HELP!! Severe Problems with Pop Ups & freezing
Please help, My PC has slowed to a crawl and is nearly unusable. the sypmtoms I am facing are:
- Powered by Zedo Pop Ups along with many other pop ups
- A Server Busy prompt that pops up when I try to access web pages that says "this action cannot be completed, perhaps the other program is busy. Choose 'Switch to' to activate the busy program & correct the problem" it then gives a "switch to" button and a "retry" button
- inernet script error prompt that reads "an error has occured in the script on this page" error: no such interface supported, local settings\temp\NDr9.Tmp.html
- total system freeze
------------
HJT Log:
Logfile of Trend Micro HijackThis v2.0.2
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\DOCUME~1\ROBERT\MYDOCU~1\FNTS~1\alg.exe
C:\Program Files\??sembly\??rvices.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sony\USBSircs\usbsircs.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\Program Files\Sony\Giga Pocket\RM_SV.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\Windows\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Iinl] "C:\DOCUME~1\ROBERT\MYDOCU~1\FNTS~1\alg.exe" -vt yazb
O4 - HKCU\..\Run: [Ztt] "C:\Program Files\??sembly\??rvices.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (file missing)
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O21 - SSODL: OleExport - {C777CF73-124F-3562-44AC-E685D962C63C} - C:\WINDOWS\Media\CertMgr.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
End of file - 10259 bytes
---------------------------
KASPERSKY ONLINE SCANNER REPORT:
-------------------------
Saturday, October 06, 2007 8:52:32 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 6/10/2007
Kaspersky Anti-Virus database records: 428195
----------------------------------------------------------------
NOTE: O.L.& S. stands for "Object is locked skipped"
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer: C
Scan Statistics:
Total number of scanned objects: 207886
Number of viruses found: 6
Number of infected objects: 13
Number of suspicious objects: 2
Duration of the scan process: 03:04:20
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log O.L.& S.
C:\Documents and Settings\All Users\Application
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant.zip/v1.8.5/wbuninst.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\LocalService\Cookies\index.dat O.L.& S.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat O.L.& S.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG O.L.& S.
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat O.L.& S.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat O.L.& S.
C:\Documents and Settings\LocalService\NTUSER.DAT O.L.& S.
C:\Documents and Settings\LocalService\ntuser.dat.LOG O.L.& S.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat O.L.& S.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG O.L.& S.
C:\Documents and Settings\NetworkService\NTUSER.DAT O.L.& S.
C:\Documents and Settings\NetworkService\ntuser.dat.LOG O.L.& S.
C:\Documents and Settings\ROBERT\Cookies\index.dat O.L.& S.
C:\Documents and Settings\ROBERT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat O.L.& S.
C:\Documents and Settings\ROBERT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG O.L.& S.
C:\Documents and Settings\ROBERT\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\ROBERT\Local Settings\History\History.IE5\MSHist012007100620071007\index.dat O.L.& S.
C:\Documents and Settings\ROBERT\Local Settings\Temp\FFSAR12FG.tmp O.L.& S.
C:\Documents and Settings\ROBERT\Local Settings\Temp\MKJ42FG.tmp O.L.& S.
C:\Documents and Settings\ROBERT\Local Settings\Temp\Perflib_Perfdata_710.dat O.L.& S.
C:\Documents and Settings\ROBERT\Local Settings\Temp\~DF78CC.tmp O.L.& S.
C:\Documents and Settings\ROBERT\Local Settings\Temporary Internet Files\Content.IE5\index.dat O.L.& S.
C:\Documents and Settings\ROBERT\ntuser.dat O.L.& S.
C:\Documents and Settings\ROBERT\ntuser.dat.LOG O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\config\configuration\org.eclipse.core.runtime\.manager\.tmp28191.instance O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\ibdata1 O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\ib_logfile0 O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\ib_logfile1 O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhasset.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhassetcacheitem.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhassetversioncacheitem.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhlabel.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhlabeltoversion.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhmessage.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpqentry.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpublishlog.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpublishserver.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpublishstateitem.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhresult.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhreview.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhreviewcomment.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhrole.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhschemaversion.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhsequence.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhserverglobals.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhsettings.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhsettingssection.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhthumbnail.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhuser.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhuserrole.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhxmpmetadata.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhxmpproperty.ibd O.L.& S.
C:\Program Files\Adobe\Adobe Version Cue CS2\logs\VersionCue.log O.L.& S.
C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\MailBuddy.log Object is locked skipped
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023122.exe/file004 Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023122.exe Inno: infected - 1 skipped
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023124.exe/stream/data0002 Infected: not-a-virus:Downloader.Win32.Agent.q skipped
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023124.exe/stream Infected: not-a-virus:Downloader.Win32.Agent.q skipped
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023124.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023125.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023125.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023126.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023126.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP46\change.log Object is locked skipped
C:\WINDOWS\Debug\oakley.log O.L.& S.
C:\WINDOWS\Debug\PASSWD.LOG O.L.& S.
C:\WINDOWS\Internet Logs\fwdbglog.txt O.L.& S.
C:\WINDOWS\Internet Logs\fwpktlog.txt O.L.& S.
C:\WINDOWS\Internet Logs\IAMDB.RDB O.L.& S.
C:\WINDOWS\Internet Logs\PANIC.ldb O.L.& S.
C:\WINDOWS\Internet Logs\tvDebug.log O.L.& S.
C:\WINDOWS\SchedLgU.Txt O.L.& S.
C:\WINDOWS\system32\config\AppEvent.Evt O.L.& S.
C:\WINDOWS\system32\config\default O.L.& S.
C:\WINDOWS\system32\config\default.LOG O.L.& S.
C:\WINDOWS\system32\config\SAM O.L.& S.
C:\WINDOWS\system32\config\SAM.LOG O.L.& S.
C:\WINDOWS\system32\config\SecEvent.Evt O.L.& S.
C:\WINDOWS\system32\config\SECURITY O.L.& S.
C:\WINDOWS\system32\config\SECURITY.LOG O.L.& S.
C:\WINDOWS\system32\config\software O.L.& S.
C:\WINDOWS\system32\config\software.LOG O.L.& S.
C:\WINDOWS\system32\config\SysEvent.Evt O.L.& S.
C:\WINDOWS\system32\config\system O.L.& S.
C:\WINDOWS\system32\config\system.LOG O.L.& S.
C:\WINDOWS\system32\drivers\fidbox.dat O.L.& S.
C:\WINDOWS\system32\drivers\fidbox.idx O.L.& S.
C:\WINDOWS\system32\drivers\fidbox2.dat O.L.& S.
C:\WINDOWS\system32\drivers\fidbox2.idx O.L.& S.
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR O.L.& S.
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA O.L.& S.
C:\WINDOWS\Temp\hsperfdata_SYSTEM\1612 O.L.& S.
C:\WINDOWS\Temp\hsperfdata_SYSTEM\300 O.L.& S.
C:\WINDOWS\Temp\ib50 O.L.& S.
C:\WINDOWS\Temp\ib51 O.L.& S.
C:\WINDOWS\Temp\ib52 O.L.& S.
C:\WINDOWS\Temp\ZLT029bf.TMP O.L.& S.
C:\WINDOWS\Temp\ZLT029c6.TMP O.L.& S.
C:\WINDOWS\tsitra1000106.exe Infected: Trojan-Downloader.Win32.Agent.duy skipped
C:\WINDOWS\tsitra77.exe Infected: Trojan-Downloader.Win32.Agent.duy skipped
E:\System Volume Information\MountPointManagerRemoteDatabase O.L.& S.
E:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023121.exe/fsg-ag.exe Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped
E:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP45\A0023121.exe Vise: infected - 1 skipped
Scan process completed.
Originally Posted by __RiP_ChAiN_
