
    ...
    »»»»»Prerun check
    HKLM\SOFTWARE\~\Winlogon\ "System"="kdsro.exe"

    »»»»» System restarted

    »»»»» Postrun check
    HKLM\SOFTWARE\~\Winlogon\ "system"=""
    ....
    ....
    »»»»» Misc files.
    ....
    »»»»» Checking for older varients.
    ....

    Search five digit cs, dm, kd, jb, other, files.
    The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection.



    Click browse, find the file then click submit.
    http://www.virustotal.com/flash/index_en.html
    Or http://virusscan.jotti.org/

    »»»»» Other
    C:\WINDOWS\Temp\kdsro.ren 63488 08/04/2004



    »»»»» Current runs
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
    "HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
    "ccApp"="\"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
    "IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\ipoint.exe\""
    "My Web Search Bar Search Scope Monitor"="\"C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\m3SrchMn.exe\" /m=0"
    "XboxStat"="\"c:\\Program Files\\Microsoft Xbox 360 Accessories\\XboxStat.exe\" silentrun"
    "InfoData"="rundll32.exe \"C:\\WINDOWS\\system32\\ilnsxety.dll\",realset"
    "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
    65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
    "Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
    "BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
    "MySpaceIM"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"
    "updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_8 -reboot 1"
    "igndlm.exe"="C:\\Program Files\\IGN\\Download Manager\\DLM.exe /windowsstart /startifwork"
    "Pinnacle Game Profiler"="\"C:\\Program Files\\KALiNKOsoft\\Pinnacle Game Profiler\\pinnacle.exe\" -atboottime"
    "DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
    ....
    Hosts file was reset, If you use a custom hosts file please replace it
    »»»»» End report »»»»»

  5. #5
    Junior Member
    Join Date
    May 2007
    Posts
    24

    Default

    Here is the Vundofix log:



    VundoFix V6.3.21

    Checking Java version...

    Java version is 1.4.2.3
    Old versions of java are exploitable and should be removed.

    Scan started at 12:13:13 AM 5/8/2007

    Listing files found while scanning....

    C:\WINDOWS\system\asdb.bak1
    C:\WINDOWS\system\asdb.bak2
    C:\WINDOWS\system\asdb.ini
    C:\WINDOWS\system\bdsa.dll
    C:\WINDOWS\system32\aabcqdlo.exe
    C:\WINDOWS\system32\aaphduxq.dll
    C:\WINDOWS\system32\aehrmgoe.dll
    C:\WINDOWS\system32\aidhpalu.exe
    C:\WINDOWS\system32\alltlijy.dll
    C:\WINDOWS\system32\aqkiueey.dll
    C:\WINDOWS\system32\bdjptlpn.dll
    C:\WINDOWS\system32\bqauknng.exe
    C:\WINDOWS\system32\cbnwgyos.ini
    C:\WINDOWS\system32\dghfglrw.exe
    C:\WINDOWS\system32\dupbvlrx.exe
    C:\WINDOWS\system32\dwolvwrf.dll
    C:\WINDOWS\system32\eckjeltn.dll
    C:\WINDOWS\system32\egtsfiku.exe
    C:\WINDOWS\system32\ehxuqqmd.exe
    C:\WINDOWS\system32\ekqqkorv.dll
    C:\WINDOWS\system32\emgychml.exe
    C:\WINDOWS\system32\epllwcvc.dll
    C:\WINDOWS\system32\evadunky.exe
    C:\WINDOWS\system32\faeuhvmi.dll
    C:\WINDOWS\system32\fftbxufi.exe
    C:\WINDOWS\system32\frjtgkwp.exe
    C:\WINDOWS\system32\gghjhixx.dll
    C:\WINDOWS\system32\gmpbgpps.exe
    C:\WINDOWS\system32\hhlekuss.dll
    C:\WINDOWS\system32\hnpbmmcs.dll
    C:\WINDOWS\system32\hoqvmaaa.exe
    C:\WINDOWS\system32\hvmqvdhp.exe
    C:\WINDOWS\system32\hxmodrry.dll
    C:\WINDOWS\system32\ilnsxety.dll
    C:\WINDOWS\system32\imriecle.exe
    C:\WINDOWS\system32\irldkrxn.exe
    C:\WINDOWS\system32\irxyrwau.dll
    C:\WINDOWS\system32\jfaicevu.exe
    C:\WINDOWS\system32\jmhdupsa.exe
    C:\WINDOWS\system32\kcxchqmp.exe
    C:\WINDOWS\system32\kdfmlxja.dll
    C:\WINDOWS\system32\kfbucyia.exe
    C:\WINDOWS\system32\kigcyrey.exe
    C:\WINDOWS\system32\knlpnslj.exe
    C:\WINDOWS\system32\kqfxnimn.dll
    C:\WINDOWS\system32\kvycdmch.exe
    C:\WINDOWS\system32\ldwggksb.exe
    C:\WINDOWS\system32\ljhexgex.exe
    C:\WINDOWS\system32\lkpuhwbg.dll
    C:\WINDOWS\system32\luvuedfo.dll
    C:\WINDOWS\system32\lwacgpao.dll
    C:\WINDOWS\system32\mdntcdbr.dll
    C:\WINDOWS\system32\mjwfitei.dll
    C:\WINDOWS\system32\mmnhehah.dll
    C:\WINDOWS\system32\moagmhlw.exe
    C:\WINDOWS\system32\nafmpwgv.exe
    C:\WINDOWS\system32\nejlmwhu.dll
    C:\WINDOWS\system32\neulhijs.dll
    C:\WINDOWS\system32\newugovk.exe
    C:\WINDOWS\system32\nsqaorwy.exe
    C:\WINDOWS\system32\ofqofxbc.exe
    C:\WINDOWS\system32\okohechd.dll
    C:\WINDOWS\system32\owthsemo.exe
    C:\WINDOWS\system32\oynmbwuv.dll
    C:\WINDOWS\system32\plfirmaw.exe
    C:\WINDOWS\system32\pmdkqglt.dll
    C:\WINDOWS\system32\pquimifp.dll
    C:\WINDOWS\system32\prbdklry.dll
    C:\WINDOWS\system32\qhbhpfxm.exe
    C:\WINDOWS\system32\qngijply.exe
    C:\WINDOWS\system32\qnofnybq.dll
    C:\WINDOWS\system32\qtvvxral.dll
    C:\WINDOWS\system32\qveugrrx.dll
    C:\WINDOWS\system32\qwpojtaf.dll
    C:\WINDOWS\system32\qytrkttj.exe
    C:\WINDOWS\system32\rcdjndgx.exe
    C:\WINDOWS\system32\rkeaaaam.exe
    C:\WINDOWS\system32\rpoeqmbh.dll
    C:\WINDOWS\system32\rqapapug.exe
    C:\WINDOWS\system32\rsfdrubw.exe
    C:\WINDOWS\system32\saipjecf.exe
    C:\WINDOWS\system32\sgcodpim.dll
    C:\WINDOWS\system32\sipjpcif.dll
    C:\WINDOWS\system32\sllkcmjs.dll
    C:\WINDOWS\system32\soygwnbc.dll
    C:\WINDOWS\system32\soyspeji.dll
    C:\WINDOWS\system32\ssdxysts.exe
    C:\WINDOWS\system32\svaianib.exe
    C:\WINDOWS\system32\sxrlewke.exe
    C:\WINDOWS\system32\tcgnayub.dll
    C:\WINDOWS\system32\thdctafr.exe
    C:\WINDOWS\system32\tnkodymf.exe
    C:\WINDOWS\system32\tyyomhbn.dll
    C:\WINDOWS\system32\ubqnnegq.dll
    C:\WINDOWS\system32\udbjamid.exe
    C:\WINDOWS\system32\uqlfpuyl.dll
    C:\WINDOWS\system32\uttbvcoo.dll
    C:\WINDOWS\system32\uwixlnyi.dll
    C:\WINDOWS\system32\vbenbchb.dll
    C:\WINDOWS\system32\vbnofecs.dll
    C:\WINDOWS\system32\vbtuvvso.exe
    C:\WINDOWS\system32\velfsuga.exe
    C:\WINDOWS\system32\vhtlthwg.dll
    C:\WINDOWS\system32\vlqcbmfr.dll
    C:\WINDOWS\system32\vltgekky.dll
    C:\WINDOWS\system32\vtargees.exe
    C:\WINDOWS\system32\vtiwokuu.dll
    C:\WINDOWS\system32\vutojqrl.dll
    C:\WINDOWS\system32\wabekqgw.exe
    C:\WINDOWS\system32\wcdthyba.exe
    C:\WINDOWS\system32\wcybvrdc.exe
    C:\WINDOWS\system32\wgihblpi.dll
    C:\WINDOWS\system32\wjjfladv.dll
    C:\WINDOWS\system32\wlbwvqex.dll
    C:\WINDOWS\system32\wqypqrfg.exe
    C:\WINDOWS\system32\wvvpagdi.exe
    C:\WINDOWS\system32\xxvdkfnw.dll
    C:\WINDOWS\system32\ycdjohwj.dll
    C:\WINDOWS\system32\yegogkjj.exe
    C:\WINDOWS\system32\ygmnehfc.dll
    C:\WINDOWS\system32\yhanqkel.exe
    C:\WINDOWS\system32\yhucbmdi.exe
    C:\WINDOWS\system32\ytexsnli.ini
    C:\WINDOWS\system32\yvqoxqrn.dll
    C:\WINDOWS\system32\yxylhqvw.dll
    C:\WINDOWS\system32\yyimfaek.exe

    Beginning removal...

    Attempting to delete C:\WINDOWS\system\asdb.bak1
    C:\WINDOWS\system\asdb.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\system\asdb.bak2
    C:\WINDOWS\system\asdb.bak2 Has been deleted!

    Attempting to delete C:\WINDOWS\system\asdb.ini
    C:\WINDOWS\system\asdb.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system\bdsa.dll
    C:\WINDOWS\system\bdsa.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\aabcqdlo.exe
    C:\WINDOWS\system32\aabcqdlo.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\aaphduxq.dll
    C:\WINDOWS\system32\aaphduxq.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\aehrmgoe.dll
    C:\WINDOWS\system32\aehrmgoe.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\aidhpalu.exe
    C:\WINDOWS\system32\aidhpalu.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\alltlijy.dll
    C:\WINDOWS\system32\alltlijy.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\aqkiueey.dll
    C:\WINDOWS\system32\aqkiueey.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\bdjptlpn.dll
    C:\WINDOWS\system32\bdjptlpn.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\bqauknng.exe
    C:\WINDOWS\system32\bqauknng.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\cbnwgyos.ini
    C:\WINDOWS\system32\cbnwgyos.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\dghfglrw.exe
    C:\WINDOWS\system32\dghfglrw.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\dupbvlrx.exe
    C:\WINDOWS\system32\dupbvlrx.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\dwolvwrf.dll
    C:\WINDOWS\system32\dwolvwrf.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\eckjeltn.dll
    C:\WINDOWS\system32\eckjeltn.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\egtsfiku.exe
    C:\WINDOWS\system32\egtsfiku.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ehxuqqmd.exe
    C:\WINDOWS\system32\ehxuqqmd.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ekqqkorv.dll
    C:\WINDOWS\system32\ekqqkorv.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\emgychml.exe
    C:\WINDOWS\system32\emgychml.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\epllwcvc.dll
    C:\WINDOWS\system32\epllwcvc.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\evadunky.exe
    C:\WINDOWS\system32\evadunky.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\faeuhvmi.dll
    C:\WINDOWS\system32\faeuhvmi.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\fftbxufi.exe
    C:\WINDOWS\system32\fftbxufi.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\frjtgkwp.exe
    C:\WINDOWS\system32\frjtgkwp.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\gghjhixx.dll
    C:\WINDOWS\system32\gghjhixx.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\gmpbgpps.exe
    C:\WINDOWS\system32\gmpbgpps.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hhlekuss.dll
    C:\WINDOWS\system32\hhlekuss.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hnpbmmcs.dll
    C:\WINDOWS\system32\hnpbmmcs.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hoqvmaaa.exe
    C:\WINDOWS\system32\hoqvmaaa.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hvmqvdhp.exe
    C:\WINDOWS\system32\hvmqvdhp.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hxmodrry.dll
    C:\WINDOWS\system32\hxmodrry.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ilnsxety.dll
    C:\WINDOWS\system32\ilnsxety.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\imriecle.exe
    C:\WINDOWS\system32\imriecle.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\irldkrxn.exe
    C:\WINDOWS\system32\irldkrxn.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\irxyrwau.dll
    C:\WINDOWS\system32\irxyrwau.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jfaicevu.exe
    C:\WINDOWS\system32\jfaicevu.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jmhdupsa.exe
    C:\WINDOWS\system32\jmhdupsa.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\kcxchqmp.exe
    C:\WINDOWS\system32\kcxchqmp.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\kdfmlxja.dll
    C:\WINDOWS\system32\kdfmlxja.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\kfbucyia.exe
    C:\WINDOWS\system32\kfbucyia.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\kigcyrey.exe
    C:\WINDOWS\system32\kigcyrey.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\knlpnslj.exe
    C:\WINDOWS\system32\knlpnslj.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\kqfxnimn.dll
    C:\WINDOWS\system32\kqfxnimn.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\kvycdmch.exe
    C:\WINDOWS\system32\kvycdmch.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ldwggksb.exe
    C:\WINDOWS\system32\ldwggksb.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ljhexgex.exe
    C:\WINDOWS\system32\ljhexgex.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\lkpuhwbg.dll
    C:\WINDOWS\system32\lkpuhwbg.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\luvuedfo.dll
    C:\WINDOWS\system32\luvuedfo.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\lwacgpao.dll
    C:\WINDOWS\system32\lwacgpao.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\mdntcdbr.dll
    C:\WINDOWS\system32\mdntcdbr.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\mjwfitei.dll
    C:\WINDOWS\system32\mjwfitei.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\mmnhehah.dll
    C:\WINDOWS\system32\mmnhehah.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\moagmhlw.exe
    C:\WINDOWS\system32\moagmhlw.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nafmpwgv.exe
    C:\WINDOWS\system32\nafmpwgv.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nejlmwhu.dll
    C:\WINDOWS\system32\nejlmwhu.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\neulhijs.dll
    C:\WINDOWS\system32\neulhijs.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\newugovk.exe
    C:\WINDOWS\system32\newugovk.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nsqaorwy.exe
    C:\WINDOWS\system32\nsqaorwy.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ofqofxbc.exe
    C:\WINDOWS\system32\ofqofxbc.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\okohechd.dll
    C:\WINDOWS\system32\okohechd.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\owthsemo.exe
    C:\WINDOWS\system32\owthsemo.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\oynmbwuv.dll
    C:\WINDOWS\system32\oynmbwuv.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\plfirmaw.exe
    C:\WINDOWS\system32\plfirmaw.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\pmdkqglt.dll
    C:\WINDOWS\system32\pmdkqglt.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\pquimifp.dll
    C:\WINDOWS\system32\pquimifp.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\prbdklry.dll
    C:\WINDOWS\system32\prbdklry.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qhbhpfxm.exe
    C:\WINDOWS\system32\qhbhpfxm.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qngijply.exe
    C:\WINDOWS\system32\qngijply.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qnofnybq.dll
    C:\WINDOWS\system32\qnofnybq.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qtvvxral.dll
    C:\WINDOWS\system32\qtvvxral.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qveugrrx.dll
    C:\WINDOWS\system32\qveugrrx.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qwpojtaf.dll
    C:\WINDOWS\system32\qwpojtaf.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qytrkttj.exe
    C:\WINDOWS\system32\qytrkttj.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rcdjndgx.exe
    C:\WINDOWS\system32\rcdjndgx.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rkeaaaam.exe
    C:\WINDOWS\system32\rkeaaaam.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rpoeqmbh.dll
    C:\WINDOWS\system32\rpoeqmbh.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rqapapug.exe
    C:\WINDOWS\system32\rqapapug.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rsfdrubw.exe
    C:\WINDOWS\system32\rsfdrubw.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\saipjecf.exe
    C:\WINDOWS\system32\saipjecf.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\sgcodpim.dll
    C:\WINDOWS\system32\sgcodpim.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\sipjpcif.dll
    C:\WINDOWS\system32\sipjpcif.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\sllkcmjs.dll
    C:\WINDOWS\system32\sllkcmjs.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\soygwnbc.dll
    C:\WINDOWS\system32\soygwnbc.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\soyspeji.dll
    C:\WINDOWS\system32\soyspeji.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ssdxysts.exe
    C:\WINDOWS\system32\ssdxysts.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\svaianib.exe
    C:\WINDOWS\system32\svaianib.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\sxrlewke.exe
    C:\WINDOWS\system32\sxrlewke.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\tcgnayub.dll
    C:\WINDOWS\system32\tcgnayub.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\thdctafr.exe
    C:\WINDOWS\system32\thdctafr.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\tnkodymf.exe
    C:\WINDOWS\system32\tnkodymf.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\tyyomhbn.dll
    C:\WINDOWS\system32\tyyomhbn.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ubqnnegq.dll
    C:\WINDOWS\system32\ubqnnegq.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\udbjamid.exe
    C:\WINDOWS\system32\udbjamid.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\uqlfpuyl.dll
    C:\WINDOWS\system32\uqlfpuyl.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\uttbvcoo.dll
    C:\WINDOWS\system32\uttbvcoo.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\uwixlnyi.dll
    C:\WINDOWS\system32\uwixlnyi.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vbenbchb.dll
    C:\WINDOWS\system32\vbenbchb.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vbnofecs.dll
    C:\WINDOWS\system32\vbnofecs.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vbtuvvso.exe
    C:\WINDOWS\system32\vbtuvvso.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\velfsuga.exe
    C:\WINDOWS\system32\velfsuga.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vhtlthwg.dll
    C:\WINDOWS\system32\vhtlthwg.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vlqcbmfr.dll
    C:\WINDOWS\system32\vlqcbmfr.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vltgekky.dll
    C:\WINDOWS\system32\vltgekky.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vtargees.exe
    C:\WINDOWS\system32\vtargees.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vtiwokuu.dll
    C:\WINDOWS\system32\vtiwokuu.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vutojqrl.dll
    C:\WINDOWS\system32\vutojqrl.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wabekqgw.exe
    C:\WINDOWS\system32\wabekqgw.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wcdthyba.exe
    C:\WINDOWS\system32\wcdthyba.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wcybvrdc.exe
    C:\WINDOWS\system32\wcybvrdc.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wgihblpi.dll
    C:\WINDOWS\system32\wgihblpi.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wjjfladv.dll
    C:\WINDOWS\system32\wjjfladv.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wlbwvqex.dll
    C:\WINDOWS\system32\wlbwvqex.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wqypqrfg.exe
    C:\WINDOWS\system32\wqypqrfg.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wvvpagdi.exe
    C:\WINDOWS\system32\wvvpagdi.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xxvdkfnw.dll
    C:\WINDOWS\system32\xxvdkfnw.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ycdjohwj.dll
    C:\WINDOWS\system32\ycdjohwj.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yegogkjj.exe
    C:\WINDOWS\system32\yegogkjj.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ygmnehfc.dll
    C:\WINDOWS\system32\ygmnehfc.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yhanqkel.exe
    C:\WINDOWS\system32\yhanqkel.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yhucbmdi.exe
    C:\WINDOWS\system32\yhucbmdi.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ytexsnli.ini
    C:\WINDOWS\system32\ytexsnli.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yvqoxqrn.dll
    C:\WINDOWS\system32\yvqoxqrn.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yxylhqvw.dll
    C:\WINDOWS\system32\yxylhqvw.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yyimfaek.exe
    C:\WINDOWS\system32\yyimfaek.exe Has been deleted!

    Performing Repairs to the registry.
    Done!

  6. #6
    Junior Member
    Join Date
    May 2007
    Posts
    24

    Default

    And finally... Here's the fresh HJT Log:


    Logfile of HijackThis v1.99.1
    Scan saved at 12:47:26 AM, on 5/8/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
    C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\hijackthis\hijackthis\Pimpjiggy.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gamefaqs.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Sympatico
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {0805E331-F6AF-454C-B679-15974247B531} - C:\WINDOWS\system\bdsa.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CNavExtBho Class - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
    O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
    O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\ilnsxety.dll",realset
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
    O4 - HKCU\..\Run: [Pinnacle Game Profiler] "C:\Program Files\KALiNKOsoft\Pinnacle Game Profiler\pinnacle.exe" -atboottime
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O15 - Trusted Zone: http://locator.cdn.imageservr.com
    O15 - Trusted Zone: http://locator1.cdn.imageservr.com
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_2.2.2.89.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.co...s/MsnPUpld.cab
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/...reeInstall.cab
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Zang...e46115b5703919
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6B41F12B-ADE9-454C-93F7-23CC545BA979}: NameServer = 85.255.113.122,85.255.112.169
    O17 - HKLM\System\CCS\Services\Tcpip\..\{964229AD-5E57-4501-B4D8-BFE698190100}: NameServer = 85.255.113.122,85.255.112.169
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D080EB38-E298-4FB6-8DE4-E98BF3E3DA02}: NameServer = 85.255.113.122,85.255.112.169
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.122 85.255.112.169
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WB - C:\PROGRA~1\OBJECT~1\WINDOW~1\fastload.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

  7. #7
    Security Expert-Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    3,934

    Default

    Hi again, we'll continue
    Looks better already...

    You should print these instructions or save these to a text file. Follow these instructions carefully.

    Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
    http://www.ewido.net/en/download/
    • Install AVG Anti-Spyware by double clicking the installer.
    • Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
    • On the main screen under Your Computer's security.
      • Click on Change state next to Resident shield. It should now change to inactive.
      • Click on Change state next to Automatic updates. It should now change to inactive.
      • Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
      • Wait until you see the Update succesfull message.
    • Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
    • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
    If you are having problems with the updater, you can use this link to manually update ewido.
    AVG Anti-Spyware manual updates.
    Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.

    Download ATF Cleaner by Atribune to your desktop.
    Do NOT run yet.

    ==================

    Run HijackThis, click Do a system scan only, and check the box next to each of these entries if still present. Close all other windows and press Fix checked. If something isn't there, please continue with the next entry in the list. Fix the O15s too if you haven't added those to the Trusted Zone on purpose.

    O2 - BHO: (no name) - {0805E331-F6AF-454C-B679-15974247B531} - C:\WINDOWS\system\bdsa.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\ilnsxety.dll",realset
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O15 - Trusted Zone: http://locator.cdn.imageservr.com
    O15 - Trusted Zone: http://locator1.cdn.imageservr.com
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/...reeInstall.cab
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Zang...e46115b5703919
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6B41F12B-ADE9-454C-93F7-23CC545BA979}: NameServer = 85.255.113.122,85.255.112.169
    O17 - HKLM\System\CCS\Services\Tcpip\..\{964229AD-5E57-4501-B4D8-BFE698190100}: NameServer = 85.255.113.122,85.255.112.169
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D080EB38-E298-4FB6-8DE4-E98BF3E3DA02}: NameServer = 85.255.113.122,85.255.112.169
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.122 85.255.112.169

    Now lets check some settings on your system.
    (2000/XP) Only
    In the windows control panel. If you are using Windows XP's Category View, select the Network and Internet Connections category otherwise double click on Network Connections. Then right click on your default connection, usually local area connection for cable and dsl, and left click on properties. Click the Networking tab. Double-click on the Internet Protocol (TCP/IP) item and select the radio dial that says Obtain DNS servers automatically
    Press OK twice to get out of the properties screen and reboot if it asks.
    That option might not be avaiable on some systems
    Next Go start run type cmd and hit OK
    type
    ipconfig /flushdns
    then hit enter, type exit hit enter
    (that space between g and / is needed)

    Restart your computer to the safe mode:
    • Restart your computer
    • Start tapping the F8 key when the computer restarts.
    • When the start menu opens, choose Safe mode
    • Press Enter. The computer then begins to start in Safe mode.


    Run ATF Cleaner
    • Under Main choose: Select All
      Click the Empty Selected button.
    If you use Firefox browser
    • Click Firefox at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    If you use Opera browser
    • Click Opera at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Click Exit on the Main menu to close the program.

    Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.
    • Click on Scanner on the toolbar.
    • Click on the Settings tab.
      • Under How to act?
        • Click on Recommended Action and choose Quarantine from the popup menu.
      • Under How to scan?
        • All checkboxes should be ticked.
      • Under Possibly unwanted software:
        • All checkboxes should be ticked.
      • Under Reports:
        • Select Automatically generate report after every scan and uncheck Only if threats were found.
      • Under What to scan?
        • Select Scan every file.
    • Click on the Scan tab.
    • Click on Complete System Scan to start the scan process.
    • Let the program scan the machine.
    • When the scan has finished, follow the instructions below.
      IMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
      • Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
      • At the bottom of the window click on the Apply all Actions button. (3)
    • When done, click the Save Scan Report button. (4)
      • Click the Save Report as button.
      • Save the report to your Desktop.
    • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
    Reboot in Normal Mode.

    ================

    When you're ready, please post the following logs to here:
    - AVG's report
    - a fresh HijackThis log
    MalWare Removal University - You too could train to help others
    UNITE & ASAP member since 2006

  8. #8
    Junior Member
    Join Date
    May 2007
    Posts
    24

    Default

    Here's the AVG report:



    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 10:46:52 AM 5/8/2007

    + Scan result:



    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP626\A0520170.exe -> Adware.FreeVideo : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP591\A0474897.dll -> Adware.Lop : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522310.exe -> Adware.Searchcolor : Cleaned with backup (quarantined).
    C:\VundoFix Backups\wcdthyba.exe.bad -> Adware.Searchcolor : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP626\A0520157.dll -> Adware.Searchcolours : Cleaned with backup (quarantined).
    C:\Downloads\TheGameOfLife-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\gpwcmriw.dll -> Adware.Winfixer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP591\A0474898.exe -> Backdoor.Agent.dn : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\ooxjxgpq.dll -> Logger.Agent.ps : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\dwuuevtw.dll -> Logger.VBStat.c : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522206.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522209.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522210.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522211.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522216.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522217.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522220.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522222.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522224.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522227.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522229.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522230.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522233.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522237.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522249.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522250.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522251.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522253.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522257.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522262.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522264.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522267.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522278.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522286.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522294.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522299.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522300.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522303.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522304.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522308.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522313.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522317.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522318.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522324.dll -> Logger.VBStat.e : Cleaned with backup (quarantined).

  9. #9
    Junior Member
    Join Date
    May 2007
    Posts
    24

    Default

    C:\VundoFix Backups\aaphduxq.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\alltlijy.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\aqkiueey.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\bdjptlpn.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\dwolvwrf.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\eckjeltn.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\ekqqkorv.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\epllwcvc.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\faeuhvmi.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\gghjhixx.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\hhlekuss.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\hnpbmmcs.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\hxmodrry.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\irxyrwau.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\lkpuhwbg.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\luvuedfo.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\lwacgpao.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\mjwfitei.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\nejlmwhu.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\okohechd.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\oynmbwuv.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\pquimifp.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\rpoeqmbh.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\soyspeji.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\ubqnnegq.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\vbenbchb.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\vbnofecs.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\vhtlthwg.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\vlqcbmfr.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\vutojqrl.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\wjjfladv.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\xxvdkfnw.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\ycdjohwj.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\yxylhqvw.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\agutothr.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\alurdcco.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\amklwgoh.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\atxhklfb.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\bdmjktcp.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\beisjtbk.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\boxvpbsi.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\ccxnrvuu.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\cdmdprmd.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\cencrfau.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\ceuimujb.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\crtfduow.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\cwqgjwqw.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\cwxkxims.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\dgaawnhv.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\dqxdkpih.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\dsvpvyqt.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\edfvufjl.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\eefoysts.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\efnfvvdo.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\epdlcumh.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\erutkjuy.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\evkvhiwv.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\ewynuqcm.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\fogyltqp.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\fspqnkai.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\fwqcmfud.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\fytrmurd.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\gfsmuwih.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\gfunhhsh.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\gifuhmax.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\gkmwxyxt.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\gmdbqqnr.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\gspymljc.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\gtbvmiux.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\hembqwrw.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\heoapcls.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\hfhsfsqj.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\hiceggqv.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\hykrripi.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\iammoeqb.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\igqjffce.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\ioxgqxod.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\iqldptwb.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\jetnaxqq.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\jmikprsv.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\joxhdhdg.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\jufoaolf.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\jvlncyjf.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\jwbtothc.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\khhqynrf.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\khrhfbdb.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\kmqcmiwt.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\ksulmbja.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\lbawbatt.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\lgbyjbkv.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\llhkuphu.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\luckuiec.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\mrglqfvk.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\ndpwjlmv.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\neigsoxn.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\nidfeypb.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\nkhtgflh.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\nmogbbhg.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\nwanubcr.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\omkfchwe.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\oyeqtcyj.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\pklhnlka.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\pmifdkua.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\pyilobvo.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\qcmrkyyy.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\qincdxwo.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\qweqayng.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).

  10. #10
    Junior Member
    Join Date
    May 2007
    Posts
    24

    Default

    C:\WINDOWS\system32\rllpoeoi.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\rntalomj.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\rolnagvj.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\rrivdlxe.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\rsayvwpx.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\rxmdhusk.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\sdwiplgh.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\sedjytql.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\sfamshao.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\tdyibrbi.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\ualtdgpe.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\uhxvipte.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\ukmkeila.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\unhssdjo.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\uqfaayry.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\uqvoysev.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\vhpxltqu.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\vhtmidpe.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\vmfowwbf.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\vmxhuslp.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\vpgpuccq.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\wescjwer.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\wuovejmc.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\wxrshfik.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\xkhetpbl.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\xwahoqyd.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\xxneaaqc.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\xynvuxrw.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\xyrpxnqh.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\yaimusfm.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\yfuyoqfr.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\yqhjjeww.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\yxaeohts.dll -> Logger.VBStat.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\hjiardxs.dll -> Logger.VBStat.i : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\hsbmoduh.dll -> Logger.VBStat.i : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\iaayoqbi.dll -> Logger.VBStat.i : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\plongrpj.dll -> Logger.VBStat.i : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\vgvqthfp.dll -> Logger.VBStat.i : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\voxecpwu.dll -> Logger.VBStat.i : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\vuulctvd.dll -> Logger.VBStat.i : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\wosfhkfw.dll -> Logger.VBStat.i : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522212.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522240.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522247.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522255.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522265.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522277.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522281.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522295.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522316.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{DDE3EB95-4B24-44D8-AD38-1F974B96C2F0}\RP630\A0522325.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Cleaned with backup (quarantined).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •