Help Removing -- I really don't know what!

**mmish918** · 2008-11-04, 01:23

Hello everyone.

Bear with me, I'm not the most computer savvy person... layman's terms with me... and pardon if I ask a gazillion^2 questions.

Here is my HJT log.

Just recently re-registered with Norton, and I have that running, but I have windows that keep popping up telling me that my system is at risk, and something about "Anit-Malware Suite".

All your help is greatly appreciated!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:19:44 PM, on 11/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\PalmTether\TetherApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\xxx6914.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\PROGRA~1\PALMTE~1\PALMON~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\~tmpc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Documents and Settings\Owner\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gatewaybiz.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Seekmo /fleok=1D8A83A5C5E1177C9AA86F2A1FBB39BFE4976E26CAEDA120180A196D6093 - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.370.0\OEAddOn.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.370.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [PalmTether] "C:\Program Files\PalmTether\TetherApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSFox] C:\DOCUME~1\Owner\LOCALS~1\Temp\xxx6914.exe
O4 - HKUS\S-1-5-21-4261568830-1884790586-3719538300-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-4261568830-1884790586-3719538300-1008\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (User '?')
O4 - HKUS\S-1-5-21-4261568830-1884790586-3719538300-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} (Interealty MultiSelect) - http://las.mlxchange.com/Control/Mul...ctComboBox.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} (MLXchange Client Utils) - http://las.mlxchange.com/Control/MLXClientUtils.cab
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} (GeacRevw Control) - http://las.mlxchange.com/3.0.09.83/Control/IRCSharc.cab
O18 - Protocol: bw+0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {31E4455A-7BED-4A22-9AAA-CD6FE7C6372B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 23540 bytes

**mmish918** · 2008-11-04, 01:38

These are screen prints of the windows that pop up.

When I right click on the window in the toolbar, it only gives me the option to move, not any of the normal stuff.

Note: A few months ago (unfortunately, while I did not have any active anti-virus software), I downloaded Frostwire. It's a filesharing program... and I think (ha ha he ha -- more like know) that might have let in some nasties.

If there is anything else that pops up that I can screen print, I'll post it so that you all can have as much info as possible.

**mmish918** · 2008-11-04, 01:38

**mmish918** · 2008-11-04, 01:44

Oh yeah, and the typical ctrl+alt+delete function, doesn't work anymore.

**katana** · 2008-11-15, 01:44

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:

Please Read All Instructions Carefully
If you don't understand something, stop and ask! Don't keep going on.
Please do not run any other tools or scans whilst I am helping you
Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly

I apologize for the delay in responding, but as you can probably see the forums are quite busy
and helpers look for posts with zero replies.
Unfortunately there are far more people needing help than there are helpers.

If you still require help please post a fresh Hijack This log to this thread.
I will be notified and I will get back to you ASAP.

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe

----------------------------------------------------------------------------------------

Download and Run SD Fix

Please download SDFix( by andymanchesta ) and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :

Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

Download and Run RSIT

Please download Random's System Information Tool by random/random from here and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open:
- log.txt will be opened maximized.
- info.txt will be opened minimized.
Please post the contents of both log.txt and info.txt.

**mmish918** · 2008-11-15, 21:55

SDFix: Version 1.240
Run by Owner on Sat 11/15/2008 at 12:21 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

No Trojan Files Found

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-15 12:43:29
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Yahoo!\\Yahoo! Music Engine\\YahooMusicEngine.exe"="C:\\Program Files\\Yahoo!\\Yahoo! Music Engine\\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Engine"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\City Interactive\\WWII Pacific Heroes\\pacific.exe"="C:\\Program Files\\City Interactive\\WWII Pacific Heroes\\pacific.exe:*:Enabled:pacific"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\1104964342\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1104964342\\EE\\AOLServiceHost.exe:*:Disabled:AOL"
"C:\\Program Files\\AOL\\RC\\regclient.exe"="C:\\Program Files\\AOL\\RC\\regclient.exe:*:Disabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Disabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Disabled:AOL Application Loader"
"C:\\Program Files\\Common Files\\AOL\\1170734771\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1170734771\\ee\\aolsoftware.exe:*:Disabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe:*:Disabled:AOL TopSpeed"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Disabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Disabled:AOLTsMon"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\FrostWire\\FrostWire.exe"="C:\\Program Files\\FrostWire\\FrostWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :

Files with Hidden Attributes :

Tue 14 Feb 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 1 Aug 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp"
Fri 18 Jan 2008 400 A..H. --- "C:\Program Files\Common Files\Symantec Shared\COH\COH32LU.reg"
Fri 18 Jan 2008 403 A..H. --- "C:\Program Files\Common Files\Symantec Shared\COH\COHDLU.reg"
Tue 14 Feb 2006 4,348 A.SH. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv1key.bak"
Tue 14 Feb 2006 11,116 A.SH. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv2key.bak"

Finished!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:16 PM, on 11/15/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\PalmTether\TetherApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\PALMTE~1\PALMON~1.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gatewaybiz.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Seekmo /fleok=1D8A83A5C5E1177C9AA86F2A1FBB39BFE4976E26CAEDA120180A196D6093 - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.370.0\OEAddOn.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.370.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [PalmTether] "C:\Program Files\PalmTether\TetherApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} (Interealty MultiSelect) - http://las.mlxchange.com/Control/Mul...ctComboBox.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} (MLXchange Client Utils) - http://las.mlxchange.com/Control/MLXClientUtils.cab
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} (GeacRevw Control) - http://las.mlxchange.com/3.0.09.83/Control/IRCSharc.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 10693 bytes

**mmish918** · 2008-11-15, 21:57

Logfile of random's system information tool 1.04 (written by random/random)
Run by Owner at 2008-11-15 12:56:43
Microsoft Windows XP Professional Service Pack 3
System drive C: has 86 GB (46%) free of 186 GB
Total RAM: 894 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:57:07 PM, on 11/15/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\PalmTether\TetherApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\PALMTE~1\PALMON~1.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\HiJackThis.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Documents and Settings\Owner\Desktop\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gatewaybiz.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Seekmo /fleok=1D8A83A5C5E1177C9AA86F2A1FBB39BFE4976E26CAEDA120180A196D6093 - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.370.0\OEAddOn.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.370.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [PalmTether] "C:\Program Files\PalmTether\TetherApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} (Interealty MultiSelect) - http://las.mlxchange.com/Control/Mul...ctComboBox.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} (MLXchange Client Utils) - http://las.mlxchange.com/Control/MLXClientUtils.cab
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} (GeacRevw Control) - http://las.mlxchange.com/3.0.09.83/Control/IRCSharc.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 10794 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton Security Scan for Owner.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07AA283A-43D7-4CBE-A064-32A21112D94D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2007-12-12 222448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll [2008-06-30 349552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2008-11-01 116088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-02-24 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{07AA283A-43D7-4CBE-A064-32A21112D94D}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-02-24 2403392]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [2008-06-30 349552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"CHotkey"=C:\WINDOWS\zHotkey.exe [2005-05-03 543232]
"readericon"=C:\Program Files\Digital Media Reader\readericon45G.exe [2005-08-27 139264]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-09-18 86016]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-09-14 14820864]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-09-14 69632]
"MSKDetectorExe"=C:\Program Files\McAfee\SpamKiller\MSKDetct.exe [2005-08-12 1121792]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe -startup []
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-09-18 7204864]
"SeekmoOE"=C:\Program Files\Seekmo\bin\10.0.370.0\OEAddOn.exe []
"SeekmoSA"=C:\Program Files\Seekmo\bin\10.0.370.0\SeekmoSA.exe []
"PalmTether"=C:\Program Files\PalmTether\TetherApp.exe [2006-02-09 143360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-07-10 289064]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]
"osCheck"=C:\Program Files\Norton 360\osCheck.exe [2008-02-26 988512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-07-10 289064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
C:\Program Files\Logitech\Video\ManifestEngine.exe boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2005-09-18 7204864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
C:\PROGRA~1\Palm\Hotsync.exe [2004-06-09 471040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TapiSrv"=3
"RemoteRegistry"=2
"RDSessMgr"=3
"RasMan"=3
"RasAuto"=3
"PrismXL"=2
"iPod Service"=3

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\Palm\Hotsync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
WRLogonNTF.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe"="C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Engine"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\City Interactive\WWII Pacific Heroes\pacific.exe"="C:\Program Files\City Interactive\WWII Pacific Heroes\pacific.exe:*:Enabled:pacific"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe"="C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\1104964342\EE\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1104964342\EE\AOLServiceHost.exe:*:Disabled:AOL"
"C:\Program Files\AOL\RC\regclient.exe"="C:\Program Files\AOL\RC\regclient.exe:*:Disabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Disabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Application Loader"
"C:\Program Files\Common Files\AOL\1170734771\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1170734771\ee\aolsoftware.exe:*:Disabled:AOL Services"
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Disabled:AOL TopSpeed"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Disabled:AOLTopSpeed"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Disabled:AOLTsMon"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:LimeWire"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88db96a1-5f67-11d9-b266-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88db96a2-5f67-11d9-b266-806d6172696f}]
shell\PlayWithPowerDVD\command - "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%l"

======List of files/folders created in the last 1 months======

2008-11-15 12:56:43 ----D---- C:\rsit
2008-11-15 12:15:28 ----D---- C:\WINDOWS\ERUNT
2008-11-15 12:13:40 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-15 12:11:24 ----D---- C:\SDFix
2008-11-13 00:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-13 00:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-13 00:02:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-05 10:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-11-03 22:33:44 ----D---- C:\WINDOWS\Prefetch
2008-11-03 22:31:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-03 22:31:02 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-03 22:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-03 22:30:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-03 22:30:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-03 22:30:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-03 22:30:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-03 22:30:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-11-03 22:30:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-03 22:30:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-03 22:29:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-11-03 22:29:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-03 22:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-03 22:29:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-03 22:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-03 22:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-03 22:22:57 ----D---- C:\WINDOWS\system32\scripting
2008-11-03 22:22:57 ----D---- C:\WINDOWS\l2schemas
2008-11-03 22:22:56 ----D---- C:\WINDOWS\system32\en
2008-11-03 22:22:55 ----D---- C:\WINDOWS\system32\bits
2008-11-03 22:20:03 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-03 22:13:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-03 21:49:40 ----D---- C:\Program Files\WhatsRunning
2008-11-03 16:45:16 ----A---- C:\WINDOWS\_delis32.ini
2008-11-02 00:29:33 ----D---- C:\WINDOWS\system32\N360_BACKUP
2008-11-01 20:20:25 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-01 19:45:20 ----D---- C:\Program Files\Windows Sidebar
2008-11-01 19:42:26 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2008-11-01 19:42:16 ----D---- C:\Program Files\Symantec
2008-10-23 20:57:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-10-16 21:15:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-10-16 21:15:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 21:15:31 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-10-16 21:14:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-10-16 21:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$

======List of files/folders modified in the last 1 months======

2008-11-15 12:56:49 ----D---- C:\WINDOWS\Temp
2008-11-15 12:56:49 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-11-15 12:52:46 ----D---- C:\Program Files\Mozilla Firefox
2008-11-15 12:52:19 ----D---- C:\WINDOWS\system32\Lang
2008-11-15 12:52:08 ----D---- C:\WINDOWS\Registration
2008-11-15 12:52:04 ----D---- C:\WINDOWS
2008-11-15 12:28:17 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-15 12:19:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-15 12:12:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-15 12:10:45 ----SHD---- C:\WINDOWS\system32
2008-11-13 00:03:30 ----HD---- C:\WINDOWS\inf
2008-11-13 00:03:28 ----D---- C:\WINDOWS\system32\drivers
2008-11-13 00:03:23 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-13 00:03:20 ----A---- C:\WINDOWS\imsins.BAK
2008-11-13 00:00:35 ----SHD---- C:\WINDOWS\Installer
2008-11-13 00:00:34 ----D---- C:\WINDOWS\WinSxS
2008-11-12 18:00:01 ----D---- C:\Program Files\Norton Security Scan
2008-11-12 10:16:28 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-11 12:24:15 ----A---- C:\WINDOWS\win.ini
2008-11-10 22:51:01 ----A---- C:\additdiag.txt
2008-11-10 18:55:12 ----D---- C:\Program Files\Palm
2008-11-10 17:29:09 ----D---- C:\WINDOWS\Downloaded Installations
2008-11-09 20:01:25 ----RSD---- C:\WINDOWS\Fonts
2008-11-08 11:05:08 ----RHD---- C:\Documents and Settings\Owner\Application Data\yahoo!
2008-11-07 10:16:15 ----D---- C:\WINDOWS\Help
2008-11-06 15:55:07 ----D---- C:\Program Files
2008-11-06 13:53:54 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-03 22:44:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-03 22:35:59 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-03 22:33:48 ----A---- C:\WINDOWS\setuplog.txt
2008-11-03 22:32:59 ----D---- C:\WINDOWS\system32\Setup
2008-11-03 22:32:59 ----D---- C:\WINDOWS\AppPatch
2008-11-03 22:32:58 ----D---- C:\WINDOWS\system32\wbem
2008-11-03 22:32:00 ----D---- C:\WINDOWS\security
2008-11-03 22:29:25 ----D---- C:\Program Files\Messenger
2008-11-03 22:27:28 ----RSD---- C:\WINDOWS\assembly
2008-11-03 22:23:15 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-03 22:23:15 ----D---- C:\WINDOWS\network diagnostic
2008-11-03 22:23:14 ----D---- C:\WINDOWS\ime
2008-11-03 22:22:58 ----D---- C:\WINDOWS\system32\usmt
2008-11-03 22:22:58 ----D---- C:\WINDOWS\system32\en-US
2008-11-03 22:22:55 ----D---- C:\WINDOWS\PeerNet
2008-11-03 22:22:55 ----D---- C:\Program Files\Movie Maker
2008-11-03 22:19:52 ----D---- C:\WINDOWS\system32\Restore
2008-11-03 22:19:51 ----D---- C:\WINDOWS\system32\npp
2008-11-03 22:19:51 ----D---- C:\WINDOWS\mui
2008-11-03 22:19:50 ----D---- C:\WINDOWS\msagent
2008-11-03 22:19:48 ----D---- C:\WINDOWS\srchasst
2008-11-03 22:19:48 ----D---- C:\Program Files\NetMeeting
2008-11-03 22:19:46 ----D---- C:\WINDOWS\system32\Com
2008-11-03 22:19:44 ----D---- C:\Program Files\Windows NT
2008-11-03 22:19:44 ----D---- C:\Program Files\Outlook Express
2008-11-03 22:19:41 ----D---- C:\Program Files\Common Files\System
2008-11-03 22:19:27 ----D---- C:\WINDOWS\system32\oobe
2008-11-03 22:19:25 ----D---- C:\WINDOWS\system
2008-11-03 22:16:26 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-03 22:13:21 ----D---- C:\WINDOWS\ehome
2008-11-03 16:48:43 ----D---- C:\Program Files\Norton 360
2008-11-03 16:46:41 ----D---- C:\Program Files\Common Files\Logitech
2008-11-03 16:46:20 ----D---- C:\WINDOWS\twain_32
2008-11-03 16:42:47 ----D---- C:\Program Files\Logitech
2008-11-03 16:42:46 ----D---- C:\Program Files\Common Files
2008-11-03 16:42:00 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-03 16:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-02 00:23:54 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-11-02 00:07:20 ----D---- C:\Program Files\Bonjour
2008-11-02 00:06:25 ----D---- C:\Program Files\Yahoo!
2008-11-01 20:20:30 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-01 19:49:00 ----D---- C:\Documents and Settings\Owner\Application Data\Symantec
2008-11-01 19:23:32 ----D---- C:\CamQuest6
2008-11-01 19:17:47 ----SD---- C:\WINDOWS\Tasks
2008-10-30 20:11:50 ----D---- C:\Documents and Settings\Owner\Application Data\Move Networks
2008-10-23 20:59:20 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-16 21:20:42 ----D---- C:\Program Files\Internet Explorer
2008-10-16 21:13:24 ----A---- C:\WINDOWS\system32\MRT.INI
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-08-14 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-08-14 2560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2008-01-31 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2008-06-13 184240]
R2 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\drivers\CO_Mon.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 catchme;catchme; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys []
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2004-06-17 220032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-14 3856896]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081115.003\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081115.003\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-09-18 3493984]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928]
R3 palmmdm;Palm Modem; C:\WINDOWS\system32\DRIVERS\palmmdm.sys [2006-01-30 9728]
R3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2008-01-31 279088]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2008-06-13 13616]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2008-06-13 96432]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2008-06-13 38576]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\ipsdefs\20081114.001\SymIDSCo.sys []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-06-13 31280]
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2008-06-13 37424]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2008-06-13 22320]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-17 685056]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-13 42752]
S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 COH_Mon;COH_Mon; \??\C:\WINDOWS\system32\Drivers\COH_Mon.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 mxnic;Macronix MX987xx Family Fast Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\mxnic.sys [2001-08-17 19968]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys [2008-11-10 16694]
S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0); C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2002-12-10 236121]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]
S3 slabbus;SPX/Actron USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\slabbus.sys [2007-11-28 55312]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2008-01-31 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-06-13 31280]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbbus;LGE CDMA Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2006-06-20 21312]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE CDMA USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2006-06-20 38144]
S3 USBModem;LGE CDMA USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2006-06-20 39248]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-10 116040]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-21 238968]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 LiveUpdate Notice;LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-09-18 131139]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-10 532264]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-07-15 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-08-22 55640]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-06-02 654848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-24 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2008-09-05 3220856]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2008-11-01 1245064]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [2005-01-05 172032]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.04 2008-11-15 12:57:09

======Uninstall list======

-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AChartProDemo-->C:\WINDOWS\UNWISE.EXE C:\WINDOWS\INSTALL.LOG
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop 6.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Premiere Pro-->RunDll32 "C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{084709F7-38C5-4609-B55F-2417939315EB}\setup.exe"
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup-->MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Mobile Device Support-->MsiExec.exe /I{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Backup-->MsiExec.exe /I{24DF7221-644B-4C3A-A478-459502D40522}
ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
Data Access Objects (DAO) 3.5-->C:\Program Files\Common Files\Microsoft Shared\DAO\Remove.EXE C:\WINDOWS\UNINST.EXE -fC:\PROGRA~1\COMMON~1\MICROS~1\DAO\DeIsL1.isu
DIG Game Manager-->C:\PROGRA~1\Disney\DISNEY~1\DIGGAM~1\UNWISE.EXE C:\PROGRA~1\Disney\DISNEY~1\DIGGAM~1\INSTALL.LOG
Digital Media Converter 2.78-->"C:\Program Files\Deskshare\Digital Media Converter\unins000.exe"
Digital Media Reader-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875} /l1033
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dynex mini card reader -->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{F1B993AF-70F6-432F-9FA2-59E4DFB9CCE6} /l1033
Express Burn-->C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe
FormViewer-->C:\Program Files\InstallShield Installation Information\{58E6A969-8215-4ABC-BD73-FCB25EA6F544}\setup.exe -runfromtemp -l0x0409
free2Design-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{241C687F-C072-4FFB-81E2-EB8809109AD0}\Setup.exe" -l0x9
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
GearDrvs-->MsiExec.exe /I{CB84F0F2-927B-458D-9DC5-87832E3DC653}
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GT Legends Demo-->"C:\GTLDemo\Support\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Owner\Desktop\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Ideal 6.0 Presentation-->MsiExec.exe /I{DB9978FF-4AB6-45C9-9205-BCB6E11FFB2F}
iPod for Windows 2006-03-23-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB} /l1033
iTunes-->MsiExec.exe /I{EF6C4600-306D-4F6A-A119-C2A877D25B4A}
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LG USB Modem Drivers-->MsiExec.exe /I{FA02ACAC-9E14-4878-A257-92A22A647C2C}
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Digital Image Starter Edition 2006-->"C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=TRIAL VERSION=11
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money 2005-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel 2007 Step by Step-->MsiExec.exe /X{63851070-BBBD-488F-A619-AEC09359411E}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft PowerPoint Viewer 97-->C:\Program Files\PowerPoint Viewer\setup\setup.exe
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MS XML parser 4.0 sp2-->C:\WINDOWS\system32\unins000.exe
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multimedia Keyboard Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}\Setup.exe" -l0x9
Napster Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Nero BurnRights-->C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Norton 360 (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_2_0_2\Setup.exe" /X
Norton 360 HTMLHelp-->MsiExec.exe /I{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}
Norton 360-->MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}
Norton 360-->MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}
Norton 360-->MsiExec.exe /I{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Norton Confidential Core-->MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2}
Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\NSSSetup\{3FADAA19-E595-44CA-A072-58B6B0851768}_2_0_0\NSSSetup.exe" /X
Norton Security Scan-->MsiExec.exe /X{3FADAA19-E595-44CA-A072-58B6B0851768}
Norton Spyware Scan provided by Yahoo!-->C:\PROGRA~1\Yahoo!\Common\unynss.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
OverDrive Media Console-->MsiExec.exe /I{59FD743D-A699-449E-8197-BD2899DAD69A}
Palm-->MsiExec.exe /X{A005B38F-D5AB-4E35-93DD-9886E449FAF1}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Real Estate Exam Prep-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3E9E122-C01E-407D-93EE-B49144007A9E}\setup.exe"
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
SCANMATE-->MsiExec.exe /X{948B4DC1-FB92-4AF4-A838-74134FBC203D}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Smart Audio Converter-->"C:\Program Files\SmartAudioConverter\unins000.exe"
SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IURSLST5K.inf
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Sprint Mobile Broadband-->MsiExec.exe /I{93356AC9-C222-4547-B743-FF1903ACCE04}
SPX/Actron USB to UART Cable Bridge Controller -->C:\WINDOWS\system32\spxunin2k.exe C:\WINDOWS\system32\spxunin.u2k
Symantec Real Time Storage Protection Component-->MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}
Symantec Technical Support Controls-->MsiExec.exe /I{45690715-80A6-4445-B61D-ADEC5888E8CD}
Update for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WavePad Uninstall-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
What's Running 2.2-->"C:\Program Files\WhatsRunning\unins000.exe"
Windows Backup Utility-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\unyext.exe
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: Norton 360
FW: Norton 360

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=2f00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

**katana** · 2008-11-15, 22:08

Step 1

Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
- Update Malwarebytes' Anti-Malware
- and Launch Malwarebytes' Anti-Malware
then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply
- If you accidently close it, the log file is saved here and will be named like this:
- C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

----------------------------------------------------------- -----------------------------------------------------------
Step 2

Remove Programs

Older versions of some programs have vulnerabilities that malware can use to infect your system.

Now click Start---Control Panel. Double click Add or Remove Programs (XP) / Programs and Features (Vista) . If any of the following programs are listed there,
click on the program to highlight it, and click on remove.

J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 3
Java(TM) 6 Update 5

Now close the Control Panel.

----------------------------------------------------------- -----------------------------------------------------------
Step 3

Logs/Information to Post in Reply
Please post the following logs/Information in your reply

MalwareBytes Log
How are things running now ?

----------------------------------------------------------- -----------------------------------------------------------

Additional Notes

Your Adobe Acrobat Reader is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Adobe Reader is a large program and uses unnecessary space.
If you prefer a smaller program you can get Foxit 2.0 from http://www.foxitsoftware.com/pdf/rd_intro.php << Recommended

There is a newer version of Adobe Acrobat Reader available.

Please go to this link Adobe Acrobat Reader Download Link
Click Download
On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
Click the Continue button
Click Run, and click Run again
Next click the Install Now button and follow the on screen prompts

When the installation is complete go to Add/Remove Programs and uninstall all previous versions.

**mmish918** · 2008-11-16, 08:37

Malwarebytes' Anti-Malware 1.30
Database version: 1400
Windows 5.1.2600 Service Pack 3

11/15/2008 6:07:46 PM
mbam-log-2008-11-15 (18-07-46).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 182374
Time elapsed: 1 hour(s), 36 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 70
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 21
Files Infected: 511

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmo.desktopflash (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmo.desktopflash.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.clientdetector (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.clientdetector.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.userprofiles (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.userprofiles.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e623b96-b166-4c70-8169-820761794299} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bd5258af-20ae-4bd3-b748-b2851aca7335} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e313f5dc-cfe7-4568-84a4-c76653547571} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{995e885e-3ff5-4f66-a107-8bfb3a0f8f12} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{fbb40fdf-b715-4342-ab82-244ecc66e979} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{4a40e8fc-c7e4-4f57-9fa4-85dd77402897} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{343ce214-9998-4b21-a151-ffe970167297} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e313f5dc-cfe7-4568-84a4-c76653547571} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\9ee2330ae5f4470cac801baac83818c9 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmo.desktopflash (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmo.desktopflash.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\Owner\Application Data\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\DriveCleaner Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\IESkins (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\HostOI (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\HostOI\dynamic (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\HostOI\static (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\HostOL (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\HostOL\dynamic (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\HostOL\static (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\ustat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.

Files Infected:
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP922\A0498184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP922\A0498185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP922\A0498186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP922\A0499183.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP922\A0499184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP922\A0499185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP925\A0501185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP925\A0500184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP925\A0500185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP925\A0500186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP925\A0501183.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP925\A0501184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP925\A0502184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP925\A0502185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP925\A0502186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP926\A0503184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP926\A0503185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP926\A0503186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP926\A0504184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP926\A0504185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP926\A0504186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP927\A0506185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP927\A0505184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP927\A0505185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP927\A0505186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP927\A0506183.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP927\A0506184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP928\A0507184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP928\A0507185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP928\A0507186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP928\A0508184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP928\A0508185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP928\A0508186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0510183.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0509183.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0509184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0509185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0510184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0510185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0511184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0511185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0511186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0512184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0512185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP929\A0512186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP930\A0513186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP930\A0513185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP930\A0513187.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP931\A0513204.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP931\A0513205.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP931\A0513206.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP931\A0514205.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP931\A0514206.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP931\A0514207.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP932\A0516205.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP932\A0515205.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP932\A0515206.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP932\A0515207.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP932\A0516206.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP932\A0516207.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP932\A0517207.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP932\A0517208.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP932\A0517209.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP933\A0517326.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP933\A0517327.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP933\A0517328.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP933\A0517331.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP934\A0518306.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP934\A0518307.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP934\A0518308.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP934\A0519306.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP934\A0519307.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP934\A0519308.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0522306.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0523328.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0520306.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0520307.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0520308.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0521306.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0521307.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0521308.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0522307.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0522308.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0522317.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0522318.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0522319.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0522327.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0522328.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0522329.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0523329.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP935\A0523330.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP936\A0524328.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP936\A0524329.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP936\A0524330.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP936\A0525328.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP936\A0525330.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP936\A0525329.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP936\A0525535.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP936\A0525536.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP936\A0525537.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0526535.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0526536.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0526537.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0527535.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0527536.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0527537.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0527546.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0527547.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0527548.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0527560.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0527561.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP937\A0527562.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP938\A0529560.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP938\A0528560.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP938\A0528561.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP938\A0528562.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP938\A0529561.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP938\A0529562.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP939\A0530560.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP939\A0530561.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP939\A0530562.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0530583.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0530581.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0530582.exe (Worm.Fontra) -> Quarantined and deleted successfully.

To be continued...

**mmish918** · 2008-11-16, 08:38

C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0531578.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0531579.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0531580.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0532578.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0532579.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0532580.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0533578.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0533579.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP940\A0533580.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP941\A0534578.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP941\A0534579.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP941\A0534580.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP943\A0536598.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP943\A0535598.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP943\A0535599.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP943\A0535600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP943\A0536599.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP943\A0536600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP944\A0537598.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP944\A0537599.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP944\A0537600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP945\A0538598.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP945\A0538599.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP945\A0538600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP945\A0539598.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP945\A0539599.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP945\A0539600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0540598.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0540599.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0540600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0541598.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0541599.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0541600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0541609.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0541610.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0541611.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0542609.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0542610.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0542611.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0542807.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0543605.dll (Adware.Rotator) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0543614.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0543615.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0543616.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0543619.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP946\A0543620.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP948\A0545804.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP949\A0545845.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP949\A0545847.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP949\A0545852.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP949\A0545853.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP949\A0545854.DLL (Adware.AskSBAR) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP949\A0545909.dll (Adware.AskSBAR) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP950\A0546135.exe (Worm.Alcra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP950\A0546136.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP868\A0445495.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP868\A0445496.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP868\A0445497.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP868\A0447502.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP868\A0447503.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP868\A0447504.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP869\A0448494.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP869\A0448495.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP869\A0448496.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP870\A0449495.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP870\A0449496.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP870\A0449497.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP870\A0450494.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP870\A0450496.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP870\A0450497.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP872\A0450509.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP872\A0450510.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP872\A0450511.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP873\A0450522.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP873\A0450523.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP873\A0450524.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP874\A0450552.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP874\A0450553.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP874\A0450554.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP874\A0451551.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP874\A0451553.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP874\A0451554.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP875\A0452552.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP875\A0452553.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP875\A0452554.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP876\A0453552.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP876\A0453553.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP876\A0453554.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP902\A0470927.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP902\A0470928.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP902\A0470929.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP903\A0471928.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP903\A0471929.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP903\A0471930.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP904\A0472928.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP904\A0472929.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP904\A0472930.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP904\A0473927.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP904\A0473928.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP904\A0473929.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP904\A0474928.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP904\A0474929.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP904\A0474930.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP905\A0475928.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP905\A0475929.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP905\A0475930.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP905\A0476928.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP905\A0476929.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP905\A0476930.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP907\A0477024.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP907\A0477025.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP907\A0477026.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP909\A0477050.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP909\A0477051.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP909\A0477052.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP910\A0477061.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP910\A0477062.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP910\A0477063.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP910\A0478061.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP910\A0478062.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP910\A0478063.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP910\A0479061.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP910\A0479062.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP910\A0479063.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP911\A0480061.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP911\A0480062.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP911\A0480063.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP912\A0480133.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP912\A0480134.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP912\A0480135.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP912\A0481123.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP912\A0481124.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP912\A0481125.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP913\A0481138.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP913\A0481139.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP913\A0481140.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP913\A0481161.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP913\A0481162.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP913\A0481163.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP913\A0482161.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP913\A0482162.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP913\A0482163.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP914\A0483175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP914\A0483162.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP914\A0483163.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP914\A0483164.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP914\A0483173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP914\A0483174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP914\A0484173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP914\A0484174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP914\A0484175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP915\A0485173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP915\A0485174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP915\A0485175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP915\A0486173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP915\A0486174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP915\A0486175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP916\A0487172.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP916\A0487173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP916\A0487174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP917\A0488172.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP917\A0488173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP917\A0488175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP917\A0489173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP917\A0489174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP917\A0489175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP918\A0490173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP918\A0490174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP918\A0490175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP919\A0491173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP919\A0491174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP919\A0491175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP919\A0492173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP919\A0492174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP919\A0492175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP919\A0493173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP919\A0493174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP919\A0493175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0495175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0496183.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0494172.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0494173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0494174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0495173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0495174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0496173.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0496174.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0496175.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0496184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP920\A0496185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP879\A0453627.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP879\A0453628.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP879\A0453629.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP900\A0469913.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP900\A0469914.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP900\A0469915.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP900\A0469921.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP900\A0470914.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP900\A0470915.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP900\A0470916.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP921\A0497184.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP921\A0497185.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP921\A0497186.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP942\A0535578.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP942\A0535579.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP942\A0535580.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP880\A0453666.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP880\A0453667.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP880\A0453668.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP882\A0453827.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP882\A0453828.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP882\A0453829.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP884\A0454202.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP884\A0454203.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP884\A0454204.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP885\A0454258.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP885\A0454259.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP885\A0454260.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP885\A0454421.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP885\A0454422.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP885\A0454423.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP886\A0454586.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP886\A0454587.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP886\A0454588.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP887\A0454600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP887\A0454601.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP887\A0454602.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP888\A0455599.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP888\A0455601.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP888\A0455602.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP889\A0456600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP889\A0456601.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP889\A0456602.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP890\A0457600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP890\A0457601.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP890\A0457602.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP890\A0458600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP890\A0458601.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP890\A0458602.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP890\A0459599.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP890\A0459600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP890\A0459601.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP891\A0460600.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP891\A0460601.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP891\A0460602.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP892\A0460767.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP892\A0460765.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP892\A0460766.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP892\A0460776.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP892\A0460777.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP892\A0460778.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP892\A0460793.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP892\A0460794.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP892\A0460795.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP893\A0461824.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP893\A0460805.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP893\A0460806.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP893\A0460807.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP893\A0460823.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP893\A0460824.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP893\A0460825.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP893\A0461823.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP893\A0461825.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0461834.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0461835.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0461836.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0462834.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0462835.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0462836.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0463834.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0463835.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0463836.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0463848.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0463849.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0463850.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0463861.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0463862.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0463863.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0464860.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0464861.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP894\A0464862.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP895\A0465861.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP895\A0465862.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP895\A0465863.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP895\A0466861.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP895\A0466862.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP895\A0466863.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP896\A0466894.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP896\A0466895.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP896\A0466896.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP897\A0467895.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP897\A0467896.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP897\A0467897.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP898\A0468894.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP898\A0468895.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP898\A0468896.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP899\A0469895.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP899\A0469896.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP899\A0469897.exe (Worm.Fontra) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\DriveCleaner Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\625696.sdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\domains.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\15039 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\25469 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\281075 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\35047 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\4382 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML\64517 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\btntrans.idx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\btntrans1.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\buttondir.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\components.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\cursors.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\default.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_511745-514279.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_categorize.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_comparison.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_explorer-Mails.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_explorer-people.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_favorites.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Games.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Hide.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Hotmail.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_hsskin.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_new.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_premium.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_searchfor.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_searchgo.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_weather.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_yellowpages.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_1000.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_2000.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_3000.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\email-t1-bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\ie_games_icon.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\ie_video.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\keywords.idx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\keywords1.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\layout.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\linkpathlegal.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\sales_buttons.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\seekmo.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\seekmo_ie_menu.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\s_icons_buttons.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\t2_bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\theweb.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\top7.cdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Top7_theweb.mnu (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\tsd_bg.res (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\BtnTrans.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\BtnTrans1.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\buttondir.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\cursors.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\default.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_1000.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_2000.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_3000.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bar.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_logos.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_other.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_weather.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\email-t1-bg.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\icons2.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_games_icon.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_video.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords1.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\layout.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\linkpathlegal.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\sales_buttons.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo_ie_menu.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\s_icons_buttons.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\t2_bg.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\top7.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\tsd_bg.xip (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAAbout.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAau.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAEULA.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA_kyf.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo\Reset Cursor.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo\Seekmo Customer Support Center.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo\Seekmo Uninstall Instructions.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.

The start-up process seems to be running tons faster. No more pop-ups, etc. Seems to be back to normal. Any idea where all this came from, and how to avoid it happening again?

How frequently should I run this MalwareBytes scan?

Thread: Help Removing -- I really don't know what!

Thread Tools

Display

Help Removing -- I really don't know what!

Posting Permissions